Исследование антивирусов 7

Файл plugin-flash.swf получен 2010.03.05 15:59:01 (UTC)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: [COLOR=red]20[/COLOR]/42 (47.62%)

[QUOTE]Антивирус Версия Обновление Результат

[B]a-squared 4.5.0.50 2010.03.05-Exploit.SWF!IK
AhnLab-V3 5.0.0.2 2010.03.05-Win-Trojan/Swf-exploit
AntiVir 8.2.1.180 2010.03.05-SWF/Drop.Agent.E.10[/B]
Antiy-AVL 2.0.3.7 2010.03.05-
[B]Authentium 5.2.0.5 2010.03.05-SWF/Obfusc.A!Camelot
Avast 4.8.1351.0 2010.03.05-SWF:Downloader-F
Avast5 5.0.332.0 2010.03.05-SWF:Downloader-F[/B]
AVG 9.0.0.730 2010.03.05-
[B]BitDefender 7.2 2010.03.05-Trojan.SWF.Dropper.E[/B]
CAT-QuickHeal 10.00 2010.03.05-
ClamAV 0.96.0.0-git 2010.03.05-
[B]Comodo 4091 2010.02.28-UnclassifiedMalware[/B]
DrWeb 5.0.1.12222 2010.03.05-
eSafe 7.0.17.0 2010.03.04-
eTrust-Vet3 5.2.7341 2010.03.05-
F-Prot 4.5.1.85 2010.03.04-
[B]F-Secure 9.0.15370.0 2010.03.05-Trojan.SWF.Dropper.E[/B]
Fortinet 4.0.14.0 2010.03.04-
[B]GData 19 2010.03.05-Trojan.SWF.Dropper.E
Ikarus T3.1.1.80.0 2010.03.05-Exploit.SWF[/B]
Jiangmin 13.0.900 2010.03.05-
K7AntiVirus 7.10.990 2010.03.04-
Kaspersky 7.0.0.125 2010.03.05-
McAfee 5910 2010.03.04-
McAfee+Artemis 5910 2010.03.04-
[B]McAfee-GW-Edition 6.8.5 2010.03.05-SWF.Drop.Agent.E.10
Microsoft 1.5502 2010.03.05-TrojanDownloader:Win32/Swif.gen!A
NOD32 4918 2010.03.05-SWF/TrojanDownloader.Swif.NAL[/B]
Norman 6.04.08 2010.03.05-
[B]nProtect 2009.1.8.0 2010.03.05-Trojan-Exploit/W32.SWFlash.16658.HL[/B]
Panda 10.0.2.2 2010.03.04-
[B]PCTools 7.0.3.5 2010.03.04-HeurEngine.MaliciousExploit[/B]
Prevx 3.0 2010.03.05-
Rising 22.37.04.04 2010.03.05-
[B]Sophos 4.51.0 2010.03.05-Troj/SWFLdr-A[/B]
Sunbelt 5759 2010.03.05-
[B]Symantec 20091.2.0.41 2010.03.05-Bloodhound.Exploit.193[/B]
TheHacker 6.5.1.7.221 2010.03.05-
[B]TrendMicro 9.120.0.1004 2010.03.05-SWF_DLOADR.AOU[/B]
VBA32 3.12.12.2 2010.03.05-
[B]ViRobot 2010.3.5.2214 2010.03.05-SWF.S.Exploit.16658[/B]
VirusBuster 5.0.27.0 2010.03.05-

Дополнительная информация
File size: 16658 bytes
MD5...: d1e5c87722e883d30ddf342dfc0e08e9
SHA1..: a4ea20afd0a0c1a27bcbee10573959d6e0aa0167
SHA256: ce2b8fb32259047cded64dc262208497a2dbb575e83c5adf12d53cbca24aa999ssdeep: 384:YC2/7Np3bJ/SSsD4vPkdexXvmsxC4/urjN1:YC+BprJ/SfMkIxXvXxK
PEiD..: -PEInfo: -RDS...: NSRL Reference Data Set[/QUOTE]

притащили на флешке в комплекте с запускающим автораном :scratch_one-s_head:
Файл USBUtil.exe получен 2010.03.10 08:47:02 (UTC)
Результат: [B][COLOR="Red"]12[/COLOR]/42[/B] (28.57%)

