Исследование антивирусов 7

Printable View

Показывать 40 сообщений этой темы на одной странице

15.12.2008, 19:02
Pili

Src=C:\WINDOWS\system32\spool32.exe
Файл avz00001.dta получен 2008.12.15 16:50:28 (CET)
[CODE]AhnLab-V3 2008.12.15.3 2008.12.15 -
AntiVir 7.9.0.45 2008.12.15 -
Authentium 5.1.0.4 2008.12.14 -
[B]Avast 4.8.1281.0 2008.12.15 Win32:Oliga
AVG 8.0.0.199 2008.12.15 SHeur2.FKM[/B]
BitDefender 7.2 2008.12.15 -
[B]CAT-QuickHeal 10.00 2008.12.15 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2008.12.15 -
Comodo 754 2008.12.14 -
DrWeb 4.44.0.09170 2008.12.15 -
[B]eSafe 7.0.17.0 2008.12.15 Suspicious File[/B]
eTrust-Vet 31.6.6261 2008.12.15 -
Ewido 4.0 2008.12.15 -
F-Prot 4.4.4.56 2008.12.14 -
[B]F-Secure 8.0.14332.0 2008.12.15 Trojan.Win32.Monder.aaxz
Fortinet 3.117.0.0 2008.12.14 suspicious
GData 19 2008.12.15 Win32:Oliga[/B]
Ikarus T3.1.1.45.0 2008.12.15 -
K7AntiVirus 7.10.553 2008.12.13 -
[B]Kaspersky 7.0.0.125 2008.12.15 Trojan.Win32.Monder.aaxz
McAfee 5464 2008.12.14 New Malware.bx
McAfee+Artemis 5464 2008.12.14 New Malware.bx[/B]
Microsoft 1.4205 2008.12.15 -
NOD32 3692 2008.12.15 -
[B]Norman 5.80.02 2008.12.12 W32/Vundo.FQN
Panda 9.0.0.4 2008.12.15 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.15 -
Prevx1 V2 2008.12.15 -
Rising 21.08.02.00 2008.12.15 -
[B]SecureWeb-Gateway 6.7.6 2008.12.15 Win32.Malware.gen (suspicious)
Sophos 4.36.0 2008.12.15 Mal/EncPk-FS[/B]
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.15 -
TheHacker 6.3.1.4.188 2008.12.14 -
[B]TrendMicro 8.700.0.1004 2008.12.15 PAK_Generic.001[/B]
VBA32 3.12.8.10 2008.12.15 -
ViRobot 2008.12.15.1518 2008.12.15 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]

Дополнительная информация
File size: 140127 bytes
MD5...: e69dd9605856b2ee189e7ab3be0bc83d
16.12.2008, 11:37
Shu_b

File sdllib.dll received on 12.16.2008 08:58:38 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
AntiVir 7.9.0.45 2008.12.15 -
Authentium 5.1.0.4 2008.12.16 -
[B]Avast 4.8.1281.0 2008.12.15 Win32:Hexzone-U
AVG 8.0.0.199 2008.12.15 Adload_r.FF[/B]
BitDefender 7.2 2008.12.16 -
CAT-QuickHeal 10.00 2008.12.16 -
ClamAV 0.94.1 2008.12.16 -
Comodo 760 2008.12.15 -
[B]DrWeb 4.44.0.09170 2008.12.16 Trojan.Blackmailer.origin[/B]
eSafe 7.0.17.0 2008.12.15 -
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
[B]F-Prot 4.4.4.56 2008.12.15 W32/Hexzone.B.gen!Eldorado[/B]
F-Secure 8.0.14332.0 2008.12.16 -
Fortinet 3.117.0.0 2008.12.16 -
[B]GData 19 2008.12.16 Win32:Hexzone-U
Ikarus T3.1.1.45.0 2008.12.16 Trojan-Ransom.Win32.Hexzone[/B]
K7AntiVirus 7.10.554 2008.12.15 -
Kaspersky 7.0.0.125 2008.12.16 -
McAfee 5465 2008.12.15 -
McAfee+Artemis 5465 2008.12.15 -
Microsoft 1.4205 2008.12.16 -
NOD32 3694 2008.12.15 -
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
Prevx1 V2 2008.12.16 -
Rising 21.08.11.00 2008.12.16 -
SecureWeb-Gateway 6.7.6 2008.12.15 -
Sophos 4.36.0 2008.12.16 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 -
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
VBA32 3.12.8.10 2008.12.15 -
ViRobot 2008.12.16.1520 2008.12.16 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]
Additional information
File size: 316928 bytes
MD5...: 1263fba1d0e14cdabeb3ba4b5796792c

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

Src=c:\windows\system32\drivers\winlogon.exe
File winlogon.exe received on 12.16.2008 08:52:59 (CET)
[CODE]Antivirus Version Last Update Result
[B]AhnLab-V3 2008.12.16.2 2008.12.16 Win32/IRCBot.worm.variant[/B]
AntiVir 7.9.0.45 2008.12.15 -
[B]Authentium 5.1.0.4 2008.12.16 W32/Backdoor2.DGZN[/B]
Avast 4.8.1281.0 2008.12.15 -
[B]AVG 8.0.0.199 2008.12.15 Win32/Heur
BitDefender 7.2 2008.12.16 DeepScan:Generic.Sdbot.936847E5
CAT-QuickHeal 10.00 2008.12.16 Backdoor.SdBot.ifq
ClamAV 0.94.1 2008.12.16 Trojan.SdBot-9776[/B]
Comodo 760 2008.12.15 -
DrWeb 4.44.0.09170 2008.12.16 -
eSafe 7.0.17.0 2008.12.15 -
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
[B]F-Prot 4.4.4.56 2008.12.15 W32/Backdoor2.DGZN
F-Secure 8.0.14332.0 2008.12.16 Suspicious:W32/Malware!Gemini[/B]
Fortinet 3.117.0.0 2008.12.16 -
[B]GData 19 2008.12.16 DeepScan:Generic.Sdbot.936847E5[/B]
Ikarus T3.1.1.45.0 2008.12.16 -
K7AntiVirus 7.10.554 2008.12.15 -
Kaspersky 7.0.0.125 2008.12.16 -
[B]McAfee 5465 2008.12.15 New Poly Win32
McAfee+Artemis 5465 2008.12.15 New Poly Win32
Microsoft 1.4205 2008.12.16 Exploit:Win32/Lsass.gen
NOD32 3694 2008.12.15 probably a variant of Win32/Packed.Themida[/B]
Norman 5.80.02 2008.12.15 -
[B]Panda 9.0.0.4 2008.12.15 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.15 -
Prevx1 V2 2008.12.16 -
Rising 21.08.11.00 2008.12.16 -
[B]SecureWeb-Gateway 6.7.6 2008.12.15 Win32.Malware.gen!84 (suspicious)
Sophos 4.36.0 2008.12.16 Sus/UnkPacker[/B]
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 -
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
VBA32 3.12.8.10 2008.12.15 -
[B]ViRobot 2008.12.16.1520 2008.12.16 Backdoor.Win32.IRCBot.709632
VirusBuster 4.5.11.0 2008.12.15 Backdoor.SdBot.ACTL[/B][/CODE]
Additional information
File size: 709632 bytes
MD5...: 3e1923216a98a3624ae0d311293bd47e

[size="1"][color="#666686"][B][I]Добавлено через 17 минут[/I][/B][/color][/size]

File rs32net.exe received on 12.16.2008 09:13:38 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
[B]AntiVir 7.9.0.45 2008.12.15 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2008.12.16 -
Avast 4.8.1281.0 2008.12.15 -
AVG 8.0.0.199 2008.12.15 -
BitDefender 7.2 2008.12.16 -
CAT-QuickHeal 10.00 2008.12.16 -
ClamAV 0.94.1 2008.12.16 -
Comodo 760 2008.12.15 -
DrWeb 4.44.0.09170 2008.12.16 -
eSafe 7.0.17.0 2008.12.15 -
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
F-Prot 4.4.4.56 2008.12.15 -
[B]F-Secure 8.0.14332.0 2008.12.16 Trojan.Win32.Agent.avhd[/B]
Fortinet 3.117.0.0 2008.12.16 -
GData 19 2008.12.16 -
[B]Ikarus T3.1.1.45.0 2008.12.16 Trojan.Win32.Agent[/B]
K7AntiVirus 7.10.554 2008.12.15 -
[B]Kaspersky 7.0.0.125 2008.12.16 Trojan.Win32.Agent.avhd[/B]
McAfee 5465 2008.12.15 -
[B]McAfee+Artemis 5465 2008.12.15 Generic!Artemis[/B]
Microsoft 1.4205 2008.12.16 -
NOD32 3694 2008.12.15 -
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
[B]Prevx1 V2 2008.12.16 Cloaked Malware[/B]
Rising 21.08.11.00 2008.12.16 -
[B]SecureWeb-Gateway 6.7.6 2008.12.15 Trojan.Dropper.Gen[/B]
Sophos 4.36.0 2008.12.16 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 -
[B]TheHacker 6.3.1.4.189 2008.12.16 Trojan/Agent.avhd[/B]
TrendMicro 8.700.0.1004 2008.12.16 -
[B]VBA32 3.12.8.10 2008.12.15 Malware-Cryptor.Win32.Kefir[/B]
ViRobot 2008.12.16.1520 2008.12.16 -
[B]VirusBuster 4.5.11.0 2008.12.15 Trojan.DR.Protector.A[/B][/CODE]
Additional information
File size: 22528 bytes
MD5...: 7e19ef46397d95497f30432cda342046

[size="1"][color="#666686"][B][I]Добавлено через 7 минут[/I][/B][/color][/size]

File ~tmpc.exe received on 12.16.2008 09:13:08 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
AntiVir 7.9.0.45 2008.12.15 -
Authentium 5.1.0.4 2008.12.16 -
Avast 4.8.1281.0 2008.12.15 -
[B]AVG 8.0.0.199 2008.12.15 Win32/Cryptor[/B]
BitDefender 7.2 2008.12.16 -
[B]CAT-QuickHeal 10.00 2008.12.16 TrojanDownloader.Agent.gen[/B]
ClamAV 0.94.1 2008.12.16 -
[B]Comodo 760 2008.12.15 TrojWare.Win32.Trojan.Agent.~[/B]
DrWeb 4.44.0.09170 2008.12.16 -
eSafe 7.0.17.0 2008.12.15 -
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
F-Prot 4.4.4.56 2008.12.15 -
F-Secure 8.0.14332.0 2008.12.16 -
Fortinet 3.117.0.0 2008.12.16 -
GData 19 2008.12.16 -
Ikarus T3.1.1.45.0 2008.12.16 -
K7AntiVirus 7.10.554 2008.12.15 -
[B]Kaspersky 7.0.0.125 2008.12.16 Trojan.Win32.FraudPack.hws[/B]
McAfee 5465 2008.12.15 -
McAfee+Artemis 5465 2008.12.15 -
[B]Microsoft 1.4205 2008.12.16 TrojanDownloader:Win32/Renos.FM
NOD32 3694 2008.12.15 a variant of Win32/Kryptik.CU[/B]
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
[B]Prevx1 V2 2008.12.16 Malware Downloader[/B]
Rising 21.08.11.00 2008.12.16 -
[B]SecureWeb-Gateway 6.7.6 2008.12.15 Trojan.LooksLike.Proxy[/B]
Sophos 4.36.0 2008.12.16 -
Sunbelt 3.2.1801.2 2008.12.11 -
[B]Symantec 10 2008.12.16 Trojan Horse[/B]
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
VBA32 3.12.8.10 2008.12.15 -
ViRobot 2008.12.16.1520 2008.12.16 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]
Additional information
File size: 81920 bytes
MD5...: edeea2b8b2a6e9de437cf05e4039bbbe

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File ~tmpb.exe received on 12.16.2008 09:12:41 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
[B]AntiVir 7.9.0.45 2008.12.15 TR/FraudPack.huv[/B]
Authentium 5.1.0.4 2008.12.16 -
Avast 4.8.1281.0 2008.12.15 -
[B]AVG 8.0.0.199 2008.12.15 Win32/Cryptor[/B]
BitDefender 7.2 2008.12.16 -
[B]CAT-QuickHeal 10.00 2008.12.16 TrojanDownloader.Agent.gen[/B]
ClamAV 0.94.1 2008.12.16 -
Comodo 760 2008.12.15 -
DrWeb 4.44.0.09170 2008.12.16 -
eSafe 7.0.17.0 2008.12.15 -
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
F-Prot 4.4.4.56 2008.12.14 -
F-Secure 8.0.14332.0 2008.12.16 -
Fortinet 3.117.0.0 2008.12.16 -
GData 19 2008.12.16 -
Ikarus T3.1.1.45.0 2008.12.16 -
K7AntiVirus 7.10.554 2008.12.15 -
[B]Kaspersky 7.0.0.125 2008.12.16 Trojan.Win32.FraudPack.hvz[/B]
McAfee 5465 2008.12.15 -
McAfee+Artemis 5465 2008.12.15 -
[B]Microsoft 1.4205 2008.12.16 TrojanDownloader:Win32/Renos.DZ
NOD32 3694 2008.12.15 a variant of Win32/Kryptik.CU[/B]
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
Prevx1 V2 2008.12.16 -
Rising 21.08.11.00 2008.12.16 -
[B]SecureWeb-Gateway 6.7.6 2008.12.15 Trojan.FraudPack.huv[/B]
Sophos 4.36.0 2008.12.16 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 Downloader
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
VBA32 3.12.8.10 2008.12.15 -
ViRobot 2008.12.16.1520 2008.12.16 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]
Additional information
File size: 86020 bytes
MD5...: 047f6fce96752b7d991c4cc178936a7a

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File userinit.exe received on 12.16.2008 09:12:11 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
AntiVir 7.9.0.45 2008.12.15 -
Authentium 5.1.0.4 2008.12.16 -
Avast 4.8.1281.0 2008.12.15 -
AVG 8.0.0.199 2008.12.15 -
BitDefender 7.2 2008.12.16 -
CAT-QuickHeal 10.00 2008.12.16 -
ClamAV 0.94.1 2008.12.16 -
Comodo 760 2008.12.15 -
DrWeb 4.44.0.09170 2008.12.16 -
[B]eSafe 7.0.17.0 2008.12.15 Suspicious File[/B]
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
F-Prot 4.4.4.56 2008.12.15 -
F-Secure 8.0.14332.0 2008.12.16 -
Fortinet 3.117.0.0 2008.12.16 -
GData 19 2008.12.16 -
Ikarus T3.1.1.45.0 2008.12.16 -
K7AntiVirus 7.10.554 2008.12.15 -
Kaspersky 7.0.0.125 2008.12.16 -
McAfee 5465 2008.12.15 -
McAfee+Artemis 5465 2008.12.15 -
Microsoft 1.4205 2008.12.16 -
NOD32 3694 2008.12.15 -
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
[B]Prevx1 V2 2008.12.16 Cloaked Malware[/B]
Rising 21.08.11.00 2008.12.16 -
SecureWeb-Gateway 6.7.6 2008.12.15 -
Sophos 4.36.0 2008.12.16 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 -
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
[B]VBA32 3.12.8.10 2008.12.15 suspected of Malware-Cryptor.Win32.General.4[/B]
ViRobot 2008.12.16.1520 2008.12.16 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]
Additional information
File size: 32768 bytes
MD5...: d57614424f0b8ce32c238195eece7586

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File svchost.exe received on 12.16.2008 09:11:53 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
AntiVir 7.9.0.45 2008.12.15 -
Authentium 5.1.0.4 2008.12.16 -
Avast 4.8.1281.0 2008.12.15 -
AVG 8.0.0.199 2008.12.15 -
BitDefender 7.2 2008.12.16 -
CAT-QuickHeal 10.00 2008.12.16 -
ClamAV 0.94.1 2008.12.16 -
Comodo 760 2008.12.15 -
DrWeb 4.44.0.09170 2008.12.16 -
[B]eSafe 7.0.17.0 2008.12.15 Suspicious File[/B]
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
F-Prot 4.4.4.56 2008.12.15 -
F-Secure 8.0.14332.0 2008.12.16 -
Fortinet 3.117.0.0 2008.12.16 -
GData 19 2008.12.16 -
Ikarus T3.1.1.45.0 2008.12.16 -
K7AntiVirus 7.10.554 2008.12.15 -
[B]Kaspersky 7.0.0.125 2008.12.16 P2P-Worm.Win32.Agent.hw[/B]
McAfee 5465 2008.12.15 -
McAfee+Artemis 5465 2008.12.15 -
Microsoft 1.4205 2008.12.16 -
NOD32 3694 2008.12.15 -
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
[B]Prevx1 V2 2008.12.16 Cloaked Malware[/B]
Rising 21.08.11.00 2008.12.16 -
SecureWeb-Gateway 6.7.6 2008.12.15 -
Sophos 4.36.0 2008.12.16 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 -
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
[b]VBA32 3.12.8.10 2008.12.15 suspected of Malware-Cryptor.Win32.General.3[/b]
ViRobot 2008.12.16.1520 2008.12.16 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]
Additional information
File size: 31744 bytes
MD5...: 9c8adb9f7f66f0a88ca866b993f42c22

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File ntndis.exe received on 12.16.2008 09:10:23 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.16.2 2008.12.16 -
[B]AntiVir 7.9.0.45 2008.12.15 TR/Crypt.XPACK.Gen
Authentium 5.1.0.4 2008.12.16 W32/LdPinch.N.gen!Eldorado[/B]
Avast 4.8.1281.0 2008.12.15 -
[B]AVG 8.0.0.199 2008.12.15 Worm/AutoRun.CL
BitDefender 7.2 2008.12.16 GenPack:Backdoor.SDBot.DETV[/B]
CAT-QuickHeal 10.00 2008.12.16 -
ClamAV 0.94.1 2008.12.16 -
Comodo 760 2008.12.15 -
DrWeb 4.44.0.09170 2008.12.16 -
[B]eSafe 7.0.17.0 2008.12.15 Suspicious File[/B]
eTrust-Vet 31.6.6262 2008.12.16 -
Ewido 4.0 2008.12.15 -
[B]F-Prot 4.4.4.56 2008.12.14 W32/LdPinch.N.gen!Eldorado
F-Secure 8.0.14332.0 2008.12.16 Suspicious:W32/Malware!Gemini
Fortinet 3.117.0.0 2008.12.16 suspicious
GData 19 2008.12.16 GenPack:Backdoor.SDBot.DETV[/B]
Ikarus T3.1.1.45.0 2008.12.16 -
K7AntiVirus 7.10.554 2008.12.15 -
Kaspersky 7.0.0.125 2008.12.16 -
McAfee 5465 2008.12.15 -
McAfee+Artemis 5465 2008.12.15 -
Microsoft 1.4205 2008.12.16 -
NOD32 3694 2008.12.15 -
Norman 5.80.02 2008.12.15 -
Panda 9.0.0.4 2008.12.15 -
PCTools 4.4.2.0 2008.12.15 -
Prevx1 V2 2008.12.16 -
Rising 21.08.11.00 2008.12.16 -
[B]SecureWeb-Gateway 6.7.6 2008.12.15 Trojan.Crypt.XPACK.Gen
Sophos 4.36.0 2008.12.16 Mal/Basine-C[/B]
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.16 -
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.16 -
VBA32 3.12.8.10 2008.12.15 -
ViRobot 2008.12.16.1520 2008.12.16 -
VirusBuster 4.5.11.0 2008.12.15 -[/CODE]
Additional information
File size: 40107 bytes
MD5...: 70ca8199611e79ed9b1422e0df83f628
17.12.2008, 17:25
Shu_b

File KB908665.exe received on 12.17.2008 15:21:39 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.17 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2008.12.17 -
[B]Avast 4.8.1281.0 2008.12.17 Win32:Trojan-gen {Other}
AVG 8.0.0.199 2008.12.17 Win32/Heur
BitDefender 7.2 2008.12.17 Trojan.Dropper.Kobcka.FE[/B]
CAT-QuickHeal 10.00 2008.12.17 -
ClamAV 0.94.1 2008.12.17 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
eSafe 7.0.17.0 2008.12.16 -
eTrust-Vet 31.6.6265 2008.12.17 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
F-Secure 8.0.14332.0 2008.12.17 -
Fortinet 3.117.0.0 2008.12.17 -
[B]GData 19 2008.12.17 Trojan.Dropper.Kobcka.FE[/B]
Ikarus T3.1.1.45.0 2008.12.17 -
K7AntiVirus 7.10.556 2008.12.17 -
Kaspersky 7.0.0.125 2008.12.17 -
McAfee 5466 2008.12.16 -
[B]McAfee+Artemis 5466 2008.12.16 Generic!Artemis[/B]
Microsoft 1.4205 2008.12.17 -
[B]NOD32 3698 2008.12.17 a variant of Win32/Wigon[/B]
Norman 5.80.02 2008.12.16 -
Panda 9.0.0.4 2008.12.17 -
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.17 -
Rising 21.08.22.00 2008.12.17 -
[B]SecureWeb-Gateway 6.7.6 2008.12.17 Trojan.Dropper.Gen[/B]
Sophos 4.37.0 2008.12.17 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.17 -
TheHacker 6.3.1.4.189 2008.12.16 -
TrendMicro 8.700.0.1004 2008.12.17 -
VBA32 3.12.8.10 2008.12.16 -
ViRobot 2008.12.17.1523 2008.12.17 -
VirusBuster 4.5.11.0 2008.12.16 -[/CODE]
Additional information
File size: 14848 bytes
MD5...: 9d874acad44489cbf918882a696e9ff4
18.12.2008, 10:14
Pili

Файл services.exe получен 2008.12.18 08:11:07 (CET)

[CODE]AhnLab-V3 2008.12.17.3 2008.12.18 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2008.12.18 -
[B]Avast 4.8.1281.0 2008.12.17 Win32:Crypt-DGD
AVG 8.0.0.199 2008.12.17 BackDoor.Generic_r.EA
BitDefender 7.2 2008.12.18 Trojan.Spammer.Tedroo.AV
CAT-QuickHeal 10.00 2008.12.18 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
eSafe 7.0.17.0 2008.12.17 -
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
F-Secure 8.0.14332.0 2008.12.18 -
Fortinet 3.117.0.0 2008.12.18 -
[B]GData 19 2008.12.18 Win32:Crypt-DGD[/B]
Ikarus T3.1.1.45.0 2008.12.18 -
K7AntiVirus 7.10.556 2008.12.17 -
Kaspersky 7.0.0.125 2008.12.18 -
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
Microsoft 1.4205 2008.12.18 -
[B]NOD32 3700 2008.12.17 a variant of Win32/Injector.DO[/B]
Norman 5.80.02 2008.12.17 -
Panda 9.0.0.4 2008.12.18 -
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.18 -
Rising 21.08.30.00 2008.12.18 -
[B]SecureWeb-Gateway 6.7.6 2008.12.17 Trojan.Dropper.Gen[/B]
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Дополнительная информация
File size: 42496 bytes
MD5...: d059090e5fd545e21eaf6f4f0971555e
18.12.2008, 10:49
Shu_b

File rs32net.exe received on 12.18.2008 08:32:15 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.17 -
AVG 8.0.0.199 2008.12.17 -
BitDefender 7.2 2008.12.18 -
CAT-QuickHeal 10.00 2008.12.18 -
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
eSafe 7.0.17.0 2008.12.17 -
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
F-Secure 8.0.14332.0 2008.12.18 -
Fortinet 3.117.0.0 2008.12.18 -
GData 19 2008.12.18 -
Ikarus T3.1.1.45.0 2008.12.18 -
K7AntiVirus 7.10.556 2008.12.17 -
Kaspersky 7.0.0.125 2008.12.18 -
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
Microsoft 1.4205 2008.12.18 -
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
Panda 9.0.0.4 2008.12.17 -
PCTools 4.4.2.0 2008.12.17 -
[B]Prevx1 V2 2008.12.18 Cloaked Malware[/B]
Rising 21.08.30.00 2008.12.18 -
[B]SecureWeb-Gateway 6.7.6 2008.12.18 Trojan.Dropper.Gen[/B]
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 22528 bytes
MD5...: 3f57bfc5720636570e8d6aebac6f207b