[QUOTE]
Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.03.10 -
AhnLab-V3 5.0.0.2 2010.03.09 -
[B]AntiVir 8.2.1.180 2010.03.09 TR/ATRAPS.Gen2[/B]
Antiy-AVL 2.0.3.7 2010.03.10 -
Authentium 5.2.0.5 2010.03.10 -
Avast 4.8.1351.0 2010.03.09 -
Avast5 5.0.332.0 2010.03.09 -
AVG 9.0.0.787 2010.03.09 -
[B]BitDefender 7.2 2010.03.10 Gen:Trojan.FirewallBypass.jmGfaSJSyXpc[/B]
CAT-QuickHeal 10.00 2010.03.10 -
ClamAV 0.96.0.0-git 2010.03.10 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.10 -
eSafe 7.0.17.0 2010.03.09 -
eTrust-Vet 35.2.7351 2010.03.10 -
F-Prot 4.5.1.85 2010.03.09 -
[B]F-Secure 9.0.15370.0 2010.03.10 Gen:Trojan.FirewallBypass.jmGfaSJSyXpc[/B]
Fortinet 4.0.14.0 2010.03.09 -
[B]GData 19 2010.03.10 Gen:Trojan.FirewallBypass.jmGfaSJSyXpc[/B]
Ikarus T3.1.1.80.0 2010.03.10 -
Jiangmin 13.0.900 2010.03.10 -
K7AntiVirus 7.10.993 2010.03.09 -
Kaspersky 7.0.0.125 2010.03.10 -
McAfee 5915 2010.03.09 -
McAfee+Artemis 5915 2010.03.09 -
[B]McAfee-GW-Edition 6.8.5 2010.03.10 Trojan.ATRAPS.Gen2
Microsoft 1.5502 2010.03.10 Worm:Win32/SillyShareCopy.gen[/B]
NOD32 4930 2010.03.09 -
[B]Norman 6.04.08 2010.03.10 W32/Malware[/B]
nProtect 2009.1.8.0 2010.03.10 -
Panda 10.0.2.2 2010.03.09 -
PCTools 7.0.3.5 2010.03.10 -
Prevx 3.0 2010.03.10 -
[B]Rising 22.38.02.03 2010.03.10 Trojan.Win32.DownldrU.a
Sophos 4.51.0 2010.03.10 Mal/SillyFDC-A
Sunbelt 5811 2010.03.10 BehavesLike.Win32.Malware (v)
Symantec 20091.2.0.41 2010.03.10 Suspicious.Insight[/B]
TheHacker 6.5.2.0.228 2010.03.10 -
[B]TrendMicro 9.120.0.1004 2010.03.10 PAK_Generic.001[/B]
VBA32 3.12.12.2 2010.03.09 -
ViRobot 2010.3.10.2219 2010.03.10 -
VirusBuster 5.0.27.0 2010.03.09 -

Дополнительная информация
File size: 154112 bytes
MD5 : 6884fdc6dc471f4319799deac3fa31eb[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/7dee489c2fd1d7c37493143722d1901219a0794fa7630d073cbd891cec675ede-1268210822[/url]

Файл Book_2262.exe получен 2010.03.15 13:52:01 (UTC)
Результат: [B][COLOR="Red"]10[/COLOR]/42 (23.81%)[/B]