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File vqolquurbqr.dll received on 12.18.2008 08:28:36 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
AntiVir 7.9.0.45 2008.12.17 -
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.17 -
AVG 8.0.0.199 2008.12.17 -
BitDefender 7.2 2008.12.18 -
CAT-QuickHeal 10.00 2008.12.18 -
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
eSafe 7.0.17.0 2008.12.17 -
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
F-Secure 8.0.14332.0 2008.12.18 -
Fortinet 3.117.0.0 2008.12.18 -
GData 19 2008.12.18 -
Ikarus T3.1.1.45.0 2008.12.18 -
K7AntiVirus 7.10.556 2008.12.17 -
Kaspersky 7.0.0.125 2008.12.18 -
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
Microsoft 1.4205 2008.12.18 -
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
Panda 9.0.0.4 2008.12.17 -
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.18 -
Rising 21.08.30.00 2008.12.18 -
SecureWeb-Gateway 6.7.6 2008.12.18 -
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 384512 bytes
MD5...: 552c752e717efcd9bda0e75e59195c10

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File winhelp32.exe received on 12.18.2008 08:22:44 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
AntiVir 7.9.0.45 2008.12.17 -
[B]Authentium 5.1.0.4 2008.12.18 W32/NaviPromo.B.gen!Eldorado[/B]
Avast 4.8.1281.0 2008.12.17 -
AVG 8.0.0.199 2008.12.17 -
BitDefender 7.2 2008.12.18 -
[B]CAT-QuickHeal 10.00 2008.12.18 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
[B]eSafe 7.0.17.0 2008.12.17 Suspicious File[/B]
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
[B]F-Prot 4.4.4.56 2008.12.17 W32/NaviPromo.B.gen!Eldorado
F-Secure 8.0.14332.0 2008.12.18 Trojan-Dropper.Win32.Agent.abph
Fortinet 3.117.0.0 2008.12.18 W32/Agent.ABPH!tr[/B]
GData 19 2008.12.18 -
[B]Ikarus T3.1.1.45.0 2008.12.18 Trojan-Dropper.Agent[/B]
K7AntiVirus 7.10.556 2008.12.17 -
[B]Kaspersky 7.0.0.125 2008.12.18 Trojan-Dropper.Win32.Agent.abph[/B]
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
Microsoft 1.4205 2008.12.18 -
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
[B]Panda 9.0.0.4 2008.12.18 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.18 -
Rising 21.08.30.00 2008.12.18 -
SecureWeb-Gateway 6.7.6 2008.12.18 -
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 359944 bytes

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File tdll.dll received on 12.18.2008 08:22:30 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.0.4 2008.12.18 -
[B]Avast 4.8.1281.0 2008.12.17 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.199 2008.12.17 -
[B]BitDefender 7.2 2008.12.18 Trojan.Inject.IA[/B]
CAT-QuickHeal 10.00 2008.12.18 -
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
[B]eSafe 7.0.17.0 2008.12.17 Suspicious File[/B]
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
[B]F-Secure 8.0.14332.0 2008.12.18 Trojan.Win32.Inject.lmo[/B]
Fortinet 3.117.0.0 2008.12.18 -
[B]GData 19 2008.12.18 Trojan.Inject.IA
Ikarus T3.1.1.45.0 2008.12.18 Spammer[/B]
K7AntiVirus 7.10.556 2008.12.17 -
[B]Kaspersky 7.0.0.125 2008.12.18 Trojan.Win32.Inject.lmo[/B]
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
[B]Microsoft 1.4205 2008.12.18 Spammer:Win32/Cutwail.gen!B[/B]
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
Panda 9.0.0.4 2008.12.18 -
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.18 -
Rising 21.08.30.00 2008.12.18 -
[B]SecureWeb-Gateway 6.7.6 2008.12.18 Trojan.Crypt.XPACK.Gen[/B]
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 67194 bytes
MD5...: d3a053084671cb4eb145b248aab4e7a3

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File vmmreg32.dll received on 12.18.2008 08:22:13 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/Drop.Agent.abph[/B]
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.17 -
AVG 8.0.0.199 2008.12.17 -
BitDefender 7.2 2008.12.18 -
CAT-QuickHeal 10.00 2008.12.18 -
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
[B]eSafe 7.0.17.0 2008.12.17 Suspicious File[/B]
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
[B]F-Secure 8.0.14332.0 2008.12.18 Trojan-Dropper.Win32.Agent.abph
Fortinet 3.117.0.0 2008.12.18 W32/Agent.ABPH!tr[/B]
GData 19 2008.12.18 -
[B]Ikarus T3.1.1.45.0 2008.12.18 Trojan-Dropper.Agent[/B]
K7AntiVirus 7.10.556 2008.12.17 -
[B]Kaspersky 7.0.0.125 2008.12.18 Trojan-Dropper.Win32.Agent.abph[/B]
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
Microsoft 1.4205 2008.12.18 -
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
[B]Panda 9.0.0.4 2008.12.17 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.18 -
Rising 21.08.30.00 2008.12.18 -
[B]SecureWeb-Gateway 6.7.6 2008.12.18 Trojan.Drop.Agent.abph[/B]
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 219144 bytes
MD5...: 0f06783162341a6f3fe0fba25f310215

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File vmi386.sys received on 12.18.2008 08:21:22 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2008.12.18 -
[B]Avast 4.8.1281.0 2008.12.17 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.199 2008.12.17 -
BitDefender 7.2 2008.12.18 -
CAT-QuickHeal 10.00 2008.12.18 -
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
[B]DrWeb 4.44.0.09170 2008.12.17 Trojan.Packed.1228[/B]
eSafe 7.0.17.0 2008.12.17 -
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
[B]F-Secure 8.0.14332.0 2008.12.18 Trojan.Win32.Pakes.mfj[/B]
Fortinet 3.117.0.0 2008.12.18 -
[B]GData 19 2008.12.18 Win32:Trojan-gen {Other}
Ikarus T3.1.1.45.0 2008.12.18 Trojan.Win32.Pakes[/B]
K7AntiVirus 7.10.556 2008.12.17 -
[B]Kaspersky 7.0.0.125 2008.12.18 Trojan.Win32.Pakes.mfj[/B]
McAfee 5467 2008.12.17 -
[B]McAfee+Artemis 5467 2008.12.17 Generic!Artemis[/B]
Microsoft 1.4205 2008.12.18 -
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
Panda 9.0.0.4 2008.12.18 -
PCTools 4.4.2.0 2008.12.17 -
[B]Prevx1 V2 2008.12.18 Malicious Software[/B]
Rising 21.08.30.00 2008.12.18 -
[B]SecureWeb-Gateway 6.7.6 2008.12.18 Trojan.Dropper.Gen[/B]
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 72736 bytes
MD5...: 09e2f34eb7b0872159ba3fe16b23145f

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File VIDEO.sys received on 12.18.2008 08:21:58 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.17.3 2008.12.18 -
[B]AntiVir 7.9.0.45 2008.12.17 TR/PSW.Agent.lii[/B]
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.17 -
AVG 8.0.0.199 2008.12.17 -
BitDefender 7.2 2008.12.18 -
CAT-QuickHeal 10.00 2008.12.18 -
ClamAV 0.94.1 2008.12.18 -
Comodo 771 2008.12.17 -
DrWeb 4.44.0.09170 2008.12.17 -
eSafe 7.0.17.0 2008.12.17 -
eTrust-Vet 31.6.6266 2008.12.18 -
Ewido 4.0 2008.12.17 -
F-Prot 4.4.4.56 2008.12.17 -
[B]F-Secure 8.0.14332.0 2008.12.18 Trojan-PSW.Win32.Agent.lii
Fortinet 3.117.0.0 2008.12.18 W32/Agent.LII!tr.pws[/B]
GData 19 2008.12.18 -
[B]Ikarus T3.1.1.45.0 2008.12.18 Trojan-PWS.Win32.Agent[/B]
K7AntiVirus 7.10.556 2008.12.17 -
[B]Kaspersky 7.0.0.125 2008.12.18 Trojan-PSW.Win32.Agent.lii[/B]
McAfee 5467 2008.12.17 -
McAfee+Artemis 5467 2008.12.17 -
Microsoft 1.4205 2008.12.18 -
NOD32 3700 2008.12.17 -
Norman 5.80.02 2008.12.17 -
Panda 9.0.0.4 2008.12.18 -
PCTools 4.4.2.0 2008.12.17 -
Prevx1 V2 2008.12.18 -
Rising 21.08.30.00 2008.12.18 -
[B]SecureWeb-Gateway 6.7.6 2008.12.18 Trojan.PSW.Agent.lii[/B]
Sophos 4.37.0 2008.12.18 -
Sunbelt 3.2.1801.2 2008.12.10 -
Symantec 10 2008.12.18 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.18 -
VBA32 3.12.8.10 2008.12.17 -
ViRobot 2008.12.18.1524 2008.12.18 -
VirusBuster 4.5.11.0 2008.12.17 -[/CODE]
Additional information
File size: 28416 bytes
MD5...: f41dde69903b4a1279e8e52308f41339
19.12.2008, 11:51
Shu_b

File disc32.dll received on 12.19.2008 08:24:01 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.19.0 2008.12.19 -
AntiVir 7.9.0.45 2008.12.19 -
[B]Authentium 5.1.0.4 2008.12.18 W32/Heuristic-VFM!Eldorado[/B]
Avast 4.8.1281.0 2008.12.18 -
AVG 8.0.0.199 2008.12.18 -
BitDefender 7.2 2008.12.19 -
CAT-QuickHeal 10.00 2008.12.19 -
ClamAV 0.94.1 2008.12.18 -
Comodo 780 2008.12.19 -
DrWeb 4.44.0.09170 2008.12.18 -
[B]eSafe 7.0.17.0 2008.12.18 Suspicious File[/B]
eTrust-Vet 31.6.6268 2008.12.18 -
Ewido 4.0 2008.12.18 -
[B]F-Prot 4.4.4.56 2008.12.18 W32/Heuristic-VFM!Eldorado
F-Secure 8.0.14332.0 2008.12.19 Worm.Win32.AutoRun.uwl[/B]
Fortinet 3.117.0.0 2008.12.19 -
GData 19 2008.12.19 -
[B]Ikarus T3.1.1.45.0 2008.12.19 Backdoor.Win32.Bandok[/B]
K7AntiVirus 7.10.557 2008.12.18 -
[B]Kaspersky 7.0.0.125 2008.12.19 Worm.Win32.AutoRun.uwl[/B]
McAfee 5468 2008.12.18 -
McAfee+Artemis 5468 2008.12.18 -
Microsoft 1.4205 2008.12.19 -
NOD32 3704 2008.12.18 -
Norman 5.80.02 2008.12.18 -
Panda 9.0.0.4 2008.12.19 -
PCTools 4.4.2.0 2008.12.18 -
Prevx1 V2 2008.12.19 -
Rising 21.08.40.00 2008.12.19 -
[B]SecureWeb-Gateway 6.7.6 2008.12.19 Win32.Malware.gen#UPX (suspicious)[/B]
Sophos 4.37.0 2008.12.19 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.19 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.19 -
VBA32 3.12.8.10 2008.12.18 -
ViRobot 2008.12.18.1526 2008.12.19 -
VirusBuster 4.5.11.0 2008.12.18 -[/CODE]
Additional information
File size: 14336 bytes
MD5...: c93c8279540aed5051d85b94d95b855d

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File winlogon.exe received on 12.19.2008 08:50:29 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.19.0 2008.12.19 -
AntiVir 7.9.0.45 2008.12.19 -
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.18 -
AVG 8.0.0.199 2008.12.18 -
BitDefender 7.2 2008.12.19 -
CAT-QuickHeal 10.00 2008.12.19 -
ClamAV 0.94.1 2008.12.18 -
Comodo 780 2008.12.19 -
DrWeb 4.44.0.09170 2008.12.18 -
eSafe 7.0.17.0 2008.12.18 -
eTrust-Vet 31.6.6268 2008.12.18 -
Ewido 4.0 2008.12.18 -
F-Prot 4.4.4.56 2008.12.18 -
F-Secure 8.0.14332.0 2008.12.19 -
Fortinet 3.117.0.0 2008.12.19 -
GData 19 2008.12.19 -
Ikarus T3.1.1.45.0 2008.12.19 -
K7AntiVirus 7.10.557 2008.12.18 -
[B]Kaspersky 7.0.0.125 2008.12.19 Trojan-Proxy.Win32.Delf.ki
McAfee 5468 2008.12.18 New Malware.gr
McAfee+Artemis 5468 2008.12.18 New Malware.gr[/B]
Microsoft 1.4205 2008.12.19 -
NOD32 3704 2008.12.18 -
Norman 5.80.02 2008.12.18 -
[B]Panda 9.0.0.4 2008.12.19 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.18 -
[B]Prevx1 V2 2008.12.19 Malicious Software[/B]
Rising 21.08.40.00 2008.12.19 -
SecureWeb-Gateway 6.7.6 2008.12.19 -
Sophos 4.37.0 2008.12.19 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.19 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.19 -
VBA32 3.12.8.10 2008.12.18 -
ViRobot 2008.12.18.1526 2008.12.19 -
VirusBuster 4.5.11.0 2008.12.18 -[/CODE]
Additional information
File size: 712704 bytes
MD5...: dcac5a14860babc1d3ed514b73467a68

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File xxyxVlJd.dll received on 12.19.2008 09:04:13 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.19.0 2008.12.19 -
[B]AntiVir 7.9.0.45 2008.12.19 TR/Vundo.Gen.6.23[/B]
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.18 -
[B]AVG 8.0.0.199 2008.12.18 Vundo.CK
BitDefender 7.2 2008.12.19 Trojan.Vundo.Gen.6[/B]
CAT-QuickHeal 10.00 2008.12.19 -
ClamAV 0.94.1 2008.12.18 -
Comodo 780 2008.12.19 -
[B]DrWeb 4.44.0.09170 2008.12.18 Trojan.Virtumod.855[/B]
eSafe 7.0.17.0 2008.12.18 -
[B]eTrust-Vet 31.6.6268 2008.12.18 Win32/Vundo!generic[/B]
Ewido 4.0 2008.12.18 -
[B]F-Prot 4.4.4.56 2008.12.18 W32/Virtumonde.AC.gen!Eldorado
F-Secure 8.0.14332.0 2008.12.19 Trojan:W32/Vundo.EL[/B]
Fortinet 3.117.0.0 2008.12.19 -
[B]GData 19 2008.12.19 Trojan.Vundo.Gen.6[/B]
Ikarus T3.1.1.45.0 2008.12.19 -
K7AntiVirus 7.10.557 2008.12.18 -
Kaspersky 7.0.0.125 2008.12.19 -
McAfee 5468 2008.12.18 -
McAfee+Artemis 5468 2008.12.18 -
[B]Microsoft 1.4205 2008.12.19 Trojan:Win32/Vundo.gen!R
NOD32 3704 2008.12.18 Win32/Adware.Virtumonde.FP[/B]
Norman 5.80.02 2008.12.18 -
Panda 9.0.0.4 2008.12.19 -
PCTools 4.4.2.0 2008.12.18 -
Prevx1 V2 2008.12.19 -
[B]Rising 21.08.41.00 2008.12.19 Trojan.Win32.VUNDO.cbw
SecureWeb-Gateway 6.7.6 2008.12.19 Trojan.Vundo.Gen.6.23[/B]
Sophos 4.37.0 2008.12.19 -
Sunbelt 3.2.1801.2 2008.12.11 -
[B]Symantec 10 2008.12.19 Packed.Generic.203[/B]
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.19 -
VBA32 3.12.8.10 2008.12.18 -
ViRobot 2008.12.18.1526 2008.12.19 -
VirusBuster 4.5.11.0 2008.12.18 -[/CODE]
Additional information
File size: 235520 bytes
MD5...: 0970f7b9d3927f6b93c8ceb1312a00f8

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File winscenter.exe received on 12.19.2008 09:22:23 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.19.0 2008.12.19 -
AntiVir 7.9.0.45 2008.12.19 -
Authentium 5.1.0.4 2008.12.18 -
Avast 4.8.1281.0 2008.12.18 -
[B]AVG 8.0.0.199 2008.12.18 Win32/Cryptor[/B]
BitDefender 7.2 2008.12.19 -
[B]CAT-QuickHeal 10.00 2008.12.19 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2008.12.18 -
Comodo 780 2008.12.19 -
DrWeb 4.44.0.09170 2008.12.18 -
eSafe 7.0.17.0 2008.12.18 -
eTrust-Vet 31.6.6268 2008.12.18 -
Ewido 4.0 2008.12.18 -
F-Prot 4.4.4.56 2008.12.18 -
F-Secure 8.0.14332.0 2008.12.19 -
Fortinet 3.117.0.0 2008.12.19 -
GData 19 2008.12.19 -
[B]Ikarus T3.1.1.45.0 2008.12.19 Rootkit.Win32.TDSS[/B]
K7AntiVirus 7.10.557 2008.12.18 -
Kaspersky 7.0.0.125 2008.12.19 -
McAfee 5468 2008.12.18 -
[B]McAfee+Artemis 5468 2008.12.18 Generic!Artemis[/B]
Microsoft 1.4205 2008.12.19 -
NOD32 3704 2008.12.18 -
Norman 5.80.02 2008.12.18 -
Panda 9.0.0.4 2008.12.19 -
PCTools 4.4.2.0 2008.12.18 -
[B]Prevx1 V2 2008.12.19 Malicious Software[/B]
Rising 21.08.41.00 2008.12.19 -
SecureWeb-Gateway 6.7.6 2008.12.19 -
[B]Sophos 4.37.0 2008.12.19 Mal/EncPk-CZ[/B]
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.19 -
TheHacker 6.3.1.4.191 2008.12.17 -
[B]TrendMicro 8.700.0.1004 2008.12.19 TROJ_FAKEAV.AEA[/B]
VBA32 3.12.8.10 2008.12.18 -
ViRobot 2008.12.18.1526 2008.12.19 -
VirusBuster 4.5.11.0 2008.12.18 -[/CODE]
Additional information
File size: 384512 bytes
MD5...: a69de673a56ee3c21f40f3775ea05842

[size="1"][color="#666686"][B][I]Добавлено через 5 минут[/I][/B][/color][/size]

File kqozsbo.sys received on 12.19.2008 09:48:59 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.19.0 2008.12.19 -
[B]AntiVir 7.9.0.45 2008.12.19 TR/Rootkit.Gen[/B]
Authentium 5.1.0.4 2008.12.18 -
[B]Avast 4.8.1281.0 2008.12.18 Win32:Rootkit-gen
AVG 8.0.0.199 2008.12.18 DDoS.K[/B]
BitDefender 7.2 2008.12.19 -
CAT-QuickHeal 10.00 2008.12.19 -
ClamAV 0.94.1 2008.12.18 -
Comodo 780 2008.12.19 -
DrWeb 4.44.0.09170 2008.12.19 -
eSafe 7.0.17.0 2008.12.18 -
eTrust-Vet 31.6.6268 2008.12.18 -
Ewido 4.0 2008.12.18 -
F-Prot 4.4.4.56 2008.12.18 -
F-Secure 8.0.14332.0 2008.12.19 -
Fortinet 3.117.0.0 2008.12.19 -
[B]GData 19 2008.12.19 Win32:Rootkit-gen[/B]
Ikarus T3.1.1.45.0 2008.12.19 -
K7AntiVirus 7.10.557 2008.12.18 -
Kaspersky 7.0.0.125 2008.12.19 -
McAfee 5468 2008.12.18 -
McAfee+Artemis 5468 2008.12.18 -
[B]Microsoft 1.4205 2008.12.19 Backdoor:WinNT/Rustock.H[/B]
NOD32 3704 2008.12.18 -
Norman 5.80.02 2008.12.18 -
Panda 9.0.0.4 2008.12.19 -
PCTools 4.4.2.0 2008.12.18 -
Prevx1 V2 2008.12.19 -
Rising 21.08.41.00 2008.12.19 -
[B]SecureWeb-Gateway 6.7.6 2008.12.19 Trojan.Rootkit.Gen[/B]
Sophos 4.37.0 2008.12.19 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.19 -
TheHacker 6.3.1.4.191 2008.12.17 -
TrendMicro 8.700.0.1004 2008.12.19 -
VBA32 3.12.8.10 2008.12.18 -
ViRobot 2008.12.18.1526 2008.12.19 -
VirusBuster 4.5.11.0 2008.12.18 -[/CODE]
Additional information
File size: 30848 bytes
MD5...: 78f59cf8d0d936d24a3b5af5c16114e5
22.12.2008, 17:34
Shu_b

из свежеприсланного (t=36108)

File tpszxyd.sys received on 12.22.2008 15:17:37 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.22 -
AntiVir 7.9.0.45 2008.12.22 -
Authentium 5.1.0.4 2008.12.22 -
[B]Avast 4.8.1281.0 2008.12.21 Win32:Refpron-C
AVG 8.0.0.199 2008.12.22 Agent.4.E[/B]
BitDefender 7.2 2008.12.22 -
CAT-QuickHeal 10.00 2008.12.22 -
ClamAV 0.94.1 2008.12.22 -
Comodo 793 2008.12.21 -
DrWeb 4.44.0.09170 2008.12.22 -
eSafe 7.0.17.0 2008.12.21 -
eTrust-Vet 31.6.6271 2008.12.20 -
Ewido 4.0 2008.12.22 -
F-Prot 4.4.4.56 2008.12.22 -
[B]F-Secure 8.0.14332.0 2008.12.22 Suspicious:W32/DVBBS.c!Gemini[/B]
Fortinet 3.117.0.0 2008.12.22 -
[B]GData 19 2008.12.22 Win32:Refpron-C
Ikarus T3.1.1.45.0 2008.12.22 Virus.Win32.DNSChanger.XR[/B]
K7AntiVirus 7.10.562 2008.12.22 -
Kaspersky 7.0.0.125 2008.12.22 -
McAfee 5471 2008.12.21 -
McAfee+Artemis 5471 2008.12.21 -
[B]Microsoft 1.4205 2008.12.22 Backdoor:Win32/Refpron.I[/B]
NOD32 3710 2008.12.22 -
Norman 5.80.02 2008.12.22 -
Panda 9.0.0.4 2008.12.21 -
PCTools 4.4.2.0 2008.12.22 -
[B]Prevx1 V2 2008.12.22 Cloaked Malware[/B]
Rising 21.09.02.00 2008.12.22 -
SecureWeb-Gateway 6.7.6 2008.12.22 -
Sophos 4.37.0 2008.12.22 -
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.22 -
TheHacker 6.3.1.4.195 2008.12.20 -
[B]TrendMicro 8.700.0.1004 2008.12.22 TROJ_REFPRON.E[/B]
VBA32 3.12.8.10 2008.12.21 -
ViRobot 2008.12.22.1530 2008.12.22 -
VirusBuster 4.5.11.0 2008.12.21 -[/CODE]
Additional information
File size: 263168 bytes
MD5...: dd69d2f9d2d1709c286cb5fa6ef0ca8f

File system32\reminst\smss.exe received on 12.22.2008 15:17:50 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.22 -
[B]AntiVir 7.9.0.45 2008.12.22 HEUR/Malware[/B]
Authentium 5.1.0.4 2008.12.22 -
Avast 4.8.1281.0 2008.12.21 -
AVG 8.0.0.199 2008.12.22 -
[B]BitDefender 7.2 2008.12.22 DeepScan:Generic.Malware.dld!!.98AD12A5
CAT-QuickHeal 10.00 2008.12.22 Win32.Backdoor.PcClient.ZA.3[/B]
ClamAV 0.94.1 2008.12.22 -
Comodo 793 2008.12.21 -
DrWeb 4.44.0.09170 2008.12.22 -
[B]eSafe 7.0.17.0 2008.12.21 Suspicious File[/B]
eTrust-Vet 31.6.6271 2008.12.20 -
Ewido 4.0 2008.12.22 -
F-Prot 4.4.4.56 2008.12.22 -
F-Secure 8.0.14332.0 2008.12.22 -
Fortinet 3.117.0.0 2008.12.22 -
[B]GData 19 2008.12.22 DeepScan:Generic.Malware.dld!!.98AD12A5[/B]
Ikarus T3.1.1.45.0 2008.12.22 -
K7AntiVirus 7.10.562 2008.12.22 -
Kaspersky 7.0.0.125 2008.12.22 -
[B]McAfee 5471 2008.12.21 New Malware.ac
McAfee+Artemis 5471 2008.12.21 Generic!Artemis[/B]
Microsoft 1.4205 2008.12.22 -
NOD32 3710 2008.12.22 -
Norman 5.80.02 2008.12.22 -
[B]Panda 9.0.0.4 2008.12.21 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.22 -
Prevx1 V2 2008.12.22 -
Rising 21.09.02.00 2008.12.22 -
[B]SecureWeb-Gateway 6.7.6 2008.12.22 Heuristic.Malware
Sophos 4.37.0 2008.12.22 Sus/Behav-1005[/B]
Sunbelt 3.2.1801.2 2008.12.11 -
[B]Symantec 10 2008.12.22 Downloader[/B]
TheHacker 6.3.1.4.195 2008.12.20 -
[B]TrendMicro 8.700.0.1004 2008.12.22 PAK_Generic.001[/B]
VBA32 3.12.8.10 2008.12.21 -
ViRobot 2008.12.22.1530 2008.12.22 -
VirusBuster 4.5.11.0 2008.12.21 -[/CODE]
Additional information
File size: 6144 bytes
MD5...: 282e012b74885150185048920b5f4f51