[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.50 2010.03.15 Trojan-Downloader.Win32.Adload!IK[/B]
AhnLab-V3 5.0.0.2 2010.03.15 -
[B]AntiVir 8.2.1.180 2010.03.15 ADSPY/AdSpy.Gen[/B]
Antiy-AVL 2.0.3.7 2010.03.15 -
Authentium 5.2.0.5 2010.03.15 -
Avast 4.8.1351.0 2010.03.15 -
Avast5 5.0.332.0 2010.03.15 -
AVG 9.0.0.787 2010.03.15 -
BitDefender 7.2 2010.03.15 -
CAT-QuickHeal 10.00 2010.03.15 -
ClamAV 0.96.0.0-git 2010.03.15 -
[B]Comodo 4273 2010.03.15 ApplicUnsaf.Win32.Adware.Fearads.~J
DrWeb 5.0.1.12222 2010.03.15 Adware.FieryAds.36[/B]
eSafe 7.0.17.0 2010.03.14 -
eTrust-Vet 35.2.7363 2010.03.15 -
F-Prot 4.5.1.85 2010.03.15 -
F-Secure 9.0.15370.0 2010.03.15 -
Fortinet 4.0.14.0 2010.03.15 -
GData 19 2010.03.15 -
[B]Ikarus T3.1.1.80.0 2010.03.15 Trojan-Downloader.Win32.Adload[/B]
Jiangmin 13.0.900 2010.03.15 -
K7AntiVirus 7.10.997 2010.03.13 -
Kaspersky 7.0.0.125 2010.03.15 -
McAfee 5920 2010.03.14 -
McAfee+Artemis 5920 2010.03.14 -
[B]McAfee-GW-Edition 6.8.5 2010.03.15 Ad-Spyware.AdSpy.Gen[/B]
Microsoft 1.5502 2010.03.12 -
[B]NOD32 4946 2010.03.15 a variant of Win32/Adware.FearAds.AA[/B]
Norman 6.04.08 2010.03.14 -
nProtect 2009.1.8.0 2010.03.15 -
Panda 10.0.2.2 2010.03.14 -
PCTools 7.0.3.5 2010.03.15 -
Prevx 3.0 2010.03.15 -
[B]Rising 22.39.00.04 2010.03.15 Trojan.DL.Win32.Undef.ryn[/B]
Sophos 4.51.0 2010.03.15 -
Sunbelt 5894 2010.03.15 -
[B]Symantec 20091.2.0.41 2010.03.15 Suspicious.Insight[/B]
TheHacker 6.5.2.0.233 2010.03.15 -
TrendMicro 9.120.0.1004 2010.03.15 -
[B]VBA32 3.12.12.2 2010.03.14 AdWare.Win32.FearAds.bme[/B]
ViRobot 2010.3.15.2228 2010.03.15 -
VirusBuster 5.0.27.0 2010.03.14 - [/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

[url]http://www.virustotal.com/ru/analisis/5520cb0f6abc6c6e0b76d2ab619734ee193575486cc809bfe44e61263b3a1f13-1268661121[/url]

Файл jjj.jar получен 2010.03.16 05:58:46 (UTC)
Результат: [B]13/42 (30.96%)[/B]

[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.50 2010.03.16 Trojan-Downloader.Java.Agent.ak!A2[/B]
AhnLab-V3 5.0.0.2 2010.03.16 -
AntiVir 8.2.1.180 2010.03.15 -
Antiy-AVL 2.0.3.7 2010.03.15 -
Authentium 5.2.0.5 2010.03.16 -
Avast 4.8.1351.0 2010.03.15 -
Avast5 5.0.332.0 2010.03.15 -
AVG 9.0.0.787 2010.03.15 -
BitDefender 7.2 2010.03.16 -
CAT-QuickHeal 10.00 2010.03.15 -
ClamAV 0.96.0.0-git 2010.03.16 -
Comodo 4280 2010.03.16 -
[B]DrWeb 5.0.1.12222 2010.03.16 Exploit.CVE2008.5353[/B]
eSafe 7.0.17.0 2010.03.15 -
[B]eTrust-Vet 35.2.7365 2010.03.16 Java/ByteVerify!exploit[/B]
F-Prot 4.5.1.85 2010.03.15 -
F-Secure 9.0.15370.0 2010.03.16 -
Fortinet 4.0.14.0 2010.03.15 -
GData 19 2010.03.16 -
[B]Ikarus T3.1.1.80.0 2010.03.16 Exploit.Java.CVE-2008-5353[/B]
Jiangmin 13.0.900 2010.03.16 -
K7AntiVirus 7.10.998 2010.03.15 -
[B]Kaspersky 7.0.0.125 2010.03.16 Trojan-Downloader.Java.Agent.ak
McAfee 5921 2010.03.15 Exploit-CVE2008-5353
McAfee+Artemis 5921 2010.03.15 Exploit-CVE2008-5353[/B]
McAfee-GW-Edition 6.8.5 2010.03.15 -
[B]Microsoft 1.5605 2010.03.16 Exploit:Java/CVE-2008-5353.C
NOD32 4947 2010.03.15 Java/Exploit.CVE-2008-5353.C
Norman 6.04.08 2010.03.15 Java/Exploit.gen.A[/B]
nProtect 2009.1.8.0 2010.03.15 -
Panda 10.0.2.2 2010.03.15 -
[B]PCTools 7.0.3.5 2010.03.15 Trojan.Generic[/B]
Prevx 3.0 2010.03.16 -
Rising 22.39.01.03 2010.03.16 -
Sophos 4.51.0 2010.03.16 -
Sunbelt 5909 2010.03.16 -
[B]Symantec 20091.2.0.41 2010.03.16 Trojan Horse[/B]
TheHacker 6.5.2.0.234 2010.03.16 -
TrendMicro 9.120.0.1004 2010.03.16 -
[B]VBA32 3.12.12.2 2010.03.14 Exploit.Java.CVE-2008-5353[/B]
ViRobot 2010.3.16.2229 2010.03.16 -
VirusBuster 5.0.27.0 2010.03.15 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/c211446675adff03c2e9cb07e03684dd71ce4f1cb6b5a92cf749cbf6390b7ae4-1268719126[/url]