File system32\reminst\csrss.exe received on 12.22.2008 15:23:51 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.22 -
AntiVir 7.9.0.45 2008.12.22 -
[B]Authentium 5.1.0.4 2008.12.22 W32/new-malware!Maximus[/B]
Avast 4.8.1281.0 2008.12.21 -
AVG 8.0.0.199 2008.12.22 -
BitDefender 7.2 2008.12.22 -
[B]CAT-QuickHeal 10.00 2008.12.22 Trojan.Siveras.e[/B]
ClamAV 0.94.1 2008.12.22 -
Comodo 793 2008.12.21 -
[B]DrWeb 4.44.0.09170 2008.12.22 Trojan.DownLoad.25792
eSafe 7.0.17.0 2008.12.21 Suspicious File[/B]
eTrust-Vet 31.6.6271 2008.12.20 -
Ewido 4.0 2008.12.22 -
[B]F-Prot 4.4.4.56 2008.12.22 W32/new-malware!Maximus[/B]
F-Secure 8.0.14332.0 2008.12.22 -
Fortinet 3.117.0.0 2008.12.22 -
GData 19 2008.12.22 -
[B]Ikarus T3.1.1.45.0 2008.12.22 Trojan.Buzus.iij[/B]
K7AntiVirus 7.10.562 2008.12.22 -
Kaspersky 7.0.0.125 2008.12.22 -
McAfee 5471 2008.12.21 -
McAfee+Artemis 5471 2008.12.21 -
[B]Microsoft 1.4205 2008.12.22 Exploit:Win32/Siveras.E[/B]
NOD32 3710 2008.12.22 -
Norman 5.80.02 2008.12.22 -
[B]Panda 9.0.0.4 2008.12.21 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.22 -
Prevx1 V2 2008.12.22 -
Rising 21.09.02.00 2008.12.22 -
[B]SecureWeb-Gateway 6.7.6 2008.12.22 Trojan.Downloader.Win32.Malware.gen (suspicious)[/B]
Sophos 4.37.0 2008.12.22 -
[B]Sunbelt 3.2.1801.2 2008.12.11 VIPRE.Suspicious[/B]
Symantec 10 2008.12.22 -
TheHacker 6.3.1.4.195 2008.12.20 -
[B]TrendMicro 8.700.0.1004 2008.12.22 PAK_Generic.001[/B]
VBA32 3.12.8.10 2008.12.21 -
ViRobot 2008.12.22.1530 2008.12.22 -
VirusBuster 4.5.11.0 2008.12.21 -[/CODE]
Additional information
File size: 43520 bytes
MD5...: f7fcc33c6cf1ae3d006f9f5e41929f71

File temp\0002.exe received on 12.22.2008 15:18:02 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.22 -
[B]AntiVir 7.9.0.45 2008.12.22 TR/ATRAPS.Gen[/B]
Authentium 5.1.0.4 2008.12.22 -
Avast 4.8.1281.0 2008.12.21 -
[B]AVG 8.0.0.199 2008.12.22 Dropper.Bravix[/B]
BitDefender 7.2 2008.12.22 -
[B]CAT-QuickHeal 10.00 2008.12.22 Win32.PWS.Gamania.gen!D.8[/B]
ClamAV 0.94.1 2008.12.22 -
Comodo 793 2008.12.21 -
DrWeb 4.44.0.09170 2008.12.22 -
eSafe 7.0.17.0 2008.12.21 -
eTrust-Vet 31.6.6271 2008.12.20 -
Ewido 4.0 2008.12.22 -
F-Prot 4.4.4.56 2008.12.22 -
[B]F-Secure 8.0.14332.0 2008.12.22 Suspicious:W32/Malware!Gemini[/B]
Fortinet 3.117.0.0 2008.12.22 -
GData 19 2008.12.22 -
Ikarus T3.1.1.45.0 2008.12.22 -
K7AntiVirus 7.10.562 2008.12.22 -
Kaspersky 7.0.0.125 2008.12.22 -
McAfee 5471 2008.12.21 -
McAfee+Artemis 5471 2008.12.21 -
[B]Microsoft 1.4205 2008.12.22 Trojan:Win32/Adpclient[/B]
NOD32 3710 2008.12.22 -
Norman 5.80.02 2008.12.22 -
[B]Panda 9.0.0.4 2008.12.21 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.22 -
Prevx1 V2 2008.12.22 -
Rising 21.09.02.00 2008.12.22 -
[B]SecureWeb-Gateway 6.7.6 2008.12.22 Trojan.ATRAPS.Gen
Sophos 4.37.0 2008.12.22 Troj/Sacom-Gen[/B]
Sunbelt 3.2.1801.2 2008.12.11 -
Symantec 10 2008.12.22 -
TheHacker 6.3.1.4.195 2008.12.20 -
TrendMicro 8.700.0.1004 2008.12.22 -
[B]VBA32 3.12.8.10 2008.12.21 suspected of Win32 Shadow Driver Install[/B]
ViRobot 2008.12.22.1530 2008.12.22 -
VirusBuster 4.5.11.0 2008.12.21 -[/CODE]
Additional information
File size: 60928 bytes
MD5...: 35cd63388a75d9369b241eb19901f02b
23.12.2008, 08:44
kvit

пришло сегодня по icq

[CODE]Антивирус Версия Обновление Результат
AhnLab-V3 2008.12.22.0 2008.12.23 Win-Trojan/LdPinch.41984.AH
AntiVir 7.9.0.45 2008.12.22 TR/Spy.Gen
Authentium 5.1.0.4 2008.12.23 W32/LdPinch.A.gen!Eldorado
Avast 4.8.1281.0 2008.12.23 Win32:LdPinch-CYW
AVG 8.0.0.199 2008.12.22 PSW.Ldpinch.OLX
BitDefender 7.2 2008.12.23 Trojan.PWS.LdPinch.TPC
[B]CAT-QuickHeal 10.00 2008.12.23 -[/B]
ClamAV 0.94.1 2008.12.22 Trojan.LdPinch-1592
Comodo 800 2008.12.22 TrojWare.Win32.PSW.Ldpinch.~TE
DrWeb 4.44.0.09170 2008.12.22 Trojan.PWS.LDPinch.4182
[B]eSafe 7.0.17.0 2008.12.21 -[/B]
eTrust-Vet 31.6.6271 2008.12.20 Win32/Yurist.DD
Ewido 4.0 2008.12.22 Trojan.LdPinch.cdz
F-Prot 4.4.4.56 2008.12.22 W32/LdPinch.A.gen!Eldorado
F-Secure 8.0.14332.0 2008.12.23 Trojan-PSW.Win32.LdPinch.dis
Fortinet 3.117.0.0 2008.12.23 W32/LdPinch.BYX!tr.pws
GData 19 2008.12.23 Trojan.PWS.LdPinch.TPC
Ikarus T3.1.1.45.0 2008.12.23 Trojan-PWS.Win32.LdPinch
K7AntiVirus 7.10.562 2008.12.22 Trojan-PSW.Win32.LdPinch.cds
Kaspersky 7.0.0.125 2008.12.23 Trojan-PSW.Win32.LdPinch.dis
[B]McAfee 5472 2008.12.22 -[/B]
[COLOR="Red"]McAfee+Artemis 5472 2008.12.22 Generic!Artemis[/COLOR]
Microsoft 1.4205 2008.12.22 PWS:Win32/Ldpinch.gen
NOD32 3712 2008.12.22 a variant of Win32/PSW.LdPinch.NEL
Norman 5.80.02 2008.12.22 LdPinch.gen1
Panda 9.0.0.4 2008.12.22 Trj/Ldpinch.APF
PCTools 4.4.2.0 2008.12.22 Trojan.PWS.LdPinch.CCL
Prevx1 V2 2008.12.23 Malicious Software
Rising 21.09.10.00 2008.12.23 Trojan.PSW.Win32.LdPinch.cds
SecureWeb-Gateway 6.7.6 2008.12.22 Trojan.Spy.Gen
Sophos 4.37.0 2008.12.23 Troj/LDPinch-RG
Sunbelt 3.2.1809.2 2008.12.22 BehavesLike.Win32.Malware (v)
Symantec 10 2008.12.23 Infostealer.Ldpinch
[B]TheHacker 6.3.1.4.195 2008.12.20 -[/B]
TrendMicro 8.700.0.1004 2008.12.23 TROJ_LDPINCH.BB
VBA32 3.12.8.10 2008.12.22 Trojan.Win32.Agent.tpa
ViRobot 2008.12.23.1531 2008.12.23 Trojan.Win32.PSWLdPinch.41984.F
VirusBuster 4.5.11.0 2008.12.22 Trojan.PWS.LdPinch.CCL
[/CODE]
23.12.2008, 09:33
Shu_b

File userinit.exe received on 12.23.2008 07:06:54 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.23 -
[B]AntiVir 7.9.0.45 2008.12.22 TR/Spy.ZBot.DAB.2[/B]
Authentium 5.1.0.4 2008.12.23 -
Avast 4.8.1281.0 2008.12.23 -
[B]AVG 8.0.0.199 2008.12.22 SHeur2.GNW[/B]
BitDefender 7.2 2008.12.23 -
CAT-QuickHeal 10.00 2008.12.23 -
ClamAV 0.94.1 2008.12.22 -
Comodo 800 2008.12.22 -
DrWeb 4.44.0.09170 2008.12.22 -
[B]eSafe 7.0.17.0 2008.12.21 Suspicious File[/B]
eTrust-Vet 31.6.6274 2008.12.22 -
Ewido 4.0 2008.12.22 -
F-Prot 4.4.4.56 2008.12.22 -
F-Secure 8.0.14332.0 2008.12.23 -
Fortinet 3.117.0.0 2008.12.23 -
GData 19 2008.12.23 -
Ikarus T3.1.1.45.0 2008.12.23 -
[B]K7AntiVirus 7.10.562 2008.12.22 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2008.12.23 -
McAfee 5472 2008.12.22 -
[B]McAfee+Artemis 5472 2008.12.22 Generic!Artemis
Microsoft 1.4205 2008.12.22 VirTool:Win32/Obfuscator.CW
NOD32 3712 2008.12.22 a variant of Win32/Kryptik.DK[/B]
Norman 5.80.02 2008.12.22 -
Panda 9.0.0.4 2008.12.22 -
PCTools 4.4.2.0 2008.12.22 -
Rising 21.09.10.00 2008.12.23 -
SecureWeb-Gateway 6.7.6 2008.12.23 -
Sophos 4.37.0 2008.12.23 -
Sunbelt 3.2.1809.2 2008.12.22 -
[B]Symantec 10 2008.12.23 Infostealer[/B]
TheHacker 6.3.1.4.195 2008.12.20 -
TrendMicro 8.700.0.1004 2008.12.23 -
[B]VBA32 3.12.8.10 2008.12.22 suspected of Malware-Cryptor.Win32.General.4[/B]
ViRobot 2008.12.23.1531 2008.12.23 -
VirusBuster 4.5.11.0 2008.12.22 -[/CODE]
Additional information
File size: 74240 bytes
MD5...: 18789d6b2155e4755feb98b5629babb7
SHA1..: 1e76a4b48299639cd6e2794ef4717876d66f0055

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

File im.exe received on 12.23.2008 07:14:51 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.23 -
[B]AntiVir 7.9.0.45 2008.12.22 TR/Crypt.CFI.Gen
Authentium 5.1.0.4 2008.12.23 W32/VB-Backdoor-PSVR-based!Maximus[/B]
Avast 4.8.1281.0 2008.12.23 -
AVG 8.0.0.199 2008.12.22 -
BitDefender 7.2 2008.12.23 -
CAT-QuickHeal 10.00 2008.12.23 -
ClamAV 0.94.1 2008.12.22 -
Comodo 800 2008.12.22 -
DrWeb 4.44.0.09170 2008.12.22 -
eSafe 7.0.17.0 2008.12.21 -
eTrust-Vet 31.6.6271 2008.12.20 -
Ewido 4.0 2008.12.22 -
[B]F-Prot 4.4.4.56 2008.12.22 W32/VB-Backdoor-PSVR-based!Maximus[/B]
F-Secure 8.0.14332.0 2008.12.23 -
Fortinet 3.117.0.0 2008.12.23 -
GData 19 2008.12.23 -
[B]Ikarus T3.1.1.45.0 2008.12.23 not-a-virus:AdTool.Win32.VB.a[/B]
K7AntiVirus 7.10.562 2008.12.22 -
Kaspersky 7.0.0.125 2008.12.23 -
McAfee 5472 2008.12.22 -
[B]McAfee+Artemis 5472 2008.12.22 Generic!Artemis[/B]
Microsoft 1.4205 2008.12.22 -
NOD32 3712 2008.12.22 -
Norman 5.80.02 2008.12.22 -
Panda 9.0.0.4 2008.12.22 -
PCTools 4.4.2.0 2008.12.22 -
Prevx1 V2 2008.12.23 -
Rising 21.09.10.00 2008.12.23 -
[B]SecureWeb-Gateway 6.7.6 2008.12.23 Trojan.Crypt.CFI.Gen[/B]
Sophos 4.37.0 2008.12.23 -
[B]Sunbelt 3.2.1809.2 2008.12.22 Backdoor.Win32.VB.PSVR!cobra (v)[/B]
Symantec 10 2008.12.23 -
TheHacker 6.3.1.4.195 2008.12.20 -
TrendMicro 8.700.0.1004 2008.12.23 -
VBA32 3.12.8.10 2008.12.22 -
ViRobot 2008.12.23.1531 2008.12.23 -
VirusBuster 4.5.11.0 2008.12.22 -[/CODE]
Additional information
File size: 98304 bytes
MD5...: 26f25a5a029d118623f039398b1f7dee

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File twext.exe received on 12.23.2008 07:19:11 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.23 -
AntiVir 7.9.0.45 2008.12.22 -
Authentium 5.1.0.4 2008.12.23 -
[B]Avast 4.8.1281.0 2008.12.23 Win32:Zbot-AVH[/B]
AVG 8.0.0.199 2008.12.22 -
BitDefender 7.2 2008.12.23 -
CAT-QuickHeal 10.00 2008.12.23 -
ClamAV 0.94.1 2008.12.22 -
Comodo 800 2008.12.22 -
DrWeb 4.44.0.09170 2008.12.22 -
eSafe 7.0.17.0 2008.12.21 -
eTrust-Vet 31.6.6274 2008.12.22 -
Ewido 4.0 2008.12.22 -
F-Prot 4.4.4.56 2008.12.22 -
[B]F-Secure 8.0.14332.0 2008.12.23 Trojan-Spy.Win32.Zbot.imd[/B]
Fortinet 3.117.0.0 2008.12.23 -
[B]GData 19 2008.12.23 Win32:Zbot-AVH[/B]
Ikarus T3.1.1.45.0 2008.12.23 -
K7AntiVirus 7.10.562 2008.12.22 -
[B]Kaspersky 7.0.0.125 2008.12.23 Trojan-Spy.Win32.Zbot.imd[/B]
McAfee 5472 2008.12.22 -
McAfee+Artemis 5472 2008.12.22 -
[B]Microsoft 1.4205 2008.12.22 TrojanSpy:Win32/Zbot.gen!C
NOD32 3712 2008.12.22 a variant of Win32/Kryptik.DB[/B]
Norman 5.80.02 2008.12.22 -
Panda 9.0.0.4 2008.12.22 -
PCTools 4.4.2.0 2008.12.22 -
Prevx1 V2 2008.12.23 -
Rising 21.09.10.00 2008.12.23 -
SecureWeb-Gateway 6.7.6 2008.12.23 -
[B]Sophos 4.37.0 2008.12.23 Mal/Zbot-H[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.23 -
TheHacker 6.3.1.4.195 2008.12.20 -
TrendMicro 8.700.0.1004 2008.12.23 -
VBA32 3.12.8.10 2008.12.22 -
ViRobot 2008.12.23.1531 2008.12.23 -
[B]VirusBuster 4.5.11.0 2008.12.22 TrojanSpy.ZBot.Gen!Pac.6[/B][/CODE]
Additional information
File size: 575488 bytes
MD5...: e1b79b469184ff37468af1e427500c4b

[size="1"][color="#666686"][B][I]Добавлено через 52 секунды[/I][/B][/color][/size]

File PrivateContent.exe received on 12.23.2008 07:21:43 (CET)
[CODE]Antivirus Version Last Update Result
AhnLab-V3 2008.12.22.0 2008.12.23 -
AntiVir 7.9.0.45 2008.12.22 -
Authentium 5.1.0.4 2008.12.23 -
Avast 4.8.1281.0 2008.12.23 -
AVG 8.0.0.199 2008.12.22 -
BitDefender 7.2 2008.12.23 -
CAT-QuickHeal 10.00 2008.12.23 -
ClamAV 0.94.1 2008.12.22 -
Comodo 800 2008.12.22 -
DrWeb 4.44.0.09170 2008.12.22 -
eSafe 7.0.17.0 2008.12.21 -
eTrust-Vet 31.6.6274 2008.12.22 -
Ewido 4.0 2008.12.22 -
F-Prot 4.4.4.56 2008.12.22 -
[B]F-Secure 8.0.14332.0 2008.12.23 AdWare.Win32.Cinmus.aiyf[/B]
Fortinet 3.117.0.0 2008.12.23 -
GData 19 2008.12.23 -
Ikarus T3.1.1.45.0 2008.12.23 -
K7AntiVirus 7.10.562 2008.12.22 -
[B]Kaspersky 7.0.0.125 2008.12.23 not-a-virus:AdWare.Win32.Cinmus.aiyf[/B]
McAfee 5472 2008.12.22 -
McAfee+Artemis 5472 2008.12.22 -
Microsoft 1.4205 2008.12.22 -
NOD32 3712 2008.12.22 -
Norman 5.80.02 2008.12.22 -
Panda 9.0.0.4 2008.12.22 -
PCTools 4.4.2.0 2008.12.22 -
Prevx1 V2 2008.12.23 -
Rising 21.09.10.00 2008.12.23 -
SecureWeb-Gateway 6.7.6 2008.12.23 -
Sophos 4.37.0 2008.12.23 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.23 -
TheHacker 6.3.1.4.195 2008.12.20 -
TrendMicro 8.700.0.1004 2008.12.23 -
VBA32 3.12.8.10 2008.12.22 -
ViRobot 2008.12.23.1531 2008.12.23 -
VirusBuster 4.5.11.0 2008.12.22 -[/CODE]
Additional information
File size: 88576 bytes
MD5...: 1bbde9abaf1f459143de6844db9ed624
23.12.2008, 17:43
senyak

Файл 49c4f4f6.eml получен 2008.12.23 15:30:54 (CET)
Текущий статус: закончено
Результат: 4/38 (10.53%)

[QUOTE]Антивирус Версия Обновление Результат
AhnLab-V3 2008.12.22.0 2008.12.23 -
[B]AntiVir 7.9.0.45 2008.12.23 HEUR/HTML.Malware[/B]
Authentium 5.1.0.4 2008.12.23 -
Avast 4.8.1281.0 2008.12.23 -
AVG 8.0.0.199 2008.12.22 -
BitDefender 7.2 2008.12.23 -
CAT-QuickHeal 10.00 2008.12.23 -
[B]ClamAV 0.94.1 2008.12.23 Phishing.Heuristics.Email.SpoofedDomain[/B]
Comodo 804 2008.12.23 -
DrWeb 4.44.0.09170 2008.12.23 -
eSafe 7.0.17.0 2008.12.21 -
eTrust-Vet 31.6.6274 2008.12.22 -
Ewido 4.0 2008.12.23 -
F-Prot 4.4.4.56 2008.12.23 -
[B]F-Secure 8.0.14332.0 2008.12.23 Trojan-Spy.HTML.Fraud.gen[/B]
Fortinet 3.117.0.0 2008.12.23 -
GData 19 2008.12.23 -
Ikarus T3.1.1.45.0 2008.12.23 -
K7AntiVirus 7.10.563 2008.12.23 -
[B]Kaspersky 7.0.0.125 2008.12.23 Trojan-Spy.HTML.Fraud.gen[/B]
McAfee 5472 2008.12.22 -
McAfee+Artemis 5472 2008.12.22 -
Microsoft 1.4205 2008.12.23 -
NOD32 3713 2008.12.23 -
Norman 5.80.02 2008.12.23 -
Panda 9.0.0.4 2008.12.23 -
PCTools 4.4.2.0 2008.12.23 -
Prevx1 V2 2008.12.23 -
Rising 21.09.13.00 2008.12.23 -
SecureWeb-Gateway 6.7.6 2008.12.23 -
Sophos 4.37.0 2008.12.23 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.23 -
TheHacker 6.3.1.4.195 2008.12.20 -
TrendMicro 8.700.0.1004 2008.12.23 -
VBA32 3.12.8.10 2008.12.22 -
ViRobot 2008.12.23.1532 2008.12.23 -
VirusBuster 4.5.11.0 2008.12.23 -[/QUOTE]
Дополнительная информация
File size: 4113 bytes
MD5...: 35ab57faa44d9691baa991c2dec704f6
SHA1..: 8753bb9d81121ab07dfbc996c00ca51f838271de
SHA256: 78c274d4bc6fd7998184ee30ebccbb6448872cc9cfccd79bc90b8723f639d1d4
SHA512: ca7edaf312f97c7edfd443706d39c00c5fc4deea77a2ca86e0297a5a61e712c6
55bd2a6ccfc1c4735aa66001e07fa915f71ea860e5c739ec77149afdcbb6f23d
ssdeep: 48:SC/Ji2tmsNBxAM3T7WpL5AjNux0219IXMyxM8OX/1UKtjDUpICUAixkKHJktv
AnH:F5xF3G5uNux021yMDqEBN9gXq2EQLk
PEiD..: -
TrID..: File type identification
E-Mail message (Var. 1) (100.0%)
PEInfo: -
packers (F-Prot): qp
24.12.2008, 12:16
Shu_b

File qwe received on 12.24.2008 09:05:31 (CET)
[CODE]Antivirus Version Last Update Result
a-squared 4.0.0.73 2008.12.24 -
AhnLab-V3 2008.12.22.0 2008.12.24 -
[B]AntiVir 7.9.0.45 2008.12.24 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2008.12.24 -
Avast 4.8.1281.0 2008.12.23 -
AVG 8.0.0.199 2008.12.23 -
BitDefender 7.2 2008.12.24 -
CAT-QuickHeal 10.00 2008.12.24 -
ClamAV 0.94.1 2008.12.24 -
Comodo 804 2008.12.23 -
DrWeb 4.44.0.09170 2008.12.24 -
eSafe 7.0.17.0 2008.12.23 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.23 -
F-Prot 4.4.4.56 2008.12.24 -
F-Secure 8.0.14332.0 2008.12.24 -
Fortinet 3.117.0.0 2008.12.24 -
GData 19 2008.12.24 -
Ikarus T3.1.1.45.0 2008.12.24 -
K7AntiVirus 7.10.563 2008.12.23 -
Kaspersky 7.0.0.125 2008.12.24 -
McAfee 5473 2008.12.23 -
McAfee+Artemis 5473 2008.12.23 -
Microsoft 1.4205 2008.12.24 -
NOD32 3715 2008.12.24 -
Norman 5.80.02 2008.12.23 -
Panda 9.0.0.4 2008.12.23 -
PCTools 4.4.2.0 2008.12.23 -
[B]Prevx1 V2 2008.12.24 Cloaked Malware[/B]
Rising 21.09.21.00 2008.12.24 -
[B]SecureWeb-Gateway 6.7.6 2008.12.24 Trojan.Dropper.Gen[/B]
Sophos 4.37.0 2008.12.24 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.24 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.24 -
VBA32 3.12.8.10 2008.12.23 -
ViRobot 2008.12.24.1533 2008.12.24 -
VirusBuster 4.5.11.0 2008.12.23 -[/CODE]
Additional information
File size: 22528 bytes
MD5...: 5ad1dc609b765c81a895a1fd42040b73
24.12.2008, 14:12
ALEX(XX)