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 5 минут[/I][/B][/color][/size]

подозрительный файл и есть основания полагать что это вирус..

Файл [B]HUFv.exe[/B] получен 2010.03.16 07:38:31 (UTC)
Результат: [B][COLOR="Red"]4[/COLOR]/42 (9.53%)[/B]
[QUOTE]
Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.03.16 -
AhnLab-V3 5.0.0.2 2010.03.16 -
AntiVir 8.2.1.180 2010.03.15 -
Antiy-AVL 2.0.3.7 2010.03.15 -
Authentium 5.2.0.5 2010.03.16 -
Avast 4.8.1351.0 2010.03.15 -
Avast5 5.0.332.0 2010.03.15 -
AVG 9.0.0.787 2010.03.15 -
BitDefender 7.2 2010.03.16 -
CAT-QuickHeal 10.00 2010.03.15 -
ClamAV 0.96.0.0-git 2010.03.16 -
[B]Comodo 4281 2010.03.16 Heur.Packed.Unknown[/B]
DrWeb 5.0.1.12222 2010.03.16 -
eSafe 7.0.17.0 2010.03.15 -
eTrust-Vet 35.2.7365 2010.03.16 -
F-Prot 4.5.1.85 2010.03.15 -
F-Secure 9.0.15370.0 2010.03.16 -
Fortinet 4.0.14.0 2010.03.15 -
GData 19 2010.03.16 -
Ikarus T3.1.1.80.0 2010.03.16 -
Jiangmin 13.0.900 2010.03.16 -
K7AntiVirus 7.10.998 2010.03.15 -
Kaspersky 7.0.0.125 2010.03.16 -
McAfee 5921 2010.03.15 -
McAfee+Artemis 5921 2010.03.15 -
McAfee-GW-Edition 6.8.5 2010.03.15 -
Microsoft 1.5605 2010.03.16 -
NOD32 4947 2010.03.15 -
Norman 6.04.08 2010.03.15 -
nProtect 2009.1.8.0 2010.03.16 -
Panda 10.0.2.2 2010.03.15 -
PCTools 7.0.3.5 2010.03.15 -
Prevx 3.0 2010.03.16 -
Rising 22.39.01.04 2010.03.16 -
[B]Sophos 4.51.0 2010.03.16 Mal/Qbot-B[/B]
Sunbelt 5909 2010.03.16 -
[B]Symantec 20091.2.0.41 2010.03.16 Suspicious.Insight[/B]
TheHacker 6.5.2.0.234 2010.03.16 -
[B]TrendMicro 9.120.0.1004 2010.03.16 TROJ_QAKBOT.SMG[/B]
VBA32 3.12.12.2 2010.03.14 -
ViRobot 2010.3.16.2229 2010.03.16 -
VirusBuster 5.0.27.0 2010.03.15 -

Дополнительная информация
File size: 61952 bytes
MD5...: 5ecd9596eec22525c124dda8e392df77[/QUOTE]
[url]http://www.virustotal.com/ru/analisis/f37aab85f388cdb52960d0790d17797aa63100cc9dfb322049fc78074a651596-1268725111[/url]


[size="1"][color="#666686"][B][I]Добавлено позже[/I][/B][/color][/size]
не ошиблась, уже есть ответ от ЛК
Проверенный файл: [B]HUFv.exe[/B] - [COLOR="Red"]Инфицирован[/COLOR]
[B]HUFv.exe[/B] - инфицирован [COLOR="Red"]Trojan.Win32.Sasfis.ajhj[/COLOR]

Якобы я спам рассылаю, "проверили" мои диски за 5 сек))) и нашли кучу бяки, попросили скачать вот это "лекрство"
Мой KIS опять молчит как рыба об лёд((( Придётся им отослать этого зверя.
File Setup_456.exe received on 2010.03.20 15:42:41 (UTC)
Result: 18/42 (42.86%)
[QUOTE]Antivirus Version Last Update Result
[B]a-squared 4.5.0.50 2010.03.20 Gen.Trojan!IK[/B]
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.19 -
Avast 4.8.1351.0 2010.03.20 -
Avast5 5.0.332.0 2010.03.20 -
[B]AVG 9.0.0.787 2010.03.20 Generic17.ICN
BitDefender 7.2 2010.03.20 Gen:Trojan.Heur.TP.nOW@bWoILmm[/B]
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4330 2010.03.20 -
[B]DrWeb 5.0.1.12222 2010.03.20 Trojan.Fakealert.13805[/B]
eSafe 7.0.17.0 2010.03.18 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.19 -
[B]F-Secure 9.0.15370.0 2010.03.20 Gen:Trojan.Heur.TP.nOW@bWoILmm
Fortinet 4.0.14.0 2010.03.20 W32/Agent.578D!tr.dldr
GData 19 2010.03.20 Gen:Trojan.Heur.TP.nOW@bWoILmm
Ikarus T3.1.1.80.0 2010.03.20 Gen.Trojan[/B]
Jiangmin 13.0.900 2010.03.20 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.20 -
[B]McAfee 5926 2010.03.20 Downloader-CEW[/B]
[B]McAfee+Artemis 5926 2010.03.20 Downloader-CEW[/B]
[B]McAfee-GW-Edition 6.8.5 2010.03.20 [B]Heuristic.LooksLike.Win32.SuspiciousPE.H!90[/B][/B]
Microsoft 1.5605 2010.03.20 -
[B]NOD32 4960 2010.03.20 a variant of Win32/Kryptik.DDO[/B]
Norman 6.04.09 2010.03.20 -
nProtect 2009.1.8.0 2010.03.20 -
[B]Panda 10.0.2.2 2010.03.20 Suspicious file[/B]
PCTools 7.0.3.5 2010.03.20 -
[B]Prevx 3.0 2010.03.20 High Risk Cloaked Malware[/B]
Rising 22.39.05.02 2010.03.20 -
[B]Sophos 4.51.0 2010.03.20 Mal/FakeAV-CO[/B]
Sunbelt 5989 2010.03.20 -
[B]Symantec 20091.2.0.41 2010.03.20 Downloader.MisleadApp
TheHacker 6.5.2.0.241 2010.03.20 Trojan/Kryptik.ddo
TrendMicro 9.120.0.1004 2010.03.20 TROJ_FAKESPY.AB[/B]
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -[/QUOTE]
Additional information
File size: 220672 bytes
MD5...: 910cc0b36286f6550354e85de4872b20
SHA1..: e77c0d80cc4fd32e101931499d27a5ee86e8f371
SHA256: 1759e8ffa6b328fb43e31a7b5b57449f30836fe30ce5caf48b88556e7b64fc96
ssdeep: 6144:K6j4W3ynIdPnvEVpSc7fWPPhoBYINRlGGkZ/O:AQPvo46qGN/8Z
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3e47
timedatestamp.....: 0x49d2f176 (Wed Apr 01 04:45:42 2009)
machinetype.......: 0x14c (I386)

Файл activation.exe получен 2010.03.20 16:42:48 (UTC)