File 3.exe received on 12.24.2008 10:33:03 (CET)

[CODE]Antivirus Version Last Update Result
[B]a-squared 4.0.0.73 2008.12.24 Trojan-PWS.Win32.QQPass!IK
AhnLab-V3 2008.12.22.0 2008.12.24 Packed/Upack[/B]
[B]AntiVir 7.9.0.45 2008.12.24 TR/ATRAPS.Gen
Authentium 5.1.0.4 2008.12.24 W32/Heuristic-210!Eldorado[/B]
Avast 4.8.1281.0 2008.12.23 -
AVG 8.0.0.199 2008.12.23 -
BitDefender 7.2 2008.12.24 -
[B]CAT-QuickHeal 10.00 2008.12.24 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2008.12.24 -
Comodo 804 2008.12.23 -
DrWeb 4.44.0.09170 2008.12.24 -
eSafe 7.0.17.0 2008.12.23 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.23 -
[B]F-Prot 4.4.4.56 2008.12.24 W32/Heuristic-210!Eldorado
F-Secure 8.0.14332.0 2008.12.24 W32/Packed_Upack.A[/B]
Fortinet 3.117.0.0 2008.12.24 -
GData 19 2008.12.24 -
[B]Ikarus T3.1.1.45.0 2008.12.24 Trojan-PWS.Win32.QQPass[/B]
K7AntiVirus 7.10.563 2008.12.23 -
Kaspersky 7.0.0.125 2008.12.24 -
[B]McAfee 5473 2008.12.23 New Malware.aj
McAfee+Artemis 5473 2008.12.23 New Malware.n
Microsoft 1.4205 2008.12.24 PWS:Win32/QQpass.AA
NOD32 3715 2008.12.24 a variant of Win32/PSW.Delf.NMX
Norman 5.80.02 2008.12.23 W32/Packed_Upack.A
Panda 9.0.0.4 2008.12.23 Suspicious file
PCTools 4.4.2.0 2008.12.23 Packed/Upack[/B]
Prevx1 V2 2008.12.24 -
[B]Rising 21.09.22.00 2008.12.24 Trojan.Win32.QQFish.w
SecureWeb-Gateway 6.7.6 2008.12.24 Trojan.ATRAPS.Gen
Sophos 4.37.0 2008.12.24 Sus/ComPack-C
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious[/B]
Symantec 10 2008.12.24 -
[B]TheHacker 6.3.1.4.199 2008.12.23 W32/Behav-Heuristic-060[/B]
[B]TrendMicro 8.700.0.1004 2008.12.24 PAK_Generic.006
VBA32 3.12.8.10 2008.12.23 Trojan-PSW.Win32.QQPass.efy[/B]
ViRobot 2008.12.24.1533 2008.12.24 -
[B]VirusBuster 4.5.11.0 2008.12.23 Packed/Upack[/B]

Additional information
File size: 48360 bytes
MD5...: 98ce99bb088c252d7d084f87ed2a500c
SHA1..: 70d9bcdefc0e1a23efea874a46e4d80800daf32a
SHA256: d6f414e798bde608b368d0c41aff41737c9b641b4b9a802fd717e1d2864fb9b6
SHA512: 8f0b0281c7e4614e31a345a428ae2e3764ef48c2306fea4f94e658645f695d44 13588dc16e2ad43974bf6ec9cdbc0e61644fe1bd5ec3260074570b3725098957 
ssdeep: 768:uMVvp3w/gocWsGh+V4Aq4cEM/9UyIdkqezAS3COSec2KGr0LjVot0g62KRQY :uMVvp3w/ghWbkq4NMiy6o6ic2KGrAotm 
PEiD..: -
TrID..: File type identification DOS Executable Generic (100.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x261018 timedatestamp.....: 0x2611b0be (Thu Mar 29 06:52:46 1990) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 PS 0x1000 0x69000 0x1f0 5.43 ce40f9782f141f111303501525d8de5e _Y_ 0x6a000 0x13000 0xbae8 7.87 38e69c9cd23df97d12da107e6d2f4a34 __ 0x7d000 0x1000 0x1f0 5.43 ce40f9782f141f111303501525d8de5e ( 0 imports ) ( 0 exports ) 
packers (Authentium): UPack
packers (Kaspersky): PE_Patch, UPack
packers (F-Prot): UPack
[/CODE]

File 0001.exe received on 12.24.2008 10:34:51 (CET)

[CODE]Antivirus Version Last Update Result
[B]a-squared 4.0.0.73 2008.12.24 Backdoor.Bifrose!IK[/B]
AhnLab-V3 2008.12.22.0 2008.12.24 -
[B]AntiVir 7.9.0.45 2008.12.24 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.0.4 2008.12.24 -
Avast 4.8.1281.0 2008.12.23 -
[B]AVG 8.0.0.199 2008.12.23 Win32/Heur
BitDefender 7.2 2008.12.24 Trojan.Rincux.AW
CAT-QuickHeal 10.00 2008.12.24 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2008.12.24 -
Comodo 804 2008.12.23 -
DrWeb 4.44.0.09170 2008.12.24 -
[B]eSafe 7.0.17.0 2008.12.23 Suspicious File[/B]
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.23 -
F-Prot 4.4.4.56 2008.12.24 -
[B]F-Secure 8.0.14332.0 2008.12.24 Suspicious:W32/Malware!Gemini[/B]
Fortinet 3.117.0.0 2008.12.24 -
[B]GData 19 2008.12.24 Trojan.Rincux.AW[/B]
[B]Ikarus T3.1.1.45.0 2008.12.24 Backdoor.Bifrose[/B]
K7AntiVirus 7.10.563 2008.12.23 -
Kaspersky 7.0.0.125 2008.12.24 -
McAfee 5473 2008.12.23 -
[B]McAfee+Artemis 5473 2008.12.23 Generic!Artemis
Microsoft 1.4205 2008.12.24 Trojan:Win32/Agent[/B]
NOD32 3715 2008.12.24 -
Norman 5.80.02 2008.12.23 -
Panda 9.0.0.4 2008.12.23 -
PCTools 4.4.2.0 2008.12.23 -
Prevx1 V2 2008.12.24 -
[B]Rising 21.09.22.00 2008.12.24 Backdoor.Win32.DDOS.ev[/B]
[B]SecureWeb-Gateway 6.7.6 2008.12.24 Trojan.Crypt.XPACK.Gen[/B]
Sophos 4.37.0 2008.12.24 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.24 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.24 -
VBA32 3.12.8.10 2008.12.23 -
ViRobot 2008.12.24.1533 2008.12.24 -
VirusBuster 4.5.11.0 2008.12.23 -

Additional information
File size: 21396 bytes
MD5...: bde49df3cbcf4d06f3a4c245bbae2f0e
SHA1..: 59102419014279f1c39ba91fc2f066aa9a5a7e98
SHA256: e0e3c3d8a1bfee5b907965b2b3616a730e57e79f5b4008ba522ed03afa43b195
SHA512: 282a98a79b5cf7b0f1b0ab6168d51c535115d0a0b4f3bdea9d2914157077f143 eb8d27ad5477f5643a43e2aa493dbca7887bc8e2f2465c6c218e9bb2ea737acd 
ssdeep: 384:XSz2AJknpV5ILyJwhgP8wFYDcV9Vq6EHXnnnnXVmnXXnXXnXXn8MxR8YbcXn nnnC:XUJkn7TJwhP8aV5nXsXXXXXXrVYnX3nC 
PEiD..: -
TrID..: File type identification Generic Win/DOS Executable (49.8%) DOS Executable Generic (49.7%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) Targa bitmap (Original TGA Format) (0.1%) MS Flight Simulator Aircraft Performance Info (0.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x4032d6 timedatestamp.....: 0x373898 (Wed Feb 11 21:16:08 1970) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x2502 0x2600 7.98 6799f3ee1ab99e18a67368b0d8d49822 .rdata 0x4000 0xdba 0xe00 7.97 a5db486c5ed67dba7d0af1d89855f069 .data 0x5000 0x3ce04 0x600 7.95 a01c8037745cacc4261ee87e144f8865 .sdffqw 0x42000 0x1594 0x1594 6.77 1cae004626695a37382f7a9f915895e7 ( 1 imports ) > KERNEL32.dll: ExitProcess, Beep ( 0 exports ) 
ThreatExpert info: <A href="http://www.threatexpert.com/report.aspx?md5=bde49df3cbcf4d06f3a4c245bbae2f0e" target="_blank">http://www.threatexpert.com/report.aspx?md5=bde49df3cbcf4d06f3a4c245bbae2f0e</A>[/CODE]
25.12.2008, 03:31
senyak

Файл InstallAVv_880294.exe получен 2008.12.24 14:52:32 (CET)
Текущий статус: закончено
Результат: 5/39 (12.83%)

[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2008.12.24 -
AhnLab-V3 2008.12.25.0 2008.12.24 -
[B]AntiVir 7.9.0.45 2008.12.24 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.0.4 2008.12.24 -
Avast 4.8.1281.0 2008.12.24 -
AVG 8.0.0.199 2008.12.24 -
BitDefender 7.2 2008.12.24 -
CAT-QuickHeal 10.00 2008.12.24 -
ClamAV 0.94.1 2008.12.24 -
Comodo 809 2008.12.24 -
DrWeb 4.44.0.09170 2008.12.24 -
eSafe 7.0.17.0 2008.12.23 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.24 -
F-Prot 4.4.4.56 2008.12.24 -
[B]F-Secure 8.0.14332.0 2008.12.24 Trojan-Downloader.Win32.FraudLoad.vepo[/B]
Fortinet 3.117.0.0 2008.12.24 -
GData 19 2008.12.24 -
Ikarus T3.1.1.45.0 2008.12.24 -
K7AntiVirus 7.10.564 2008.12.24 -
[B]Kaspersky 7.0.0.125 2008.12.24 Trojan-Downloader.Win32.FraudLoad.vepo[/B]
McAfee 5473 2008.12.23 -
McAfee+Artemis 5473 2008.12.23 -
Microsoft 1.4205 2008.12.24 -
NOD32 3716 2008.12.24 -
Norman 5.80.02 2008.12.23 -
Panda 9.0.0.4 2008.12.24 -
PCTools 4.4.2.0 2008.12.24 -
[B]Prevx1 V2 2008.12.24 Fraudulent Security Program[/B]
Rising 21.09.22.00 2008.12.24 -
[B]SecureWeb-Gateway 6.7.6 2008.12.24 Trojan.Crypt.XPACK.Gen[/B]
Sophos 4.37.0 2008.12.24 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.24 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.24 -
VBA32 3.12.8.10 2008.12.23 -
ViRobot 2008.12.24.1534 2008.12.24 -
VirusBuster 4.5.11.0 2008.12.24 -[/CODE]
Дополнительная информация
File size: 126976 bytes
MD5...: b486518c2aeda4c0dcdbaca4a061bd1e
SHA1..: 77f72f5feb2d1be02049197fb331fcf7e00da8e3
SHA256: 5a21d6f8f556f688e8829ff1c03c08a370aa15febe7174bd44b35ddc2a10021b
SHA512: 7f293e0150ff4e95a1fd872dd31bf8f57b74fdd0fa47632e0b8f6945bd373767
497b8d8ee32eb0b5c7219b92261f7525c46d6190aa57be78c3abe03b0defec77
ssdeep: 1536:rGMf78rLmBMWP4pNm6EaFOk4xuqFIxMIelYu8ksYANGgV9waPgO:rqLm1x3
kyKfNGs9waP
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)
PEInfo: PE Structure information

[size="1"][color="#666686"][B][I]Добавлено через 10 часов 19 минут[/I][/B][/color][/size]

Файл 013 получен 2008.12.25 01:26:40 (CET)
Текущий статус: закончено
Результат: 4/39 (10.26%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2008.12.24 -
AhnLab-V3 2008.12.25.0 2008.12.25 -
AntiVir 7.9.0.45 2008.12.24 -
Authentium 5.1.0.4 2008.12.24 -
Avast 4.8.1281.0 2008.12.24 -
AVG 8.0.0.199 2008.12.24 -
BitDefender 7.2 2008.12.25 -
CAT-QuickHeal 10.00 2008.12.24 -
ClamAV 0.94.1 2008.12.24 -
Comodo 809 2008.12.24 -
DrWeb 4.44.0.09170 2008.12.25 -
[B]eSafe 7.0.17.0 2008.12.24 Suspicious File[/B]
[B]eTrust-Vet 31.6.6276 2008.12.24 Win32/Kvol!generic[/B]
Ewido 4.0 2008.12.24 -
F-Prot 4.4.4.56 2008.12.24 -
F-Secure 8.0.14332.0 2008.12.24 -
Fortinet 3.117.0.0 2008.12.25 -
GData 19 2008.12.25 -
Ikarus T3.1.1.45.0 2008.12.24 -
K7AntiVirus 7.10.564 2008.12.24 -
Kaspersky 7.0.0.125 2008.12.25 -
McAfee 5474 2008.12.24 -
McAfee+Artemis 5474 2008.12.24 -
[B]Microsoft 1.4205 2008.12.25 Trojan:Win32/Boaxxe.J[/B]
NOD32 3716 2008.12.24 -
Norman 5.80.02 2008.12.24 -
Panda 9.0.0.4 2008.12.24 -
PCTools 4.4.2.0 2008.12.24 -
Prevx1 V2 2008.12.25 -
[B]Rising 21.09.22.00 2008.12.24 Trojan.Win32.Undef.vey[/B]
SecureWeb-Gateway 6.7.6 2008.12.24 -
Sophos 4.37.0 2008.12.24 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.25 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.24 -
VBA32 3.12.8.10 2008.12.24 -
ViRobot 2008.12.24.1534 2008.12.24 -
VirusBuster 4.5.11.0 2008.12.24 -[/QUOTE]
Дополнительная информация
File size: 123392 bytes
MD5...: b66b6ee78cb727fb2e006ff70ae29c2c
SHA1..: 48c47d6b404b0dfd4b28d1d259b7ad213d2d19b7
SHA256: 919ca217f10841f9850f81ddcd66ab5825c6ccbdda9c4d08c383e647df5257cb
SHA512: 9db0b6ba0976cee4ac11153440a8f6bba46fdb0349473fd1bdfbc6f98ae1e6cf
622db784a50e09a4dc65a7030161f52207c4d1732c4814c92a3b107ad0cdac66
ssdeep: 3072:sXJbIA7dlf/CKmusfsJXflHji57VPJT45Oeakm2Wm8UgQ:sPlfifsZflDW7
VPJUYeC27g
PEiD..: -

Файл 123 получен 2008.12.25 01:28:31 (CET)
Текущий статус: закончено
Результат: 3/39 (7.7%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2008.12.24 -
AhnLab-V3 2008.12.25.0 2008.12.25 -
[B]AntiVir 7.9.0.45 2008.12.24 HEUR/HTML.Malware[/B]
Authentium 5.1.0.4 2008.12.24 -
Avast 4.8.1281.0 2008.12.24 -
AVG 8.0.0.199 2008.12.24 -
BitDefender 7.2 2008.12.25 -
CAT-QuickHeal 10.00 2008.12.24 -
ClamAV 0.94.1 2008.12.24 -
Comodo 809 2008.12.24 -
DrWeb 4.44.0.09170 2008.12.25 -
eSafe 7.0.17.0 2008.12.24 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.24 -
F-Prot 4.4.4.56 2008.12.24 -
F-Secure 8.0.14332.0 2008.12.24 -
Fortinet 3.117.0.0 2008.12.25 -
GData 19 2008.12.25 -
Ikarus T3.1.1.45.0 2008.12.24 -
K7AntiVirus 7.10.564 2008.12.24 -
Kaspersky 7.0.0.125 2008.12.25 -
McAfee 5474 2008.12.24 -
McAfee+Artemis 5474 2008.12.24 -
Microsoft 1.4205 2008.12.25 -
NOD32 3716 2008.12.24 -
Norman 5.80.02 2008.12.24 -
Panda 9.0.0.4 2008.12.24 -
PCTools 4.4.2.0 2008.12.24 -
Prevx1 V2 2008.12.25 -
Rising 21.09.22.00 2008.12.24 -
[B]SecureWeb-Gateway 6.7.6 2008.12.24 Heuristic.HTML.Malware
Sophos 4.37.0 2008.12.24 Mal/ObfJS-M[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.25 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.24 -
VBA32 3.12.8.10 2008.12.24 -
ViRobot 2008.12.24.1534 2008.12.24 -
VirusBuster 4.5.11.0 2008.12.24 -[/QUOTE]
Дополнительная информация
File size: 6337 bytes
MD5...: 811a08c39ec469f69d5fe5707ca75e06
SHA1..: c00815cf1d42cb23f0ab00083df697a46c83bd86
SHA256: 43663188b7bed172bbd04c39d4c16d8b1a7de354c08a97be840d47ef2d004d22
SHA512: 9afc18ae38b4719b769f72e391f7a5b8fbc182cbab3eb802b0ba68cb19b3ce27
146a7bd0f3d91541021d5f771b903ea2f4f1cf75d4444326ad2cbbf3d0833107
ssdeep: 192:53yPKA6lw/RPTmeX+RJcOR3aS0MCk4sSAq1:/lgIDcOR3aFrbSy
PEiD..: -
TrID..: File type identification
GZipped File (100.0%)
PEInfo: -
packers (F-Prot): packed
25.12.2008, 13:06
Shu_b

File ethtuhbi.sys received on 12.25.2008 10:55:13 (CET)
[CODE]Antivirus Version Last Update Result
a-squared 4.0.0.73 2008.12.25 -
AhnLab-V3 2008.12.25.0 2008.12.25 -
AntiVir 7.9.0.45 2008.12.24 -
[B]Authentium 5.1.0.4 2008.12.25 W32/SpamAgent.B.gen!Eldorado[/B]
Avast 4.8.1281.0 2008.12.24 -
AVG 8.0.0.199 2008.12.24 -
BitDefender 7.2 2008.12.25 -
CAT-QuickHeal 10.00 2008.12.24 -
ClamAV 0.94.1 2008.12.24 -
Comodo 811 2008.12.25 -
DrWeb 4.44.0.09170 2008.12.25 -
eSafe 7.0.17.0 2008.12.24 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.24 -
[B]F-Prot 4.4.4.56 2008.12.24 W32/SpamAgent.B.gen!Eldorado[/B]
F-Secure 8.0.14332.0 2008.12.25 -
Fortinet 3.117.0.0 2008.12.25 -
GData 19 2008.12.25 -
Ikarus T3.1.1.45.0 2008.12.25 -
K7AntiVirus 7.10.564 2008.12.24 -
Kaspersky 7.0.0.125 2008.12.25 -
McAfee 5474 2008.12.24 -
McAfee+Artemis 5474 2008.12.24 -
[B]Microsoft 1.4205 2008.12.25 Spammer:Win32/Rlsloup.B[/B]
NOD32 3716 2008.12.24 -
Norman 5.80.02 2008.12.24 -
Panda 9.0.0.4 2008.12.24 -
PCTools 4.4.2.0 2008.12.24 -
Prevx1 V2 2008.12.25 -
Rising 21.09.32.00 2008.12.25 -
[B]SecureWeb-Gateway 6.7.6 2008.12.24 Win32.LooksLike.NewMalware[/B]
Sophos 4.37.0 2008.12.25 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.25 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.25 -
VBA32 3.12.8.10 2008.12.24 -
ViRobot 2008.12.24.1534 2008.12.24 -
VirusBuster 4.5.11.0 2008.12.24 -[/CODE]
Additional information
File size: 135616 bytes
MD5...: 16b0de9de1433d3be401c72d128d02ab
26.12.2008, 16:49
PavelA

Из [url]http://virusinfo.info/showthread.php?t=36231[/url]
Файл avz00003.dta (c:\windows\system32\iasapi.dll) получен 2008.12.26 14:43:06 (CET)Антивирус Версия Обновление Результат
[CODE]
[B]a-squared 4.0.0.73 2008.12.26 Virus.Win32.Dialer.1313!IK [/B]
AhnLab-V3 2008.12.25.0 2008.12.26 -
AntiVir 7.9.0.45 2008.12.25 -
[B]Authentium 5.1.0.4 2008.12.25 W32/Heuristic-KPP!Eldorado [/B]
Avast 4.8.1281.0 2008.12.26 -
AVG 8.0.0.199 2008.12.25 -
BitDefender 7.2 2008.12.26 -
CAT-QuickHeal 10.00 2008.12.26 -
ClamAV 0.94.1 2008.12.26 -
Comodo 819 2008.12.26 -
DrWeb 4.44.0.09170 2008.12.26 -
eSafe 7.0.17.0 2008.12.24 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.26 -
[B]F-Prot 4.4.4.56 2008.12.24 W32/Heuristic-KPP!Eldorado[/B]
F-Secure 8.0.14332.0 2008.12.26 -
Fortinet 3.117.0.0 2008.12.26 -
GData 19 2008.12.26 -
[B]Ikarus T3.1.1.45.0 2008.12.26 Virus.Win32.Dialer.1313 [/B]
K7AntiVirus 7.10.567 2008.12.26 -
Kaspersky 7.0.0.125 2008.12.26 -
McAfee 5474 2008.12.24 -
McAfee+Artemis 5474 2008.12.24 -
Microsoft 1.4205 2008.12.26 -
NOD32 3718 2008.12.26 -
Norman 5.80.02 2008.12.26 -
[B]Panda 9.0.0.4 2008.12.26 Suspicious file [/B]
PCTools 4.4.2.0 2008.12.26 -
Prevx1 V2 2008.12.26 -
[B]Rising 21.09.42.00 2008.12.26 Backdoor.Win32.Drwolf.sp [/B]
SecureWeb-Gateway 6.7.6 2008.12.25 -
Sophos 4.37.0 2008.12.26 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.26 -
TheHacker 6.3.1.4.199 2008.12.23 -
TrendMicro 8.700.0.1004 2008.12.26 -
VBA32 3.12.8.10 2008.12.25 -
ViRobot 2008.12.26.1536 2008.12.26 -
VirusBuster 4.5.11.0 2008.12.25 - [/CODE]
27.12.2008, 22:23
senyak

Файл spyprotector_install.exe получен 2008.12.27 20:19:25 (CET)
Текущий статус: закончено
Результат: 8/39 (20.52%)
[code]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2008.12.27 Trojan.Win32.FakePowav!IK[/B]
AhnLab-V3 2008.12.25.0 2008.12.27 -
AntiVir 7.9.0.45 2008.12.27 -
Authentium 5.1.0.4 2008.12.27 -
Avast 4.8.1281.0 2008.12.27 -
AVG 8.0.0.199 2008.12.26 -
BitDefender 7.2 2008.12.27 -
CAT-QuickHeal 10.00 2008.12.27 -
ClamAV 0.94.1 2008.12.27 -
Comodo 826 2008.12.27 -
DrWeb 4.44.0.09170 2008.12.27 -
eSafe 7.0.17.0 2008.12.24 -
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.27 -
F-Prot 4.4.4.56 2008.12.26 -
F-Secure 8.0.14332.0 2008.12.27 -
Fortinet 3.117.0.0 2008.12.27 -
GData 19 2008.12.27 -
[B]Ikarus T3.1.1.45.0 2008.12.27 Trojan.Win32.FakePowav[/B]
K7AntiVirus 7.10.568 2008.12.27 -
[B]Kaspersky 7.0.0.125 2008.12.27 Trojan-Downloader.Win32.FraudLoad.veuz[/B]
McAfee 5476 2008.12.27 -
[B]McAfee+Artemis 5476 2008.12.27 Generic!Artemis
Microsoft 1.4205 2008.12.27 Trojan:Win32/FakePowav[/B]
NOD32 3719 2008.12.27 -
Norman 5.80.02 2008.12.26 -
[B]Panda 9.0.0.4 2008.12.27 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.27 -
Prevx1 V2 2008.12.27 -
Rising 21.09.52.00 2008.12.27 -
SecureWeb-Gateway 6.7.6 2008.12.27 -
Sophos 4.37.0 2008.12.27 -
[B]Sunbelt 3.2.1809.2 2008.12.22 SpyProtector[/B]
Symantec 10 2008.12.27 -
TheHacker 6.3.1.4.200 2008.12.26 -
TrendMicro 8.700.0.1004 2008.12.26 -
[B]VBA32 3.12.8.10 2008.12.27 suspected of Win32.Trojan.Downloader ([url]http://.[/url]..)[/B]
ViRobot 2008.12.26.1536 2008.12.26 -
VirusBuster 4.5.11.0 2008.12.27 -[/code]
Дополнительная информация
File size: 40960 bytes
MD5...: 40679e7b2a24ce3d77c03cab6825afd3
SHA1..: 6d69883bbe07c5299d4bb451fde1b15e2043e089
SHA256: 0cbaa8bd54a9e128b0d9ca8abc97625c6bfbfd6bbe0012597689786e7083900e
SHA512: 48d855acff787c54e3dedd8a5039d71358e925fac61dbbc701b62c66c997c1bc
c7681e86baa50745ded62fe83ddbaacd15b6811f2814b2b76da7ac548894887b
ssdeep: 384:Xd9gNeB1Gn3yRdYlr9EWvwsbsGmlBDAQ0F21xulpdGagoeraMDUdlCy:s4B1
G3Yd2r9F490F21xOpUZollC
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
30.12.2008, 12:30
PavelA

userinit.exe вот такой попался в "Помогите!"
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2008.12.30 -
AhnLab-V3 2008.12.30.2 2008.12.30 -
[B]AntiVir 7.9.0.45 2008.12.30 TR/Crypt.FKM.Gen [/B]
Authentium 5.1.0.4 2008.12.29 -
Avast 4.8.1281.0 2008.12.29 -
AVG 8.0.0.199 2008.12.29 -
[B]BitDefender 7.2 2008.12.30 DeepScan:Generic.Malware.FPB.E71D9A1E
CAT-QuickHeal 10.00 2008.12.30 (Suspicious) - DNAScan [/B]
ClamAV 0.94.1 2008.12.30 -
Comodo 837 2008.12.29 -
DrWeb 4.44.0.09170 2008.12.30 -
[B]eSafe 7.0.17.0 2008.12.28 Suspicious File [/B]
eTrust-Vet 31.6.6281 2008.12.29 -
Ewido 4.0 2008.12.30 -
F-Prot 4.4.4.56 2008.12.29 -
F-Secure 8.0.14470.0 2008.12.30 -
Fortinet 3.117.0.0 2008.12.30 -
[B]GData 19 2008.12.30 DeepScan:Generic.Malware.FPB.E71D9A1E [/B]
Ikarus T3.1.1.45.0 2008.12.30 -
K7AntiVirus 7.10.569 2008.12.29 -
Kaspersky 7.0.0.125 2008.12.30 -
McAfee 5478 2008.12.29 -
McAfee+Artemis 5478 2008.12.29 -
Microsoft 1.4205 2008.12.30 -
NOD32 3722 2008.12.29 -
Norman 5.80.02 2008.12.29 -
Panda 9.0.0.4 2008.12.29 -
[B]PCTools 4.4.2.0 2008.12.29 Packed/Execryptor [/B]
Prevx1 V2 2008.12.30 -
Rising 21.10.12.00 2008.12.30 -
[B]SecureWeb-Gateway 6.7.6 2008.12.30 Trojan.Crypt.FKM.Gen [/B]
Sophos 4.37.0 2008.12.30 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.30 -
TheHacker 6.3.1.4.202 2008.12.30 -
TrendMicro 8.700.0.1004 2008.12.30 -
[B]VBA32 3.12.8.10 2008.12.30 BScope.Trojan-PSW.OnlineGames [/B]
ViRobot 2008.12.30.1540 2008.12.30 -
VirusBuster 4.5.11.0 2008.12.29 Packed [/CODE]
31.12.2008, 13:03
Shu_b

File msqpdxymrdbbml.sys received on 12.31.2008 10:50:27 (CET)
[CODE]Antivirus Version Last Update Result
a-squared 4.0.0.73 2008.12.31 -
AhnLab-V3 2008.12.31.0 2008.12.31 -
AntiVir 7.9.0.45 2008.12.31 -
Authentium 5.1.0.4 2008.12.30 -
Avast 4.8.1281.0 2008.12.30 -
AVG 8.0.0.199 2008.12.30 -
BitDefender 7.2 2008.12.31 -
CAT-QuickHeal 10.00 2008.12.31 -
ClamAV 0.94.1 2008.12.31 -
Comodo 851 2008.12.31 -
DrWeb 4.44.0.09170 2008.12.31 -
[B]eSafe 7.0.17.0 2008.12.30 Suspicious File[/B]
eTrust-Vet 31.6.6284 2008.12.31 -
Ewido 4.0 2008.12.30 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2008.12.31 -
Fortinet 3.117.0.0 2008.12.31 -
GData 19 2008.12.31 -
Ikarus T3.1.1.45.0 2008.12.31 -
K7AntiVirus 7.10.571 2008.12.30 -
[B]Kaspersky 7.0.0.125 2008.12.31 Trojan.Win32.Pakes.mmb[/B]
McAfee 5479 2008.12.30 -
McAfee+Artemis 5479 2008.12.30 -
[B]Microsoft 1.4205 2008.12.31 Trojan:WinNT/Alureon.C[/B]
NOD32 3725 2008.12.31 -
Norman 5.80.02 2008.12.30 -
Panda 9.0.0.4 2008.12.30 -
PCTools 4.4.2.0 2008.12.30 -
Prevx1 V2 2008.12.31 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Trojan.LooksLike.Agent[/B]
Sophos 4.37.0 2008.12.31 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.202 2008.12.30 -
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2008.12.30 -
ViRobot 2008.12.30.1540 2008.12.31 -
VirusBuster 4.5.11.0 2008.12.30 -[/CODE]
Additional information
File size: 71680 bytes
MD5...: 22bab406e1d25cb3dd45480e96cd3dd7

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File twex.exe received on 12.31.2008 10:58:38 (CET)
[CODE]Antivirus Version Last Update Result
a-squared 4.0.0.73 2008.12.31 -
AhnLab-V3 2008.12.31.0 2008.12.31 -
AntiVir 7.9.0.45 2008.12.31 -
Authentium 5.1.0.4 2008.12.30 -
Avast 4.8.1281.0 2008.12.30 -
[B]AVG 8.0.0.199 2008.12.30 Win32/Cryptor[/B]
BitDefender 7.2 2008.12.31 -
CAT-QuickHeal 10.00 2008.12.31 -
ClamAV 0.94.1 2008.12.31 -
Comodo 851 2008.12.31 -
DrWeb 4.44.0.09170 2008.12.31 -
eTrust-Vet 31.6.6284 2008.12.31 -
Ewido 4.0 2008.12.30 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2008.12.31 -
Fortinet 3.117.0.0 2008.12.31 -
GData 19 2008.12.31 -
Ikarus T3.1.1.45.0 2008.12.31 -
K7AntiVirus 7.10.571 2008.12.30 -
[B]Kaspersky 7.0.0.125 2008.12.31 Trojan-Spy.Win32.Zbot.jbq[/B]
McAfee 5479 2008.12.30 -
McAfee+Artemis 5479 2008.12.30 -
[B]Microsoft 1.4205 2008.12.31 Trojan:Win32/Zbot.BX[/B]
NOD32 3725 2008.12.31 -
[B]Norman 5.80.02 2008.12.30 W32/Malware.EXHS[/B]
Panda 9.0.0.4 2008.12.30 -
PCTools 4.4.2.0 2008.12.30 -
Prevx1 V2 2008.12.31 -
Rising 21.10.22.00 2008.12.31 -
SecureWeb-Gateway 6.7.6 2008.12.31 -
Sophos 4.37.0 2008.12.31 -
[B]Sunbelt 3.2.1809.2 2008.12.22 RiskTool.Win32.ProcessPatcher.Nor!cobra (v)[/B]
[B]Symantec 10 2008.12.31 Infostealer.Banker.C[/B]
TheHacker 6.3.1.4.202 2008.12.30 -
TrendMicro 8.700.0.1004 2008.12.31 -
[B]VBA32 3.12.8.10 2008.12.30 Trojan-Spy.Win32.Zbot.iva[/B]
ViRobot 2008.12.30.1540 2008.12.31 -
VirusBuster 4.5.11.0 2008.12.30 -[/CODE]
Additional information
File size: 313344 bytes
MD5...: 0f01dcbbbf388a636a6126aa27a7eefd
31.12.2008, 14:22
senyak

Файл keymaker.exe получен 2008.12.31 12:14:14 (CET)
Текущий статус: закончено
Результат: 19/38 (50%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2008.12.31 Trojan.Crypt!IK[/B]
AhnLab-V3 2008.12.31.0 2008.12.31 -
[B]AntiVir 7.9.0.45 2008.12.31 TR/PCK.Black.A.1550[/B]
Authentium 5.1.0.4 2008.12.30 -
[B]Avast 4.8.1281.0 2008.12.30 Win32:Trojan-gen {Other}
AVG 8.0.0.199 2008.12.31 Win32/Themida
BitDefender 7.2 2008.12.31 Trojan.Packed.45180[/B]
CAT-QuickHeal 10.00 2008.12.31 -
ClamAV 0.94.1 2008.12.31 -
[B]Comodo 851 2008.12.31 TrojWare.Win32.Trojan.Black.~DW
DrWeb 4.44.0.09170 2008.12.31 Trojan.Packed.650[/B]
eTrust-Vet 31.6.6284 2008.12.31 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2008.12.30 -
[B]F-Secure 8.0.14470.0 2008.12.31 Packed.Win32.Black.a[/B]
[B]Fortinet 3.117.0.0 2008.12.31 W32/Black.A
GData 19 2008.12.31 Trojan.Packed.45180
Ikarus T3.1.1.45.0 2008.12.31 Trojan.Crypt[/B]
K7AntiVirus 7.10.571 2008.12.30 -
[B]Kaspersky 7.0.0.125 2008.12.31 Packed.Win32.Black.a
McAfee 5479 2008.12.30 New Malware.jn
McAfee+Artemis 5479 2008.12.30 New Malware.jn[/B]
Microsoft 1.4205 2008.12.31 -
NOD32 3725 2008.12.31 -
Norman 5.80.02 2008.12.30 -
[B]Panda 9.0.0.4 2008.12.31 Trj/Downloader.MDW[/B]
PCTools 4.4.2.0 2008.12.30 -
Prevx1 V2 2008.12.31 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Trojan.PCK.Black.A.1550
Sophos 4.37.0 2008.12.31 Mal/Generic-A[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
[B]TheHacker 6.3.1.4.202 2008.12.30 W32/Behav-Heuristic-064[/B]
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2008.12.30 -
[B]ViRobot 2008.12.30.1540 2008.12.31 Spyware.Black.Packed.3548672[/B]
VirusBuster 4.5.11.0 2008.12.30 -[/QUOTE]
Дополнительная информация
File size: 3548672 bytes
MD5...: 3af1caa3206f513a77da611090f40aaf
SHA1..: 118e9d68783914b1c43514b1e9ea1f4b47c3a2de
SHA256: 910aefe6873d1927c88a5ab5a325112c69365031793d063aa11c2482081bd801
SHA512: e7ce86335b5d601273b21af12102531846463be3fe69e996ca3d5f14254db4f6
d65edddb4a98b89af63cac122b1eb20d87be7f83b3f5eef9777d3d9f98d1a1de
ssdeep: 98304:7IHZSbtE2IikOAY9Q5BzxYWZlV+tG5JhiyTcrBb5p:UHZSy2Ii/9ABNV+t
Gp89b5p
PEiD..: -
31.12.2008, 15:23
Shu_b

Вложений: 1

итого за декабрь:
02.01.2009, 06:26
senyak

Файл Patch_AML_v472_b30400.exe получен 2009.01.02 04:09:50 (CET)
Текущий статус: закончено
Результат: 14/38 (36.85%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2008.12.31 -
AhnLab-V3 2008.12.31.0 2009.01.01 -
AntiVir 7.9.0.45 2009.01.01 -
[B]Authentium 5.1.0.4 2009.01.01 W32/Heuristic-210!Eldorado
Avast 4.8.1281.0 2009.01.01 Win32:Adware-gen[/B]
AVG 8.0.0.199 2008.12.31 -
BitDefender 7.2 2009.01.02 -
[B]CAT-QuickHeal 10.00 2009.01.02 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.01.02 -
Comodo 851 2008.12.31 -
DrWeb 4.44.0.09170 2009.01.02 -
eTrust-Vet 31.6.6287 2009.01.01 -
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2008.12.30 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.01.02 AdWare.Win32.Zhongsou.l
Fortinet 3.117.0.0 2009.01.02 Adware/Zhongsou
GData 19 2008.12.31 Win32:Adware-gen [/B]
Ikarus T3.1.1.45.0 2009.01.02 -
K7AntiVirus 7.10.572 2008.12.31 -
[B]Kaspersky 7.0.0.125 2009.01.02 not-a-virus:AdWare.Win32.Zhongsou.l[/B]
McAfee 5481 2009.01.02 -
[B]McAfee+Artemis 5479 2008.12.30 potentially unwanted program Generic!Artemis[/B]
Microsoft 1.4205 2009.01.01 -
NOD32 3725 2008.12.31 -
[B]Norman 5.80.02 2009.01.01 W32/Zhongsou.DF[/B]
Panda 9.0.0.4 2009.01.01 -
PCTools 4.4.2.0 2008.12.31 -
Prevx1 V2 2009.01.02 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Win32.Malware.gen (suspicious)[/B]
Sophos 4.37.0 2009.01.02 -
[B]Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious[/B]
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2008.12.31 -
[B]VBA32 3.12.8.10 2009.01.01 AdWare.Win32.Zhongsou.l
ViRobot 2008.12.30.1540 2008.12.31 Adware.Zhongsou.411648[/B]
VirusBuster 4.5.11.0 2009.01.01 -[/QUOTE]
Дополнительная информация
File size: 411648 bytes
MD5...: f0cfc6ddbcf829cbeae1e1978e0d7d50
SHA1..: 8f1f1727c1481ac551409972bd7bb2c236fd77ff
SHA256: fecb0a5defe81c65665af042ce058786e49aaa3ee3de7388fa24196947ed1808
SHA512: 61c15d34efa6c62979978af2518c1596a258ae0d683bc1e4fb0822d8e1f92265
69f439427be517587854d51808f0389006cdb23eeb192c1e0f8064884f4e9246
ssdeep: 12288:TZwCT33yW+yimmz2gXFo6nmNtTirdMwEoQK:twCDyW+W42WeTEdMw3d
PEiD..: ASProtect v1.23 RC1
03.01.2009, 14:40
antanta

bobmid.exe , выловлен 30-го декабря прошлого года.

[quote]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 MemScanTrojan.Downloader.JKFL!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.02 -
[B]AntiVir 7.9.0.45 2009.01.02 HEUR/Crypted[/B]
[B]Authentium 5.1.0.4 2009.01.02 W32/Heuristic-THX!Eldorado[/B]
[B]Avast 4.8.1281.0 2009.01.03 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.199 2009.01.02 -
BitDefender 7.2 2009.01.03 -
[B]CAT-QuickHeal 10.00 2009.01.03 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.01.03 -
Comodo 866 2009.01.02 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.02 W32/Heuristic-THX!Eldorado[/B]
F-Secure 8.0.14470.0 2009.01.03 -
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2009.01.03 Win32:Trojan-gen {Other}[/B]
[B]Ikarus T3.1.1.45.0 2009.01.03 MemScanTrojan.Downloader.JKFL[/B]
K7AntiVirus 7.10.572 2009.01.02 -
Kaspersky 7.0.0.125 2009.01.03 -
McAfee 5482 2009.01.02 -
McAfee+Artemis 5482 2009.01.02 -
Microsoft 1.4205 2009.01.03 -
NOD32 3733 2009.01.02 -
Norman 5.80.02 2009.01.02 -
Panda 9.0.0.4 2009.01.02 -
PCTools 4.4.2.0 2009.01.02 -
Prevx1 V2 2009.01.03 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Heuristic.Crypted[/B]
[B]Sophos 4.37.0 2009.01.03 Sus/UnkPacker[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.03 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.02 -[/quote]

ЗЫ: А что делать с файлами, которые 99,99 % зловреды, и при этом никем не определяются? Каждый час их закидывать на virustotal, чтобы увидеть, кто первым в базы занес? :)
03.01.2009, 16:34
senyak

Файл autorun21 получен 2009.01.03 14:25:56 (CET)
Текущий статус: закончено
Результат: 19/36 (52.78%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Worm.Win32.AutoRun!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Autorun.LD
Authentium 5.1.0.4 2009.01.03 IS/Autorun
Avast 4.8.1281.0 2009.01.03 Win32:AutoRun-HL[/B]
AVG 8.0.0.199 2009.01.02 -
[B]BitDefender 7.2 2009.01.03 Trojan.Autorun.LD[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
[B]Comodo 869 2009.01.03 Win32.AutoRun.NS
DrWeb 4.44.0.09170 2009.01.03 Win32.HLLW.Autoruner.937
eTrust-Vet 31.6.6289 2009.01.02 INF/SillyAutorun.AE[/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 IS/Autorun[/B]
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2009.01.03 Trojan.Autorun.LD
Ikarus T3.1.1.45.0 2009.01.03 Worm.Win32.AutoRun[/B]
K7AntiVirus 7.10.575 2009.01.03 -
[B]Kaspersky 7.0.0.125 2009.01.03 Worm.Win32.AutoRun.acm[/B]
McAfee 5482 2009.01.02 -
McAfee+Artemis 5482 2009.01.02 -
Microsoft 1.4205 2009.01.03 -
[B]NOD32 3733 2009.01.02 Win32/AutoRun.NS
Norman 5.80.02 2009.01.02 BAT/AutoRun.AE[/B]
Panda 9.0.0.4 2009.01.03 -
PCTools 4.4.2.0 2009.01.03 -
Prevx1 V2 2009.01.03 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Autorun.LD
Sophos 4.37.0 2009.01.03 W32/AutoRun-AC[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.03 -
[B]TheHacker 6.3.1.4.204 2009.01.02 Trojan/Small.autorun
TrendMicro 8.700.0.1004 2009.01.02 Mal_Otorun1[/B]
ViRobot 2009.1.3.1541 2009.01.03 -
[B]VirusBuster 4.5.11.0 2009.01.02 INF.Autorun.Gen[/B][/QUOTE]
Дополнительная информация
File size: 315 bytes
MD5...: 57a9674adaea24a4a7d9d33b77438141
SHA1..: d9730e3b9c8322cfd3d758c455a169c4d8ce8324
SHA256: 43e8a337f8aa86644f21d8c9f80ca5ff9a2240756037f86a397b43255167f0eb
SHA512: b3a5c92f240231da4796b30b4e9399487d19ef5cb64d28ac486a6098e55c0d91
980369f31665b59f5c9ed58404372dae655e25b49853f600f36828e08192d8b4
ssdeep: 6:e1KhiDqsrV6q0TMWcWuFH6voq6swZ1wZewWcWuFHHeCyry:ZwNyMRIw3wQwRne
03.01.2009, 23:19
antanta

Файл TXPlatform.exe получен 2009.01.03 17:29:29 (CET)
Текущий статус: закончено
Результат: 12/38 (31.58%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.03 -
[B]AhnLab-V3 2008.12.31.0 2009.01.03 Win32/MalPackedB.suspicious
AntiVir 7.9.0.45 2009.01.02 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Adware-gen
AVG 8.0.0.199 2009.01.02 Win32/Heur[/B]
[B]BitDefender 7.2 2009.01.03 Backdoor.Hupigon.AYGZ[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.03 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
F-Secure 8.0.14470.0 2009.01.03 -
[B]Fortinet 3.117.0.0 2009.01.03 suspicious
GData 19 2009.01.03 Backdoor.Hupigon.AYGZ[/B]
Ikarus T3.1.1.45.0 2009.01.03 -
K7AntiVirus 7.10.575 2009.01.03 -
Kaspersky 7.0.0.125 2009.01.03 -
McAfee 5483 2009.01.03 -
[B]McAfee+Artemis 5483 2009.01.03 Generic!Artemis[/B]
Microsoft 1.4205 2009.01.03 -
[B]NOD32 3733 2009.01.02 a variant of Win32/Adware.Antivirus2008[/B]
Norman 5.80.02 2009.01.02 -
[B]Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2009.01.03 -
[B]Prevx1 V2 2009.01.03 Cloaked Malware[/B]
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Crypt.XPACK.Gen[/B]
Sophos 4.37.0 2009.01.03 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.03 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -
Дополнительная информация[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 6 минут[/I][/B][/color][/size]

Файл LBXQFASTABPDN.EXE получен 2009.01.03 17:38:55 (CET)
Текущий статус: закончено
Результат: 15/38 (39.48%)

[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2008.12.31 Virus.Win32.Agent.OQV!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Crypt.CFI.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Agent-OQV
AVG 8.0.0.199 2008.12.31 Generic3.AFDC[/B]
[B]BitDefender 7.2 2009.01.03 Dropped:Adware.AdMoke.FA[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
Comodo 851 2008.12.31 -
[B]DrWeb 4.44.0.09170 2009.01.03 BackDoor.Scrum.origin[/B]
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2009.01.03 -
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2008.12.31 Dropped:Adware.AdMoke.FA
Ikarus T3.1.1.45.0 2009.01.03 Virus.Win32.Agent.OQV[/B]
K7AntiVirus 7.10.572 2008.12.31 -
Kaspersky 7.0.0.125 2009.01.03 -
[B]McAfee 5483 2009.01.03 potentially unwanted program Generic PUP
McAfee+Artemis 5479 2008.12.30 potentially unwanted program Generic PUP
Microsoft 1.4205 2009.01.03 Trojan:Win32/Daekom.A
NOD32 3725 2008.12.31 a variant of Win32/Adware.MoKeAD[/B]
Norman 5.80.02 2009.01.02 -
[B]Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.31 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Trojan.Crypt.CFI.Gen[/B]
[B]Sophos 4.37.0 2009.01.03 Sus/Behav-269[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2008.12.30.1540 2008.12.31 -[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 28 минут[/I][/B][/color][/size]

Встречаем братца.
[QUOTE]Файл LBXQFASTABPDN.EXE получен 2009.01.03 17:38:55 (CET)
Текущий статус: закончено
Результат: 15/38 (39.47%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2008.12.31 Virus.Win32.Agent.OQV!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Crypt.CFI.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Agent-OQV
AVG 8.0.0.199 2008.12.31 Generic3.AFDC
BitDefender 7.2 2009.01.03 Dropped:Adware.AdMoke.FA[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
Comodo 851 2008.12.31 -
[B]DrWeb 4.44.0.09170 2009.01.03 BackDoor.Scrum.origin[/B]
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2009.01.03 -
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2008.12.31 Dropped:Adware.AdMoke.FA
Ikarus T3.1.1.45.0 2009.01.03 Virus.Win32.Agent.OQV[/B]
K7AntiVirus 7.10.572 2008.12.31 -
Kaspersky 7.0.0.125 2009.01.03 -
[B]McAfee 5483 2009.01.03 potentially unwanted program Generic PUP
McAfee+Artemis 5479 2008.12.30 potentially unwanted program Generic PUP
Microsoft 1.4205 2009.01.03 Trojan:Win32/Daekom.A
NOD32 3725 2008.12.31 a variant of Win32/Adware.MoKeAD[/B]
Norman 5.80.02 2009.01.02 -
[B]Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.31 -
Prevx1 V2 2009.01.03 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Trojan.Crypt.CFI.Gen[/B]
[B]Sophos 4.37.0 2009.01.03 Sus/Behav-269[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2008.12.30.1540 2008.12.31 -
VirusBuster 4.5.11.0 2009.01.03 -
Дополнительная информация
File size: 224768 bytes
MD5...: 6962277ab908a29957b857193c2d33ac
SHA1..: 7355b40200a37a19a076775011448860b296d127
SHA256: 8c5c067b7ccf3017b48c734149a219be8e6f57778c1cb924a0c9c0af10c7d64b
SHA512: 7fa5df9964dd5828e07e71c71d5ac653a360a70801ee3d2bcac58a071ba78c8d
9a48d656bdcfb940c277a51b7a73f85164e99bac59475bbdadba9374f01bb4ca
ssdeep: 6144:rfUbzKBz0Cu8HmX1aFomxl9BK/LKzF3dLJ/y:onWzI8Hm6rlu/WH
PEiD..: ASPack v2.12
TrID..: File type identification
ASPack compressed Win32 Executable (generic) (85.7%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
Win16/32 Executable Delphi generic (1.3%)
Generic Win/DOS Executable (1.2%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x490001
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x74000 0x2e800 8.00 6c615ff75193c608e3d1e698b0ff239c
DATA 0x75000 0x2000 0xe00 7.57 00711bbcacf81a1dd5473eeb4073e85c
BSS 0x77000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x78000 0x3000 0xe00 7.60 34d429ae6c449747ad3b19444bdd4317
.tls 0x7b000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x7c000 0x1000 0x200 0.20 6d63c0c5b8cb4cd53655fdff98132b6f
.reloc 0x7d000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x86000 0xa000 0x2800 6.86 53a6281c8ef57e16f325c1e176a7a1a4
.aspack 0x90000 0x4000 0x3c00 6.31 3b766a0075942997af4973dbeb3b446c
.adata 0x94000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 13 imports )
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: SysFreeString
> advapi32.dll: RegSetValueExA
> version.dll: VerQueryValueA
> gdi32.dll: UnrealizeObject
> user32.dll: CreateWindowExA
> ole32.dll: CLSIDFromString
> oleaut32.dll: SafeArrayPtrOfIndex
> ole32.dll: CoUninitialize
> oleaut32.dll: GetErrorInfo
> comctl32.dll: ImageList_SetIconSize

( 0 exports )
packers (Kaspersky): ASPack
packers (F-Prot): Aspack
packers (Avast): ASPack

Service & Privacy Policy[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 51 минуту[/I][/B][/color][/size]

Обратите внимание, Касперкому ведом сей упаковшик... Я фшоке

[QUOTE]Файл zyndle081223.exe получен 2009.01.03 20:52:41 (CET)
Текущий статус: закончено
Результат: 31/38 (81.58%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Backdoor.Rbot!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Dropper.Gen
Authentium 5.1.0.4 2009.01.03 W32/Heuristic-210!Eldorado
Avast 4.8.1281.0 2009.01.03 Win32:AutoRun-APU
AVG 8.0.0.199 2009.01.03 Worm/Generic.ROC
BitDefender 7.2 2009.01.03 Generic.Malware.Sdldspg.F2F94788
CAT-QuickHeal 10.00 2009.01.03 Win32.Trojan.Agent.NAL.3[/B]
ClamAV 0.94.1 2009.01.03 -
Comodo 869 2009.01.03 -
[B]DrWeb 4.44.0.09170 2009.01.03 Win32.HLLW.Autoruner.origin
eTrust-Vet 31.6.6289 2009.01.02 Win32/Hotpop!generic[/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.01.03 W32/Packed_Upack.A
Fortinet 3.117.0.0 2009.01.03 PossibleThreat
GData 19 2009.01.03 Generic.Malware.Sdldspg.F2F94788
Ikarus T3.1.1.45.0 2009.01.03 Backdoor.Rbot
K7AntiVirus 7.10.575 2009.01.03 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.01.03 -
[B]McAfee 5483 2009.01.03 New Malware.aj
McAfee+Artemis 5483 2009.01.03 New Malware.n
Microsoft 1.4205 2009.01.03 TrojanSpy:Win32/Hitpop.gen!C
NOD32 3733 2009.01.02 probably a variant of Win32/AutoRun.YE
Norman 5.80.02 2009.01.02 W32/Packed_Upack.A
Panda 9.0.0.4 2009.01.03 Trj/Downloader.MDW
PCTools 4.4.2.0 2009.01.03 Packed/Upack[/B]
Prevx1 V2 2009.01.03 -
[B]Rising 21.10.22.00 2008.12.31 Trojan.DL.Win32.MyDown.beh
SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Dropper.Gen[/B]
[B]Sophos 4.37.0 2009.01.03 Mal/Autorun-C
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious
Symantec 10 2009.01.03 W32.SillyDC
TheHacker 6.3.1.4.204 2009.01.02 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2009.01.02 Possible_OtorunA
VBA32 3.12.8.10 2009.01.03 suspected of Backdoor.XiaoBird.5 (paranoid heuristics)[/B]
ViRobot 2009.1.3.1541 2009.01.03 -
[B]VirusBuster 4.5.11.0 2009.01.03 Packed/Upack[/B]
Дополнительная информация
File size: 36260 bytes
MD5...: e32320ae765ce6a42479169b18b082c7
SHA1..: 4a65f043d2983c21bc38aee1494f2f0b2377b249
SHA256: 4540d79c12c59d800a90e3b49dde7e6b3920d66cc7060f156cd0fb3a9c90321e
SHA512: 1585e6b66270f0ca1e0d9cb9b9d6618a10c0d75874cb8867781a466c4f8b5451
8815f5afe212fddb8411c8c4d0358769b9f9e2d0f8b0a1521d8642292eba430b
ssdeep: 768:RS5rFXi7ZqJHFYAeHA4k0aKPGr7lTSRcdjAegvHqGzQrNImRayvra1GY:RO3
HFntldkqyQrimRY1P
PEiD..: -
TrID..: File type identification
DOS Executable Generic (100.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x701018
timedatestamp.....: 0x7011b0be (Tue Jul 31 15:52:30 2029)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
PS 0x1000 0x1d000 0x1f0 5.34 8fc3a0d705355501676128dd02c17c03
p_jr 0x1e000 0xc000 0x8ba4 7.99 a8523ee649d6c462e6d4f461e7124818
qp 0x2a000 0x1000 0x1f0 5.34 8fc3a0d705355501676128dd02c17c03

( 0 imports )
( 0 exports )
packers (Kaspersky): PE_Patch, UPack
packers (Avast): Upack
packers (Authentium): UPack
packers (F-Prot): UPack[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 11 минут[/I][/B][/color][/size]

Groft, извини, критика была не от тебя :-)
04.01.2009, 04:56
senyak

Файл 123 получен 2009.01.04 02:53:26 (CET)
Текущий статус: закончено
Результат: 4/38 (10.53%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Trojan-SMS!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
AntiVir 7.9.0.45 2009.01.03 -
Authentium 5.1.0.4 2009.01.03 -
Avast 4.8.1281.0 2009.01.03 -
AVG 8.0.0.199 2009.01.03 -
BitDefender 7.2 2009.01.04 -
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.04 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
[B]F-Secure 8.0.14470.0 2009.01.04 Trojan-SMS.J2ME.Konov.f[/B]
Fortinet 3.117.0.0 2009.01.03 -
GData 19 2009.01.04 -
[B]Ikarus T3.1.1.45.0 2009.01.03 Trojan-SMS[/B]
K7AntiVirus 7.10.575 2009.01.03 -
[B]Kaspersky 7.0.0.125 2009.01.04 Trojan-SMS.J2ME.Konov.f[/B]
McAfee 5483 2009.01.03 -
McAfee+Artemis 5483 2009.01.03 -
Microsoft 1.4205 2009.01.03 -
NOD32 3734 2009.01.03 -
Norman 5.80.02 2009.01.02 -
Panda 9.0.0.4 2009.01.03 -
PCTools 4.4.2.0 2009.01.03 -
Prevx1 V2 2009.01.04 -
Rising 21.10.22.00 2008.12.31 -
SecureWeb-Gateway 6.7.6 2009.01.03 -
Sophos 4.37.0 2009.01.04 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.04 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -[/QUOTE]
Дополнительная информация
File size: 2724 bytes
MD5...: fc1e1f0611b0f5b240696fd6aa8e805c
SHA1..: f57c1be1b01ed68b7c61865c81cefd7ab95c7182
SHA256: d5e338df336e02149a1ba376ebc1e2091e4a05c9c9f470a2e1152582ee092dd1
SHA512: 1984fa19f4bb5a709338c86c948c9447bf15621b408105bdbfbe54951ebd6609
1732b611afff2b7daa7cce1dcda9ad4ab0927e91bc793f5f78bc60812734e75d
ssdeep: 48:BiLvqFZ84Sx8scqQOT/gIzANMJvyfHS+b9NpBcpf/9e3oUMH:BiWR/xOc8ANk
Qy+bFBcpfFqJMH
PEiD..: -
04.01.2009, 11:16
antanta

Не спать! Косить!
[QUOTE]Файл zU.exe получен 2009.01.04 09:05:49 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Trojan-Clicker.Win32.Klik!IK
AhnLab-V3 2008.12.31.0 2009.01.03 Win-Trojan/Fakeav.9728
AntiVir 7.9.0.45 2009.01.03 TR/Fakealert.ane.44 [/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Lighty-D
AVG 8.0.0.199 2009.01.03 Dropper.Bravix.L
BitDefender 7.2 2009.01.04 Trojan.FakeAlert.ANE
CAT-QuickHeal 10.00 2009.01.03 TrojanDropper.Rooter.b [/B]
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.04 -
[B]eTrust-Vet 31.6.6289 2009.01.02 Win32/FakeAlert!generic [/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 W32/FakeAlert.AB.gen!Eldorado
F-Secure 8.0.14470.0 2009.01.04 W32/Fakealert
Fortinet 3.117.0.0 2009.01.04 W32/FakeAlert.D!tr
GData 19 2009.01.04 Trojan.FakeAlert.ANE
Ikarus T3.1.1.45.0 2009.01.03 Trojan-Clicker.Win32.Klik
K7AntiVirus 7.10.575 2009.01.03 Trojan.Win32.Malware.1 [/B]
Kaspersky 7.0.0.125 2009.01.04 -
[B]McAfee 5483 2009.01.03 Generic Dropper.bu
McAfee+Artemis 5483 2009.01.03 Generic Dropper.bu
Microsoft 1.4205 2009.01.04 TrojanDropper:Win32/Rooter.B
NOD32 3734 2009.01.03 a variant of Win32/Kryptik.BN
Norman 5.80.02 2009.01.02 W32/Renos.BZB
Panda 9.0.0.4 2009.01.03 Generic Trojan [/B]
PCTools 4.4.2.0 2009.01.03 -
[B]Prevx1 V2 2009.01.04 Malicious Software [/B]
Rising 21.10.61.00 2009.01.04 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Fakealert.ane.44
Sophos 4.37.0 2009.01.04 Mal/EncPk-EQ
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious
Symantec 10 2009.01.04 Trojan.Virantix.C [/B]
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
[B]ViRobot 2009.1.3.1541 2009.01.03 Backdoor.Win32.IRCBot.39936.L
VirusBuster 4.5.11.0 2009.01.03 Trojan.FakeAlert.Gen!Pac.3 [/B][/CODE]
[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 4 минуты[/I][/B][/color][/size]

Продолжимс.
[QUOTE]Файл runsql.exe получен 2009.01.04 09:13:48 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Trojan-Clicker.Win32.Klik!IK
AhnLab-V3 2008.12.31.0 2009.01.03 Win-Trojan/Fakeav.9728
AntiVir 7.9.0.45 2009.01.03 TR/Dropper.Gen [/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Lighty-D
AVG 8.0.0.199 2009.01.03 Dropper.Bravix.L
BitDefender 7.2 2009.01.04 Trojan.FakeAlert.ANE
CAT-QuickHeal 10.00 2009.01.03 Backdoor.UltimateDefender.gqg [/B]
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.04 -
[B]eTrust-Vet 31.6.6289 2009.01.02 Win32/FakeAlert!generic [/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 W32/FakeAlert.AB.gen!Eldorado [/B]
Fortinet 3.117.0.0 2009.01.04 -
[B]GData 19 2009.01.04 Trojan.FakeAlert.ANE
Ikarus T3.1.1.45.0 2009.01.03 Trojan-Clicker.Win32.Klik
K7AntiVirus 7.10.575 2009.01.03 Trojan.Win32.Malware.1 [/B]
Kaspersky 7.0.0.125 2009.01.04 -
[B]McAfee 5483 2009.01.03 Generic Dropper.bu
McAfee+Artemis 5483 2009.01.03 Generic Dropper.bu
Microsoft 1.4205 2009.01.04 TrojanDownloader:Win32/Renos.FJ
NOD32 3734 2009.01.03 a variant of Win32/Kryptik.BN
Norman 5.80.02 2009.01.02 W32/Renos.CAG
Panda 9.0.0.4 2009.01.03 Generic Trojan [/B]
PCTools 4.4.2.0 2009.01.03 -
[B]Prevx1 V2 2009.01.04 Malicious Software [/B]
Rising 21.10.61.00 2009.01.04 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Dropper.Gen
Sophos 4.37.0 2009.01.04 Mal/EncPk-EQ
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious
Symantec 10 2009.01.04 Trojan.Virantix.C [/B]
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
[B]ViRobot 2009.1.3.1541 2009.01.03 Backdoor.Win32.IRCBot.39936.L
VirusBuster 4.5.11.0 2009.01.03 Trojan.FakeAlert.Gen!Pac.3[/B] [/CODE]
Дополнительная информация
File size: 278528 bytes
MD5...: 4f86af63d2df938148acf090f5ce73bd
SHA1..: 1fb27502eb373940e5bdad052b083325dfc87523
SHA256: 7604ae55c98e40cec74d9efd75dd4a4b39f5eee556e9042c28cf3776b1ba5e10
SHA512: 1f64743b07bf90a383f88b55997a0bf379756dc0c40fd5905eb83be4031f4776
4be5ae2631ff960ac59b83b1a73bca5f56fd5aec73d02c8547afab42eed83d0d

ssdeep: 6144:+P1UsU2DR906fVzzqDAnBbwLkFK8aiZ+i+MlZZZVrA:+P1UgDR9lNzzYAVg
dNA+4ZZV

PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401008
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x1000 0x200 5.78 886abbf737703371751e2ccaebab272f
.data 0x2000 0x44000 0x43000 8.00 2230ad2638b1bed16e72953f7c3c81b6
.rsrc 0x46000 0x84000 0xa00 3.61 ab2365cb0abfdcb5337cb3f9d03da60f

( 3 imports )
> KERNEL32.DLL: AddAtomA, CancelDeviceWakeupRequest, CancelWaitableTimer, CopyFileW, DebugActiveProcess, DebugBreak, DefineDosDeviceW, EnumCalendarInfoW, ExitProcess, GetEnvironmentStrings, GetLongPathNameW, GetOverlappedResult, GetThreadTimes, GetUserDefaultLCID, GlobalFindAtomA, GlobalGetAtomNameW, LocalReAlloc, SetCalendarInfoW, SetCommTimeouts, VerLanguageNameA, WaitForMultipleObjectsEx, WaitForSingleObject, WriteProfileSectionA, lstrcpy
> USER32.DLL: ChangeDisplaySettingsExA, CharUpperA, CheckRadioButton, CopyAcceleratorTableW, DestroyCursor, DialogBoxIndirectParamW, DragDetect, DrawIconEx, EnableMenuItem, EnableScrollBar, FillRect, GetAsyncKeyState, GetKeyboardLayoutNameA, GetMenuCheckMarkDimensions, GetMessageA, GetUpdateRgn, GetWindowLongA, GetWindowTextLengthA, IsCharUpperW, PostMessageW, PostThreadMessageW, RegisterWindowMessageW, SetShellWindow, SetSystemCursor, SetUserObjectSecurity
> GDI32.DLL: CopyEnhMetaFileA, CreateDCA, CreateFontW, CreateICA, CreatePatternBrush, EnumMetaFile, Escape, ExtEscape, GdiFlush, GdiPlayDCScript, GetCharWidthA, GetKerningPairsW, GetPolyFillMode, GetTextExtentExPointA, GetViewportExtEx, GetViewportOrgEx, LPtoDP, PolyPolygon, Polygon, RectInRegion, RectVisible, SelectObject, SetArcDirection, SetEnhMetaFileBits, SetPixel, SetViewportOrgEx, SetWinMetaFileBits

( 0 exports )

Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=0F166C2900A2BEA340D7049BCD8DBE00850A8D0A' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=0F166C2900A2BEA340D7049BCD8DBE00850A8D0A</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4f86af63d2df938148acf090f5ce73bd' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4f86af63d2df938148acf090f5ce73bd</a>
[/QUOTE]
04.01.2009, 13:33
kvit

[CODE][B]a-squared 4.0.0.73 2009.01.03 Win32.SuspectCrc!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.03 TR/Crypt.XDR.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Trojan-gen {Other}[/B]
[B]AVG 8.0.0.199 2009.01.03 Generic12.AIDL
BitDefender 7.2 2009.01.04 Dropped:Trojan.Generic.1267262[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
[B]DrWeb 4.44.0.09170 2009.01.04 Trojan.MulDrop.29356[/B]
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
F-Secure 8.0.14470.0 2009.01.04 -
[B]Fortinet 3.117.0.0 2009.01.04 PossibleThreat
GData 19 2009.01.04 Dropped:Trojan.Generic.1267262
Ikarus T3.1.1.45.0 2009.01.03 Win32.SuspectCrc[/B]
K7AntiVirus 7.10.575 2009.01.03 -
[B]Kaspersky 7.0.0.125 2009.01.04 Trojan.Win32.VB.ihj[/B]
McAfee 5483 2009.01.03 -
[B][COLOR="Red"]McAfee+Artemis 5483 2009.01.03 Generic!Artemis[/COLOR][/B]
Microsoft 1.4205 2009.01.04 -
[B]NOD32 3734 2009.01.03 a variant of Win32/Injector.GL
Norman 5.80.02 2009.01.02 W32/Smalltroj.KBEI
Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2009.01.03 -
Prevx1 V2 2009.01.04 -
Rising 21.10.62.00 2009.01.04 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Crypt.XDR.Gen
Sophos 4.37.0 2009.01.04 Sus/Behav-1018
Sunbelt 3.2.1809.2 2008.12.22 BehavesLike.Win32.Malware (v)[/B]
Symantec 10 2009.01.04 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.04 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -[/CODE]

Дополнительная информация
File size: 792256 bytes
MD5...: a19d9ce5f4c3e1cb58a5b828b125afa6
SHA1..: 9947b55d8bfae5033ae7c7b8b01e36d2d6dda6cf
SHA256: 9aa6df47bf19f8ac113acb4caa0dcc5f18444671f702a20b2034af97a5d59069
SHA512: fc2bd9e8c527f9f6c4e8fb34803fee36363e1036a320631ccf0d739f496480a4
7f621ac4de1d46c09427141b65f76370d00365b9042f63e92d623a9961dc01d4
06.01.2009, 22:06
Aleksandra

Файл [B]tLBq.exe[/B] получен 2009.01.06 19:27:13 (CET)

[quote][COLOR=Red][B]a-squared 4.0.0.73 2009.01.06 Trojan-Spy.Win32.Zbot.djy!IK
AhnLab-V3 2009.1.6.3 2009.01.06 Win32/IRCBot.worm.variant
AntiVir 7.9.0.45 2009.01.06 TR/Crypt.XPACK.Gen
Authentium 5.1.0.4 2009.01.05 W32/Trojan2.CKMB
Avast 4.8.1281.0 2009.01.06 Win32:Zbot-AIO
AVG 8.0.0.199 2009.01.06 Win32/Heur
BitDefender 7.2 2009.01.06 Trojan.Wsnpoem.K[/B][/COLOR]
CAT-QuickHeal 10.00 2009.01.06 -
[COLOR=Red][B]ClamAV 0.94.1 2009.01.06 Trojan.Zbot-1823[/B][/COLOR]
Comodo 884 2009.01.06 -
[COLOR=Red][B]DrWeb 4.44.0.09170 2009.01.06 Trojan.Packed.511[/B][/COLOR]
eTrust-Vet 31.6.6293 2009.01.06 -
[COLOR=Red][B]Ewido 4.0 2008.12.31 Logger.Zbot.aez
F-Prot 4.4.4.56 2009.01.05 W32/Trojan2.CKMB[/B][/COLOR]
F-Secure 8.0.14470.0 2009.01.06 -
[COLOR=Red][B]Fortinet 3.117.0.0 2009.01.06 W32/Zbot.W!tr
GData 19 2009.01.06 Trojan.Wsnpoem.K
Ikarus T3.1.1.45.0 2009.01.06 Trojan-Spy.Win32.Zbot.djy
K7AntiVirus 7.10.578 2009.01.06 Trojan-Spy.Win32.Zbot.djy[/B][/COLOR]
Kaspersky 7.0.0.125 2009.01.06 -
[COLOR=Red][B]McAfee 5486 2009.01.05 PWS-Zbot.gen.c
McAfee+Artemis 5487 2009.01.06 PWS-Zbot.gen.c
Microsoft 1.4205 2009.01.06 Trojan:Win32/Zbot.BD
NOD32 3743 2009.01.06 a variant of Win32/Spy.Agent.PZ
Norman 5.80.02 2009.01.06 W32/Zbot.APJ[/B][/COLOR]
Panda 9.0.0.4 2009.01.06 -
PCTools 4.4.2.0 2009.01.06 -
Prevx1 V2 2009.01.06 -
Rising 21.11.12.00 2009.01.06 -
[COLOR=Red][B]SecureWeb-Gateway 6.7.6 2009.01.06 Trojan.Crypt.XPACK.Gen
Sophos 4.37.0 2009.01.06 Mal/TibsPak[/B][/COLOR]
Sunbelt 3.2.1809.2 2008.12.22 -
[COLOR=Red][B]Symantec 10 2009.01.06 Infostealer.Notos!gen[/B][/COLOR]
TheHacker 6.3.1.4.205 2009.01.05 -
[COLOR=Red][B]TrendMicro 8.700.0.1004 2009.01.06 Cryp_Zbot
VBA32 3.12.8.10 2009.01.05 Trojan-Spy.Win32.Zbot.djy
ViRobot 2009.1.6.1546 2009.01.06 Trojan.Win32.Zbot.90112[/B][/COLOR]
VirusBuster 4.5.11.0 2009.01.06 -[/quote]Дополнительная информация
File size: 49624 bytes
MD5...: bc1432c0b30fc6fb41ca94ce116a9dc6
09.01.2009, 16:52
Black Angel

Файл key.EXE получен 2009.01.09 14:35:56 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.09 Tool.DOS.SimulatedVirus.B!IK[/B]
AhnLab-V3 2009.1.9.2 2009.01.09 -
[B]AntiVir 7.9.0.45 2009.01.09 SPR/Fake.CscSimX[/B]
Authentium 5.1.0.4 2009.01.08 -
Avast 4.8.1281.0 2009.01.08 -
[B]AVG 8.0.0.229 2009.01.09 DOS.Generic_c.J[/B]
[B]BitDefender 7.2 2009.01.09 Application.Viremul.B[/B]
CAT-QuickHeal 10.00 2009.01.09 -
[B]ClamAV 0.94.1 2009.01.09 DOS.Simulated.Virus[/B]
[B]Comodo 895 2009.01.08 Application.SimulatedVir[/B]
[B]DrWeb 4.44.0.09170 2009.01.09 Tool.VirEmul[/B]
[B]eSafe 7.0.17.0 2009.01.08 Dos.4907[/B]
eTrust-Vet 31.6.6299 2009.01.09 -
F-Prot 4.4.4.56 2009.01.08 -
F-Secure 8.0.14470.0 2009.01.09 -
[B]Fortinet 3.117.0.0 2009.01.09 Misc/Simulated[/B]
[B]GData 19 2009.01.09 Application.Viremul.B[/B]
[B]Ikarus T3.1.1.45.0 2009.01.09 Tool.DOS.SimulatedVirus.B[/B]
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.09 -
[B]McAfee 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]McAfee+Artemis 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]Microsoft 1.4205 2009.01.09 Tool:DOS/SimulatedVirus.B[/B]
[B]NOD32 3754 2009.01.09 SimulatedVir[/B]
Norman 5.99.02 2009.01.09 -
[B]Panda 9.4.3.3 2009.01.09 Lepe.2818[/B]
PCTools 4.4.2.0 2009.01.09 -
[B]Prevx1 V2 2009.01.09 Malicious Software[/B]
Rising 21.11.42.00 2009.01.09 -
[B]SecureWeb-Gateway 6.7.6 2009.01.09 Riskware.Fake.CscSimX[/B]
Sophos 4.37.0 2009.01.09 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.09 -
TheHacker 6.3.1.4.214 2009.01.09 -
TrendMicro 8.700.0.1004 2009.01.09 -
VBA32 3.12.8.10 2009.01.08 -
ViRobot 2009.1.9.1552 2009.01.09 -
VirusBuster 4.5.11.0 2009.01.08 -[/CODE]
Дополнительная информация
File size: 2818 bytes
MD5...: 9435eae54f53fb1e7517b2dbad8e4caf

[size="1"][color="#666686"][B][I]Добавлено через 10 минут[/I][/B][/color][/size]

Файл hosts.EXE получен 2009.01.09 14:45:13 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.09 Tool.DOS.SimulatedVirus.A!IK[/B]
AhnLab-V3 2009.1.9.2 2009.01.09 -
AntiVir 7.9.0.54 2009.01.09 -
[B]Authentium 5.1.0.4 2009.01.08 Intended_Virus!e2da[/B]
Avast 4.8.1281.0 2009.01.08 -
[B]AVG 8.0.0.229 2009.01.09 DOS.Generic_c.R[/B]
[B]BitDefender 7.2 2009.01.09 Application.Dropper.A[/B]
CAT-QuickHeal 10.00 2009.01.09 -
[B]ClamAV 0.94.1 2009.01.09 DOS.Simulated.Virus[/B]
[B]Comodo 895 2009.01.08 Application.SimulatedVir[/B]
[B]DrWeb 4.44.0.09170 2009.01.09 Tool.VirEmul[/B]
[B]eSafe 7.0.17.0 2009.01.08 Dos.Balooch[/B]
eTrust-Vet 31.6.6300 2009.01.09 -
[B]F-Prot 4.4.4.56 2009.01.08 Intended_Virus!e2da[/B]
[B]Fortinet 3.117.0.0 2009.01.09 W32/Music[/B]
[B]GData 19 2009.01.09 Application.Dropper.A[/B]
[B]Ikarus T3.1.1.45.0 2009.01.09 Tool.DOS.SimulatedVirus.A[/B]
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.09 -
[B]McAfee 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]McAfee+Artemis 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]Microsoft 1.4205 2009.01.09 Tool:DOS/SimulatedVirus.A[/B]
[B]NOD32 3754 2009.01.09 SimulatedVir[/B]
Panda 9.4.3.3 2009.01.09 -
PCTools 4.4.2.0 2009.01.09 -
Rising 21.11.42.00 2009.01.09 -
SecureWeb-Gateway 6.7.6 2009.01.09 -
[B]Sophos 4.37.0 2009.01.09 Junk/Music sim[/B]
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.09 -
TheHacker 6.3.1.4.214 2009.01.09 -
TrendMicro 8.700.0.1004 2009.01.09 -
VBA32 3.12.8.10 2009.01.08 -
ViRobot 2009.1.9.1552 2009.01.09 -
VirusBuster 4.5.11.0 2009.01.08 -[/CODE]
Дополнительная информация
File size: 2974 bytes
MD5...: c7c76758a017faf547d006691fdf575d
12.01.2009, 19:25
DABbID

Файл innounp.exe получен 2009.01.12 17:19:17 (CET)
Текущий статус: закончено
Результат: 25/37 (67.57%)
[QUOTE]Антивирус Версия Обновление Результат
[COLOR="Red"]a-squared 4.0.0.73 2009.01.12 Virus.Win32.Trojan!IK[/COLOR]
[COLOR="#ff0000"]AhnLab-V3 2009.1.10.0 2009.01.12 Packed/Upack[/COLOR]
AntiVir 7.9.0.54 2009.01.12 -
[COLOR="#ff0000"]Authentium 5.1.0.4 2009.01.12 W32/Heuristic-210!Eldorado
Avast 4.8.1281.0 2009.01.12 Win32:Trojan-gen {Other}
AVG 8.0.0.229 2009.01.12 Generic10.XFN[/COLOR]
BitDefender 7.2 2009.01.12 -
[COLOR="#ff0000"]CAT-QuickHeal 10.00 2009.01.12 (Suspicious) - DNAScan[/COLOR]
ClamAV 0.94.1 2009.01.12 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
[COLOR="#ff0000"]eSafe 7.0.17.0 2009.01.12 Suspicious File[/COLOR]
eTrust-Vet 31.6.6304 2009.01.12 -
[COLOR="#ff0000"]F-Prot 4.4.4.56 2009.01.12 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.01.12 W32/Packed_Upack.A
Fortinet 3.117.0.0 2009.01.11 PossibleThreat
GData 19 2009.01.12 Win32:Trojan-gen {Other}
Ikarus T3.1.1.45.0 2009.01.12 Virus.Win32.Trojan
K7AntiVirus 7.10.584 2009.01.09 Trojan.Win32.Malware.1[/COLOR]
Kaspersky 7.0.0.125 2009.01.12 -
[COLOR="#ff0000"]McAfee 5492 2009.01.11 Generic.dx
McAfee+Artemis 5492 2009.01.11 Generic.dx[/COLOR]
Microsoft 1.4205 2009.01.12 -
NOD32 3759 2009.01.12 -
[COLOR="#ff0000"]Norman 5.93.01 2009.01.12 W32/Packed_Upack.A
Panda 9.4.3.3 2009.01.11 Trj/Lineage.BZE
PCTools 4.4.2.0 2009.01.12 Packed/Upack
Prevx1 V2 2009.01.12 Malicious Software[/COLOR]
Rising 21.12.02.00 2009.01.12 -
[COLOR="#ff0000"]SecureWeb-Gateway 6.7.6 2009.01.12 Trojan.PSW.LooksLike.Sagic
Sophos 4.37.0 2009.01.12 Sus/ComPack-C
Sunbelt 3.2.1831.2 2009.01.09 Trojan.Win32.Packed.gen (v)
TheHacker 6.3.1.4.218 2009.01.11 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2009.01.12 TROJ_PACKED.ECJ[/COLOR]
VBA32 3.12.8.10 2009.01.12 -
ViRobot 2009.1.12.1554 2009.01.12 -
[COLOR="#ff0000"]VirusBuster 4.5.11.0 2009.01.12 Packed/Upack[/COLOR]
Дополнительная информация
File size: 94564 bytes
MD5...: 8a93c3415a3ebc7cf4ebd5ace6cb062d
SHA1..: c812b4f41d318a83e6ae71375e01c8a644fab697
SHA256: 9f13fd5d3cac4362c0523c98b6411b1f576049017f262783bc0e5c8cc566db55
SHA512: 63f02e4d508329898188444929a390489404bb32aa1b47ca5360b3bba73dbea9
3c9e21a85ed69237833734f9a1508a0bda9a8357fad5c21487b92aeb0cfc2b7e
ssdeep: 1536:PmvVpfBxOTguIN7EhleATSP4cy01Ys/3ar6BY/0hNqY0NYLBKb/KkCtou40
89rv7:PmXfbxlWOAOX1P/3a0WNYLBO/ru4089P
PEiD..: -
TrID..: File type identification
DOS Executable Generic (100.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401018
timedatestamp.....: 0x4011b0be (Fri Jan 23 23:39:42 2004)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
PS 0x1000 0x63000 0x1f0 5.41 dc08bdd8c711d73e0dbdca444ea5a54b
@_G 0x64000 0x1f000 0x16f64 8.00 03a2623cf8965f89c51fd96c96ca768b
8F@ 0x83000 0x1000 0x1f0 5.41 dc08bdd8c711d73e0dbdca444ea5a54b

( 0 imports )

( 0 exports )
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=8a93c3415a3ebc7cf4ebd5ace6cb062d' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=8a93c3415a3ebc7cf4ebd5ace6cb062d</a>
packers (Kaspersky): PE_Patch, UPack
packers (Authentium): UPack
packers (F-Prot): UPack
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=D5F7FF8364CF5375711701B8DDD94100EB95778A' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=D5F7FF8364CF5375711701B8DDD94100EB95778A</a>[/QUOTE]
12.01.2009, 22:13
senyak

Файл autorun.rar получен 2009.01.12 20:04:59 (CET)
Текущий статус: закончено
Результат: 5/38 (13.16%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.12 -
AhnLab-V3 2009.1.10.0 2009.01.12 -
AntiVir 7.9.0.54 2009.01.12 -
Authentium 5.1.0.4 2009.01.12 -
Avast 4.8.1281.0 2009.01.12 -
AVG 8.0.0.229 2009.01.12 -
BitDefender 7.2 2009.01.12 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.12 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6301 2009.01.10 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.12 -
Fortinet 3.117.0.0 2009.01.11 -
GData 19 2009.01.12 -
Ikarus T3.1.1.45.0 2009.01.12 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.12 -
[B]McAfee 5493 2009.01.12 W32/Conficker.worm!inf
McAfee+Artemis 5493 2009.01.12 W32/Conficker.worm!inf
Microsoft 1.4205 2009.01.12 Worm:Win32/Conficker.B!inf[/B]
NOD32 3759 2009.01.12 -
Norman 5.93.01 2009.01.12 -
[B]Panda 9.4.3.3 2009.01.12 W32/Conficker.C.worm[/B]
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.12 -
Rising 21.12.02.00 2009.01.12 -
SecureWeb-Gateway 6.7.6 2009.01.12 -
Sophos 4.37.0 2009.01.12 -
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.12 W32.Downadup!autorun[/B]
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.12 -
VBA32 3.12.8.10 2009.01.12 -
ViRobot 2009.1.12.1554 2009.01.12 -
VirusBuster 4.5.11.0 2009.01.12 -[/QUOTE]
Дополнительная информация
File size: 29663 bytes
MD5...: 21b0f00ae0d46d52c88a78b542f4bfa5
SHA1..: 0cc575c1fddd6796b9809c4ae438082ed0064357
SHA256: 2f09ce46b26377de1b6b8d46d524ed561ce05d7e3a8295781ee003ec779b48ae
SHA512: a43e74319726e8522c718a33cea595ff3c5007cf03ca2540200e2f80e46a78ad
a3ab495154a6a30fca62d4f1db5731b4afb6b6a7bb4626db98e92cb1fbad144f
ssdeep: 768:bT0GDmiHNP4bwGjUcfazYSRzH6qIUBCl+m:30imiHNP4kGjYN5aqIUBCl+m
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
packers (F-Prot): Unicode
13.01.2009, 17:45
IgorKr

Файл setup.exe получен 2009.01.13 15:37:30 (CET)
Текущий статус: закончено
Результат: 9/38 (23.69%)

[QUOTE]
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
[B]AVG 8.0.0.229 2009.01.13 SHeur2.KOR.dropper[/B]
[B]BitDefender 7.2 2009.01.13 Trojan.Vundo.GGF[/B]
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 927 2009.01.13 -
DrWeb 4.44.0.09170 2009.01.13 -
[B]eSafe 7.0.17.0 2009.01.12 Suspicious File[/B]
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
[B]GData 19 2009.01.13 Trojan.Vundo.GGF[/B]
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
[B]McAfee+Artemis 5493 2009.01.12 Generic!Artemis[/B]
[B]Microsoft 1.4205 2009.01.13 Trojan:Win32/AgentBypass.gen!I[/B]
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.13 -
[B]Panda 9.5.1.2 2009.01.13 Suspicious file[/B]
PCTools 4.4.2.0 2009.01.13 -
[B]Prevx1 V2 2009.01.13 Malicious Software[/B]
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Trojan.Win32.Packed.gen (v)[/B]
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
VBA32 3.12.8.10 2009.01.12 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Дополнительная информация
File size: 5512192 bytes
MD5...: fcd73882f7cfca40d9283c0df2ad375e
SHA1..: 2dcac82db6726466e8491a746d7157630e879eb5
SHA256: 61201460005f89e05e4ef34b8156a03e4dcb5b93db6006265947c028cf18eea1
SHA512: 9893cf69f04ff0321dae133b677f76fa7057fae86cd3fc7adb779b6a526df8b7
3d42d45a0968f634d460b536e68c790876872a5f8e43081d7cb1b92a12a396cd
ssdeep: 98304:hv0s8YL870pr14I/jxikW+IvJvK7pcr2xVeRjlobkSPuxhqjBpd+0RpA44
a:1Dfpr14I/jxRyJv+qKAoASPuxmpd+0Rr
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x100645c
timedatestamp.....: 0x480251cd (Sun Apr 13 18:32:45 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x99c8 0x9a00 6.58 fd7744c26c2bf4d279968be94b283b11
.data 0xb000 0x1be4 0x400 4.25 99858e86526942a66950c7139f78a725
.rsrc 0xd000 0x537868 0x537a00 8.00 a049d0a5dd3dbe7ef6ec019c9e94b6a6

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, lstrlenA, GetModuleFileNameA, GetSystemDirectoryA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, lstrcpyA, GlobalFree, GlobalUnlock, GlobalLock, GlobalAlloc, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, FreeResource, GetProcAddress, LoadResource, SizeofResource, FindResourceA, lstrcatA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, LockResource
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=361A4EEA00420789B602008C240A1900095139A6' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=361A4EEA00420789B602008C240A1900095139A6</a>
packers (F-Prot): CAB, ZIP
[/QUOTE]
14.01.2009, 07:37
ZhIV

Файл csrcs-.exe получен 2009.01.14 05:23:20 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.14 Trojan.Win32.Autoit.dt!IK
AhnLab-V3 2009.1.13.3 2009.01.14 Win-Trojan/Midgare.229888.B
AntiVir 7.9.0.54 2009.01.13 TR/Autoit.fi.420388
Authentium 5.1.0.4 2009.01.13 W32/Trojan2.FKMP
Avast 4.8.1281.0 2009.01.13 Win32:Trojan-gen {Other}
AVG 8.0.0.229 2009.01.13 Worm/Autoit.LYM
BitDefender 7.2 2009.01.14 Trojan.Generic.1175909
CAT-QuickHeal 10.00 2009.01.12 TrojanDownloader.Small.agrv
ClamAV 0.94.1 2009.01.13 Worm.Autorun-1793
[/B]Comodo 927 2009.01.13 -
DrWeb 4.44.0.09170 2009.01.13 -
[B]eSafe 7.0.17.0 2009.01.13 Suspicious File
[/B]eTrust-Vet 31.6.6306 2009.01.13 -
[B]F-Prot 4.4.4.56 2009.01.13 W32/Trojan2.FKMP
F-Secure 8.0.14470.0 2009.01.14 Trojan.Win32.Autoit.fi
[/B]Fortinet 3.117.0.0 2009.01.14 -
[B]GData 19 2009.01.14 Trojan.Generic.1175909
Ikarus T3.1.1.45.0 2009.01.14 Trojan.Win32.Autoit.dt
K7AntiVirus 7.10.584 2009.01.09 Trojan.Win32.Midgare.rdk
Kaspersky 7.0.0.125 2009.01.14 Trojan.Win32.Autoit.fi
McAfee 5494 2009.01.13 W32/Autorun.worm.zf.gen
McAfee+Artemis 5494 2009.01.13 W32/Autorun.worm.zf.gen
Microsoft 1.4205 2009.01.13 Worm:AutoIt/Renocide.gen!A
NOD32 3763 2009.01.13 Win32/Packed.Autoit.Gen
Norman 5.93.01 2009.01.13 W32/Agent.JIIR
Panda 9.5.1.2 2009.01.13 W32/Autoit.Z
[/B]PCTools 4.4.2.0 2009.01.13 -
Prevx1 V2 2009.01.14 -
Rising 21.12.20.00 2009.01.14 -
[B]SecureWeb-Gateway 6.7.6 2009.01.13 Trojan.Autoit.fi.420388[/B]
Sophos 4.37.0 2009.01.13 Sus/Behav-1011
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.14 W32.Harakit
TheHacker 6.3.1.4.219 2009.01.14 Trojan/Autoit.gs
TrendMicro 8.700.0.1004 2009.01.14 WORM_AUTORUN.HP
[/B]VBA32 3.12.8.10 2009.01.13 -
ViRobot 2009.1.14.1557 2009.01.14 -
VirusBuster 4.5.11.0 2009.01.13 -[/CODE]

Дополнительная информация
File size: 420360 bytes
MD5...: e297074d0a30c50ef6d227a362261685
SHA1..: 851d5403686594bd1752ef827aaed440f88e983e
SHA256: 6736a1ef071073c2e949168573730f33cca14a3f6d4a5848c4d9d4f1d647adca
SHA512: 827dbb1bd64e3c1fa731d8b890bf17f555ba68138818ecb796a95bf65cef601b 9446996bd519a25421871d0b397c458c0d95ca4d3126dc05ef85813563f648c9 
ssdeep: 12288:tnNhuBoY8SorxgmA+nlvVl/2RSHOJGBaObFR4U:tPatCg7EPt2SOEoOQU 
PEiD..: -

[size="1"][color="#666686"][B][I]Добавлено через 8 минут[/I][/B][/color][/size]

Файл autorun.inf получен 2009.01.14 05:29:51 (CET)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.14 -
AhnLab-V3 2009.1.13.3 2009.01.14 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
[B]AVG 8.0.0.229 2009.01.13 Worm/AutoRun
BitDefender 7.2 2009.01.14 Trojan.AutorunINF.Gen
[/B]CAT-QuickHeal 10.00 2009.01.12 -
[B]ClamAV 0.94.1 2009.01.13 Worm.Autorun-1792[/B]
Comodo 927 2009.01.13 -
DrWeb 4.44.0.09170 2009.01.13 -
eSafe 7.0.17.0 2009.01.13 -
[B]eTrust-Vet 31.6.6306 2009.01.13 INF/Frethog[/B]
F-Prot 4.4.4.56 2009.01.13 -
[B]F-Secure 8.0.14470.0 2009.01.14 BAT/AutoRun.AE[/B]
Fortinet 3.117.0.0 2009.01.14 -
[B]GData 19 2009.01.14 Trojan.AutorunINF.Gen[/B]
Ikarus T3.1.1.45.0 2009.01.14 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.14 -
McAfee 5494 2009.01.13 -
McAfee+Artemis 5494 2009.01.13 -
Microsoft 1.4205 2009.01.13 -
NOD32 3763 2009.01.13 -
[B]Norman 5.93.01 2009.01.13 BAT/AutoRun.AE[/B]
Panda 9.5.1.2 2009.01.13 -
PCTools 4.4.2.0 2009.01.13 -
Prevx1 V2 2009.01.14 -
Rising 21.12.20.00 2009.01.14 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
[B]Sophos 4.37.0 2009.01.14 W32/Yahlov-A
Sunbelt 3.2.1831.2 2009.01.09 INF.Autorun (v)[/B]
Symantec 10 2009.01.14 -
TheHacker 6.3.1.4.219 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.14 -
VBA32 3.12.8.10 2009.01.13 -
ViRobot 2009.1.14.1557 2009.01.14 -
[B]VirusBuster 4.5.11.0 2009.01.13 INF.Autorun.Gen[/B][/CODE]

Дополнительная информация
File size: 473 bytes
MD5...: 6ed92792d0051fbc0a84d6aea3a8970a
SHA1..: 688d1291f9a62e37bbc2c716526deb5969467094
SHA256: e8ee51ea254861ff70bd860ee1c9b8c5cb5cf27480cd66be199e83ddeaebdeb2
SHA512: 9dc6de65f9f55e2a9e35fcf549f2cfbce0f755b78cbcb9f3b4211b0de0360948 1aaa2a2e50e2baef309c8165ac04abca755a61aa0a8d182ebdf1e67073914b74 
ssdeep: 12:ZbgpDMbuRuuPM5BXiheTmNXq4izKswQwMDzrMRi:6F0ud4Bkqm3SwQV04 
PEiD..: -
TrID..: File type identification Unknown!
PEInfo: -
14.01.2009, 12:58
OSSP2008

Файл Virus.Win32.Parite.d получен 2009.01.14 10:50:22 (CET)
Текущий статус: закончено
Результат: [B]31/38[/B] (81.58%)

[QUOTE][B]a-squared 4.0.0.73 2009.01.14 Backdoor.Rbot!IK[/B]
AhnLab-V3 2009.1.13.3 2009.01.14 -
[B]AntiVir 7.9.0.54 2009.01.13 W32/Parite
Authentium 5.1.0.4 2009.01.13 W32/Parite.D
Avast 4.8.1281.0 2009.01.13 Win32:Parite
AVG 8.0.0.229 2009.01.13 BackDoor.RBot.EL
BitDefender 7.2 2009.01.14 Win32.Parite.D
CAT-QuickHeal 10.00 2009.01.14 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.01.14 W32.Parite.B
Comodo 927 2009.01.13 Virus.Win32.Parite.d
DrWeb 4.44.0.09170 2009.01.14 Win32.Parite.4
eSafe 7.0.17.0 2009.01.13 Virus.Win32.Parite.d[/B]
eTrust-Vet 31.6.6307 2009.01.14 -
[B]F-Prot 4.4.4.56 2009.01.13 W32/Spybot.BFC
F-Secure 8.0.14470.0 2009.01.14 Virus.Win32.Parite.d
Fortinet 3.117.0.0 2009.01.14 W32/Parite.B
GData 19 2009.01.14 Win32.Parite.D
Ikarus T3.1.1.45.0 2009.01.14 Backdoor.Rbot[/B]
K7AntiVirus 7.10.584 2009.01.09 -
[B]Kaspersky 7.0.0.125 2009.01.14 Virus.Win32.Parite.d
McAfee 5494 2009.01.13 W32/Pate.d
McAfee+Artemis 5494 2009.01.13 W32/Pate.d
Microsoft 1.4205 2009.01.14 Virus:Win32/Parite.D
NOD32 3763 2009.01.13 Win32/Parite.D
Norman 5.93.01 2009.01.13 W32/Spybot.BNKS
Panda 9.5.1.2 2009.01.13 Generic Malware[/B]
PCTools 4.4.2.0 2009.01.13 -
[B]Prevx1 V2 2009.01.14 Malicious Software
Rising 21.12.22.00 2009.01.14 Win32.Parite.d
SecureWeb-Gateway 6.7.6 2009.01.14 Win32.Parite
Sophos 4.37.0 2009.01.14 W32/Parite-A
Sunbelt 3.2.1831.2 2009.01.09 Backdoor.IRCBot
Symantec 10 2009.01.14 W32.Spybot.Worm[/B]
TheHacker 6.3.1.4.219 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.14 PE_PATE.D
VBA32 3.12.8.10 2009.01.13 Win32.Parite.D[/B]
ViRobot 2009.1.14.1558 2009.01.14 -
VirusBuster 4.5.11.0 2009.01.13 -[/QUOTE]
15.01.2009, 07:25
ZhIV

File autorun.exe received on 01.15.2009 04:56:27 (CET)
[QUOTE]Antivirus Version Last Update Result
[B]a-squared 4.0.0.73 2009.01.15 Trojan-PWS.Legmir!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.14 -
[B]AntiVir 7.9.0.54 2009.01.14 CC/UKMalw.LB
Authentium 5.1.0.4 2009.01.14 W32/Trojan.BWKV[/B]
Avast 4.8.1281.0 2009.01.14 -
[B]AVG 8.0.0.229 2009.01.14 Generic12.PHK[/B]
BitDefender 7.2 2009.01.15 -
CAT-QuickHeal 10.00 2009.01.15 -
[B]ClamAV 0.94.1 2009.01.15 Trojan.Agent-17889
Comodo 931 2009.01.14 TrojWare.Win32.PWS.Agent.AAA[/B]
DrWeb 4.44.0.09170 2009.01.15 -
[B]eSafe 7.0.17.0 2009.01.14 Win32.Backdoor.EggDr
[/B]eTrust-Vet 31.6.6308 2009.01.15 -
[B]F-Prot 4.4.4.56 2009.01.14 W32/Trojan.BWKV[/B]
F-Secure 8.0.14470.0 2009.01.15 -
[B]Fortinet 3.117.0.0 2009.01.15 Generic.A!tr[/B]
GData 19 2009.01.15 -
[B]Ikarus T3.1.1.45.0 2009.01.15 Trojan-PWS.Legmir
K7AntiVirus 7.10.584 2009.01.09 Trojan-Spy.Win32.BZub.Family
[/B]Kaspersky 7.0.0.125 2009.01.15 -
[B]McAfee 5495 2009.01.14 Generic Packed
McAfee+Artemis 5495 2009.01.14 Generic Packed[/B]
Microsoft 1.4205 2009.01.15 -
NOD32 3767 2009.01.15 -
[B]Norman 5.93.01 2009.01.13 W32/Malware.dam[/B]
Panda 9.5.1.2 2009.01.14 -
[B]PCTools 4.4.2.0 2009.01.14 Trojan.Agent.EAPN
Prevx1 V2 2009.01.15 System Back Door[/B]
Rising 21.12.30.00 2009.01.15 -
[B]SecureWeb-Gateway 6.7.6 2009.01.15 Virus.UKMalw.LB[/B]
Sophos 4.37.0 2009.01.15 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Trojan-PWS.LegMir
Symantec 10 2009.01.15 Backdoor.EggDrop
TheHacker 6.3.1.4.220 2009.01.14 Trojan/Legmir.gen
TrendMicro 8.700.0.1004 2009.01.14 TROJ_LEGMIR.AL
VBA32 3.12.8.10 2009.01.14 Trojan.PWS.Legmir
ViRobot 2009.1.14.1559 2009.01.14 Trojan.Win32.PSWLmir.61440.C
VirusBuster 4.5.11.0 2009.01.14 Trojan.Agent.EAPN[/B][/QUOTE]

Additional information
File size: 61440 bytes
MD5...: 9a667611eb788402ccadd829e29a4184
SHA1..: 1b28150e07c4da97c7f343f63acf8a468a5f3733
SHA256: 4849c6b6f0575b511cbdda7ae3cbb6d88520b7093db32d52791c022d2526aa32
SHA512: 6efc167db4174c8cb31041b4c6dbf07edd7691e1b4855748c824d9e566633daa c1d5c8ba06f9ea2373f9c6711aff67eeadf6056094b99e8bf577a23d35ed8fb3 
ssdeep: 768:nsj44SFkaaLPP+GizfclAzfvy1NQ/zY09OiJos/yQ:U44xeGYnzfvy1NQGio s7 
PEiD..: Armadillo v1.71
15.01.2009, 16:26
Hanson

Файл autorun.inf
[QUOTE]Файл avz00001.dta получен 2009.01.15 12:06:46 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 19/39 (48.72%)
Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Trojan.Autorun.TE!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
AntiVir 7.9.0.54 2009.01.15 -
Authentium 5.1.0.4 2009.01.14 -
[B]Avast 4.8.1281.0 2009.01.14 BV:AutoRun-G
AVG 8.0.0.229 2009.01.15 Worm/AutoRun.BR
BitDefender 7.2 2009.01.15 Trojan.Autorun.TE[/B]
CAT-QuickHeal 10.00 2009.01.15 -
[B]ClamAV 0.94.1 2009.01.15 BAT.Autorun-8[/B]
Comodo 932 2009.01.15 -
[B][COLOR="Red"]DrWeb 4.44.0.09170 2009.01.15 -[/COLOR][/B]
eSafe 7.0.17.0 2009.01.14 -
[B]eTrust-Vet 31.6.6309 2009.01.15 INF/Hamweq[/B]
F-Prot 4.4.4.56 2009.01.14 -
[B]F-Secure 8.0.14470.0 2009.01.15 BAT/AutoRun.AE[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Trojan.Autorun.TE
Ikarus T3.1.1.45.0 2009.01.15 Trojan.Autorun.TE[/B]
K7AntiVirus 7.10.584 2009.01.09 -
[B][COLOR="Red"]Kaspersky 7.0.0.125 2009.01.15 -[/COLOR][/B]
[B]McAfee 5495 2009.01.14 Generic!atr
McAfee+Artemis 5495 2009.01.14 Generic!atr
Microsoft 1.4205 2009.01.15 Worm:Win32/Hamweq!inf[/B]
[COLOR="Red"][B]NOD32[/B] 3768 2009.01.15 -[/COLOR]
[B]Norman 5.93.01 2009.01.13 BAT/AutoRun.AE
nProtect 2009.1.8.0 2009.01.15 Trojan.Autorun.TE[/B]
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.14 -
Prevx1 V2 2009.01.15 -
Rising 21.12.32.00 2009.01.15 -
[COLOR="Red"][B]SecureWeb-Gateway 6.7.6 2009.01.15 -[/B][/COLOR]
[B]Sophos 4.37.0 2009.01.15 W32/HostInf-A[/B]
Sunbelt 3.2.1831.2 2009.01.09 -
[COLOR="Red"][B]Symantec[/B] 10 2009.01.15 -[/COLOR]
[B]TheHacker 6.3.1.4.220 2009.01.14 Trojan/Small.autorun
TrendMicro 8.700.0.1004 2009.01.15 Mal_Otorun1[/B]
VBA32 3.12.8.10 2009.01.14 -
[B]ViRobot 2009.1.15.1560 2009.01.15 INF.Autorun.274.K[/B]
[B]VirusBuster 4.5.11.0 2009.01.14 INF.Autorun.Gen[/B][/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 9 минут[/I][/B][/color][/size]

Файл twex_exe получен 2009.01.15 14:17:59 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 19/39 (48.72%)
[QUOTE]
Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.15 -
[B]AhnLab-V3 2009.1.15.0 2009.01.15 Win32/IRCBot.worm.variant[/B]
AntiVir 7.9.0.54 2009.01.15 -
Authentium 5.1.0.4 2009.01.14 -
[B]Avast 4.8.1281.0 2009.01.14 Win32:Zbot-AVH
AVG 8.0.0.229 2009.01.15 Generic12.WWQ
BitDefender 7.2 2009.01.15 Backdoor.Bot.68054[/B]
CAT-QuickHeal 10.00 2009.01.15 -
[B]ClamAV 0.94.1 2009.01.15 Trojan.Zbot-2903[/B]
Comodo 932 2009.01.15 -
[B]DrWeb 4.44.0.09170 2009.01.15 Trojan.PWS.Panda.31[/B]
eSafe 7.0.17.0 2009.01.15 -
[B]eTrust-Vet 31.6.6309 2009.01.15 Win32/VMalum.EKDU[/B]
F-Prot 4.4.4.56 2009.01.14 -
F-Secure 8.0.14470.0 2009.01.15 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Backdoor.Bot.68054[/B]
Ikarus T3.1.1.45.0 2009.01.15 -
[B]K7AntiVirus 7.10.584 2009.01.09 Trojan-Spy.Win32.Zbot.hme[/B]
Kaspersky 7.0.0.125 2009.01.15 -
McAfee 5495 2009.01.14 -
McAfee+Artemis 5495 2009.01.14 -
[B]Microsoft 1.4205 2009.01.15 TrojanSpy:Win32/Zbot.gen!C
NOD32 3768 2009.01.15 a variant of Win32/Kryptik.DB
Norman 5.93.01 2009.01.13 W32/Malware.EQSW
nProtect 2009.1.8.0 2009.01.15 Trojan-Spy/W32.ZBot.148480[/B]
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.15 -
Prevx1 V2 2009.01.15 -
[B]Rising 21.12.32.00 2009.01.15 Trojan.Spy.Win32.Zbot.fak[/B]
SecureWeb-Gateway 6.7.6 2009.01.15 -
[B]Sophos 4.37.0 2009.01.15 Mal/Zbot-H[/B]
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.15 Infostealer.Banker.C
TheHacker 6.3.1.4.220 2009.01.14 Trojan/Spy.Zbot.hme[/B]
TrendMicro 8.700.0.1004 2009.01.15 -
[B]VBA32 3.12.8.10 2009.01.14 Trojan-Spy.Win32.Zbot.hme[/B]
ViRobot 2009.1.15.1560 2009.01.15 -
[B]VirusBuster 4.5.11.0 2009.01.14 TrojanSpy.ZBot.Gen!Pac.6[/B][/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

Файл pe044_sys получен 2009.01.15 14:15:44 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 12/39 (30.77%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Virus.Win32.Agent.VGV!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
AntiVir 7.9.0.54 2009.01.15 -
Authentium 5.1.0.4 2009.01.14 -
[B]Avast 4.8.1281.0 2009.01.14 Win32:Agent-VGV
AVG 8.0.0.229 2009.01.15 BackDoor.Ntrootkit.AM
BitDefender 7.2 2009.01.15 Trojan.Dropper.SFO[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
Comodo 932 2009.01.15 -
DrWeb 4.44.0.09170 2009.01.15 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.14 -
[B]F-Secure 8.0.14470.0 2009.01.15 Trojan-Dropper.Win32.Agent.stj[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Trojan.Dropper.SFO
Ikarus T3.1.1.45.0 2009.01.15 Virus.Win32.Agent.VGV[/B]
K7AntiVirus 7.10.584 2009.01.09 -
[B]Kaspersky 7.0.0.125 2009.01.15 Trojan-Dropper.Win32.Agent.stj[/B]
McAfee 5495 2009.01.14 -
McAfee+Artemis 5495 2009.01.14 -
Microsoft 1.4205 2009.01.15 -
NOD32 3768 2009.01.15 -
Norman 5.93.01 2009.01.13 -
[B]nProtect 2009.1.8.0 2009.01.15 Trojan.Dropper.SFO[/B]
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.15 -
Prevx1 V2 2009.01.15 -
[B]Rising 21.12.32.00 2009.01.15 Dropper.Win32.Cutwail.t[/B]
SecureWeb-Gateway 6.7.6 2009.01.15 -
Sophos 4.37.0 2009.01.15 -
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.15 Trojan.Pandex[/B]
TheHacker 6.3.1.4.220 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.15 TROJ_DROPPER.AXR[/B]
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.14 -[/QUOTE]
15.01.2009, 22:12
senyak

Файл A0010364.exe получен 2009.01.15 19:57:03 (CET)
Текущий статус: закончено
Результат: 18/38 (47.37%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Virus.Win32.Trojan!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
[B]AntiVir 7.9.0.54 2009.01.15 Worm/SdBot.IW[/B]
Authentium 5.1.0.4 2009.01.15 -
[B]Avast 4.8.1281.0 2009.01.15 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.229 2009.01.15 -
[B]BitDefender 7.2 2009.01.15 Backdoor.Bot.8454[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
Comodo 932 2009.01.15 -
DrWeb 4.44.0.09170 2009.01.15 -
[B]eSafe 7.0.17.0 2009.01.15 SuspiciousR-Mytob3[/B]
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.15 -
F-Secure 8.0.14470.0 2009.01.15 -
[B]Fortinet 3.117.0.0 2009.01.15 PossibleThreat
GData 19 2009.01.15 Backdoor.Bot.8454
Ikarus T3.1.1.45.0 2009.01.15 Virus.Win32.Trojan[/B]
[B]K7AntiVirus 7.10.584 2009.01.09 Backdoor.Win32.SdBot.AEGC[/B]
Kaspersky 7.0.0.125 2009.01.15 -
[B]McAfee 5496 2009.01.15 Generic.eb[/B]
[B]McAfee+Artemis 5496 2009.01.15 Generic!Artemis[/B]
Microsoft 1.4205 2009.01.15 -
NOD32 3769 2009.01.15 -
Norman 5.93.01 2009.01.15 -
nProtect 2009.1.8.0 2009.01.15 -
[B]Panda 9.5.1.2 2009.01.14 W32/Gaobot.OXI.worm[/B]
PCTools 4.4.2.0 2009.01.15 -
[B]Prevx1 V2 2009.01.15 System Back Door
Rising 21.12.32.00 2009.01.15 Backdoor.SdBot.syt
SecureWeb-Gateway 6.7.6 2009.01.15 Worm.SdBot.IW[/B]
Sophos 4.37.0 2009.01.15 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Backdoor.SDBot
Symantec 10 2009.01.15 W32.IRCBot[/B]
TheHacker 6.3.1.4.220 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.15 BKDR_SDBOT.EMK[/B]
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.15 -
[/QUOTE]File size: 3081895 bytes
MD5...: 72a571e7fc21d88228d44fdc59dc5c6d
SHA1..: c30951ece7962e9791bb5860981d71065a8a7051
SHA256: 9b3b3d7eccfc1207889a2923270f570d53d38236ac261139ea6bc87b30c11b53
SHA512: 057d006d4a61f46d397f45271b1dedc073e0763bbb2d78d33bdfb80fb31e8f66
eeb1d6fd8e0e10ab0cbe806f6f602196b5e8a1850dbabd0eb91291fabc429c1b
ssdeep: 49152:xZYrlj+PSaHxZPiefYmLeV9Ia0Uvpz0y43s7HC3dACmZfEPXbFqIpZ:e95
MLPiiYs2B0yI3UHC32CmJEDEI7
PEiD..: -

Файл imcast.exe получен 2009.01.15 20:07:37 (CET)
Текущий статус: закончено
Результат: 17/39 (43.59%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Virus.Win32.Trojan!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
[B]AntiVir 7.9.0.54 2009.01.15 Worm/SdBot.IW[/B]
Authentium 5.1.0.4 2009.01.15 -
[B]Avast 4.8.1281.0 2009.01.15 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.229 2009.01.15 -
[B]BitDefender 7.2 2009.01.15 Backdoor.Bot.8454[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
[B]Comodo 932 2009.01.15 Unclassified Malware[/B]
DrWeb 4.44.0.09170 2009.01.15 -
[B]eSafe 7.0.17.0 2009.01.15 SuspiciousR-Mytob3[/B]
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.15 -
F-Secure 8.0.14470.0 2009.01.15 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Backdoor.Bot.8454
Ikarus T3.1.1.45.0 2009.01.15 Virus.Win32.Trojan[/B]
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.15 -
McAfee 5496 2009.01.15 -
[B]McAfee+Artemis 5496 2009.01.15 Generic!Artemis[/B]
Microsoft 1.4205 2009.01.15 -
NOD32 3769 2009.01.15 -
[B]Norman 5.93.01 2009.01.15 W32/SDBot.AEGC
nProtect 2009.1.8.0 2009.01.15 Backdoor.Bot.8454
Panda 9.5.1.2 2009.01.14 W32/Gaobot.OXI.worm[/B]
PCTools 4.4.2.0 2009.01.15 -
[B]Prevx1 V2 2009.01.15 System Back Door
Rising 21.12.32.00 2009.01.15 Backdoor.SdBot.syt
SecureWeb-Gateway 6.7.6 2009.01.15 Worm.SdBot.IW[/B]
Sophos 4.37.0 2009.01.15 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Backdoor.SDBot
Symantec 10 2009.01.15 W32.IRCbot[/B]
TheHacker 6.3.1.4.220 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.15 -
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.15 -[/QUOTE]
Дополнительная информация
File size: 2084864 bytes
MD5...: b43ddd1591bb03fdcaa6db6a4b5def3e
SHA1..: 021edd86872c4212f1774b8fa4132a441da70255
SHA256: 694b76a4d42b814107e990de7abc84771c69fa5142e0ffd5001aa3a5d3f2c89f
SHA512: 3f76391a4732cc372875f540ab1456782015e06a7c8e6b4d83f1f1de72b39754
96c9bc36f3127cd3e867ed0e3b64e4fe14cadb08f4181f8d62e5cc46a4b4378a
ssdeep: 24576:qUXiFqZWuBMdWHwbAcXx1XqYsZ63bl7fPcD9lehwhmbTsOsbK7vn4VNdjl
6QppDM:7sFu6pXx160I1CUNrbM0oNlCVGT
PEiD..: Armadillo v1.71
16.01.2009, 05:42
ISO

File autochk.dll received on 01.16.2009 03:29:33 (CET)
Result: 10/39 (25.65%)

[CODE]
Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.16 -
AhnLab-V3 2009.1.15.0 2009.01.15 -
[B]AntiVir 7.9.0.55 2009.01.15 TR/Spy.Gen[/B]
Authentium 5.1.0.4 2009.01.15 -
[B]Avast 4.8.1281.0 2009.01.15 Win32:Spyware-gen[/B]
AVG 8.0.0.229 2009.01.15 -
[B]BitDefender 7.2 2009.01.16 Trojan.Generic.1275934[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
Comodo 932 2009.01.15 -
DrWeb 4.44.0.09170 2009.01.15 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.15 -
F-Secure 8.0.14470.0 2009.01.16 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.16 Trojan.Generic.1275934[/B]
Ikarus T3.1.1.45.0 2009.01.16 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.16 -
McAfee 5496 2009.01.15 -
McAfee+Artemis 5496 2009.01.15 -
Microsoft 1.4205 2009.01.16 -
NOD32 3769 2009.01.15 -
[B]Norman 5.93.01 2009.01.15 W32/Malware.EVEF
nProtect 2009.1.8.0 2009.01.16 Trojan.Generic.1275934
Panda 9.5.1.2 2009.01.15 Generic Trojan[/B]
PCTools 4.4.2.0 2009.01.15 -
[B]Prevx1 V2 2009.01.16 Worm[/B]
Rising 21.12.32.00 2009.01.15 -
[B]SecureWeb-Gateway 6.7.6 2009.01.16 Trojan.Spy.Gen[/B]
Sophos 4.37.0 2009.01.16 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.16 -
TheHacker 6.3.1.4.220 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.15 TSPY_AGENT.ZZR[/B]
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.15 -
[/CODE]
Additional information
File size: 16384 bytes
MD5...: 864b2ab9501c5be2a824d5863e139ed8
SHA1..: 0ddcac074bc254b97ab0dbbf0bdef1bd799b128c
SHA256: 8e8258a7249614ac9838df5ceadde908463eda2ce22278b8b6a2b6b0c85bef22
SHA512: 75b8ffe8172aa29a664ec1bf0b309132f4254541d9c4d2a1c548ce8ae462784b
892a2279ea6e973d102c49501b51e17a732a8799d650bdb1667270f93116cbfa
ssdeep: 384:8hqiM6cZM19GxfyT/UiSc7XSLdpZKvBpZVB5Y+T:uNKIUiSPLdXcBDVB
16.01.2009, 18:06
senyak

Файл smspodmenka.jar получен 2009.01.16 16:01:13 (CET)
Текущий статус: закончено
Результат: 10/39 (25.65%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.16 Trojan-SMS.J2ME.Swapi!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.16 -
AntiVir 7.9.0.55 2009.01.16 -
Authentium 5.1.0.4 2009.01.16 -
[B]Avast 4.8.1281.0 2009.01.16 Other:Malware-gen[/B]
AVG 8.0.0.229 2009.01.16 -
BitDefender 7.2 2009.01.16 -
CAT-QuickHeal 10.00 2009.01.16 -
ClamAV 0.94.1 2009.01.16 -
[B]Comodo 933 2009.01.16 TrojWare.J2ME.SMS.Swapi.c
DrWeb 4.44.0.09170 2009.01.16 Java.SMSSend.1[/B]
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6311 2009.01.16 -
F-Prot 4.4.4.56 2009.01.15 -
[B]F-Secure 8.0.14470.0 2009.01.16 Trojan-SMS.J2ME.Swapi.c[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.16 Other:Malware-gen
Ikarus T3.1.1.45.0 2009.01.16 Trojan-SMS.J2ME.Swapi[/B]
K7AntiVirus 7.10.593 2009.01.16 -
[B]Kaspersky 7.0.0.125 2009.01.16 Trojan-SMS.J2ME.Swapi.c[/B]
McAfee 5496 2009.01.15 -
McAfee+Artemis 5496 2009.01.15 -
[B]Microsoft 1.4205 2009.01.16 Trojan:Java/Swapi.C[/B]
NOD32 3771 2009.01.16 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.15 -
PCTools 4.4.2.0 2009.01.16 -
[B]Prevx1 V2 2009.01.16 Cloaked Malware[/B]
Rising 21.12.42.00 2009.01.16 -
SecureWeb-Gateway 6.7.6 2009.01.16 -
Sophos 4.37.0 2009.01.16 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.16 -
TheHacker 6.3.1.4.220 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.16 -
ViRobot 2009.1.16.1562 2009.01.16 -
VirusBuster 4.5.11.0 2009.01.15 -[/QUOTE]
Дополнительная информация
File size: 4293 bytes
MD5...: 8c04cde53fbf4c00ed53c0ad3fd0d3e7
SHA1..: 8a802bb7b53c2e5353c5ec490ab963c423b85e97
SHA256: 7391c65fa3d89fa33f75933b6f4790982a2340719ca35a5f86cfd56b33555b93
SHA512: aafdfadad9e826c723f911760f5ae8bf661b24bcc11d455d55c224a84b86daab
9b0a44745f9a0ddf81b8088e2761158d9eca27f72abb629f058f4991c500b89e
ssdeep: 96:gcFXq9sIgtFSf9rph6w2TXX4qbvtmH+0vv/hXUhSi1YJ:gcFXEskH2TYAvIXn
/hINO
PEiD..: -
18.01.2009, 16:04
kvit

Еще один Trojan-SMS.J2ME.Swapi.c
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.18 -
AhnLab-V3 2009.1.15.0 2009.01.17 -
AntiVir 7.9.0.57 2009.01.17 -
Authentium 5.1.0.4 2009.01.17 -
[B]Avast 4.8.1281.0 2009.01.16 Other:Malware-gen[/B]
AVG 8.0.0.229 2009.01.17 -
BitDefender 7.2 2009.01.18 -
CAT-QuickHeal 10.00 2009.01.17 -
ClamAV 0.94.1 2009.01.18 -
Comodo 935 2009.01.18 -
DrWeb 4.44.0.09170 2009.01.18 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6312 2009.01.17 -
F-Prot 4.4.4.56 2009.01.17 -
[B]F-Secure 8.0.14470.0 2009.01.18 Trojan-SMS.J2ME.Swapi.c[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.18 Other:Malware-gen[/B]
Ikarus T3.1.1.45.0 2009.01.18 -
K7AntiVirus 7.10.594 2009.01.17 -
[B]Kaspersky 7.0.0.125 2009.01.18 Trojan-SMS.J2ME.Swapi.c[/B]
McAfee 5498 2009.01.17 -
McAfee+Artemis 5498 2009.01.17 -
[B]Microsoft 1.4205 2009.01.18 Trojan:Java/Swapi.C[/B]
NOD32 3774 2009.01.17 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.18 -
PCTools 4.4.2.0 2009.01.18 -
Prevx1 V2 2009.01.18 -
Rising 21.12.62.00 2009.01.18 -
SecureWeb-Gateway 6.7.6 2009.01.17 -
Sophos 4.37.0 2009.01.18 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.18 -
TheHacker 6.3.1.5.222 2009.01.17 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.17 -
ViRobot 2009.1.17.1563 2009.01.17 -
VirusBuster 4.5.11.0 2009.01.17 -[/CODE]

[B]Дополнительная информация[/B]
File size: 270636 bytes
MD5...: 92155ab7dffbdbb37a2169d5636d1bb9
SHA1..: da0552b3bdd38e6387d1b5d683a1575accfb51f7
SHA256: 7d3045aa6ad2cf61c62be16f77e2b4f0a94d0540788f3a2e9153bda802323b13
SHA512: 48b1a85bdc78cd0d8c3510293b0f7d9c566468b2e32d1bc59b0625136bbcefcb
0aed2771a7cd51c3a545bad1211b180a00fd9278e0c07c8f36888edab34a59d5
ssdeep: 6144:QTNF0BUjiQAIqDSwI6vI3/IRKyXWXDLeNLU29JCZEvVBuNN4y7WLbUz1:Qx
F0BUjVAIqDSP6K/E2DKNAJEvKNN4y1
PEiD..: -
TrID..: File type identification
ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: -
packers (Kaspersky): PE_Patch

Показывать 40 сообщений этой темы на одной странице

Текущее время: 09:04. Часовой пояс GMT +3.

Page generated in 0.00292 seconds with 10 queries