Результат: 14/42 (33.34%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.03.20 -
AhnLab-V3 5.0.0.2 2010.03.20 -
[B]AntiVir 8.2.1.196 2010.03.19 TR/Spy.26624.22[/B]
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.19 -
Avast 4.8.1351.0 2010.03.20 -
Avast5 5.0.332.0 2010.03.20 -
[B]AVG 9.0.0.787 2010.03.20 Win32/Heur[/B]
[B]BitDefender 7.2 2010.03.20 Gen:Trojan.Heur.GZ.bSWbbWT!L1h[/B]
CAT-QuickHeal 10.00 2010.03.19 -
[B]ClamAV 0.96.0.0-git 2010.03.20 PUA.Packed.ASPack
Comodo 4330 2010.03.20 TrojWare.Win32.Trojan.Agent.Gen[/B]
DrWeb 5.0.1.12222 2010.03.20 -
eSafe 7.0.17.0 2010.03.18 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.19 -
[B]F-Secure 9.0.15370.0 2010.03.20 Gen:Trojan.Heur.GZ.bSWbbWT!L1h[/B]
Fortinet 4.0.14.0 2010.03.20 -
[B]GData 19 2010.03.20 Gen:Trojan.Heur.GZ.bSWbbWT!L1h[/B]
Ikarus T3.1.1.80.0 2010.03.20 -
Jiangmin 13.0.900 2010.03.20 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.20 -
McAfee 5926 2010.03.20 -
[B]McAfee+Artemis 5926 2010.03.20 Artemis!95E01A2631D5[/B]
[B]McAfee-GW-Edition 6.8.5 2010.03.20 Heuristic.LooksLike.Win32.Suspicious.B[/B]
Microsoft 1.5605 2010.03.20 -
NOD32 4960 2010.03.20 -
Norman 6.04.09 2010.03.20 -
nProtect 2009.1.8.0 2010.03.20 -
Panda 10.0.2.2 2010.03.20 -
[B]PCTools 7.0.3.5 2010.03.20 Trojan.PWS
Prevx 3.0 2010.03.20 Medium Risk Malware
Rising 22.39.05.02 2010.03.20 Dropper.Win32.Undef.GEN
Sophos 4.51.0 2010.03.20 Mal/EncPk-GC[/B]
Sunbelt 5990 2010.03.20 -
[B]Symantec 20091.2.0.41 2010.03.20 Trojan.PWS.QQPass[/B]
TheHacker 6.5.2.0.241 2010.03.20 -
TrendMicro 9.120.0.1004 2010.03.20 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -

Дополнительная информация
File size: 26624 bytes
MD5...: 95e01a2631d51f50527708bee9d42f75
SHA1..: 1631c8558be2879939f92acce5d432ee5be05f44
SHA256: cf332684d679e848dd97ec4d852c748a76fe0fa97739dbccd492c610e0b20711
ssdeep: 768:2k+zy7R41kfxf0r/k4zJcLz0QJGjJxcLoI:Gzyjf8/diz0QJB<br>

Фэйкалерт заблокировал машину.
Файл 54527427.exe получен 2010.03.21 06:52:39 (UTC)
Текущий статус: закончено
Результат: 7/42 (16.67%)
Форматированные
[QUOTE]Печать результатов Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.03.21 -
AhnLab-V3 5.0.0.2 2010.03.20 -
AntiVir 8.2.1.196 2010.03.19 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.21 -
Avast 4.8.1351.0 2010.03.20 -
Avast5 5.0.332.0 2010.03.20 -
AVG 9.0.0.787 2010.03.20 -
BitDefender 7.2 2010.03.21 -
CAT-QuickHeal 10.00 2010.03.19 -
ClamAV 0.96.0.0-git 2010.03.20 -
Comodo 4337 2010.03.21 -
DrWeb 5.0.1.12222 2010.03.21 -
eSafe 7.0.17.0 2010.03.18 -
eTrust-Vet 35.2.7376 2010.03.19 -
F-Prot 4.5.1.85 2010.03.21 -
[B]F-Secure 9.0.15370.0 2010.03.21 Suspicious:W32/Malware![/B]Gemini
Fortinet 4.0.14.0 2010.03.20 -
GData 19 2010.03.21 -
Ikarus T3.1.1.80.0 2010.03.21 -
Jiangmin 13.0.900 2010.03.21 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.21 -
[B]McAfee 5926 2010.03.20 FakeAlert-KW.e[/B]
[B]McAfee+Artemis 5926 2010.03.20 FakeAlert-KW.e[/B]
[B]McAfee-GW-Edition 6.8.5 2010.03.20 heuristic.LooksLike.Win32.Suspicious.K!92[/B]
Microsoft 1.5605 2010.03.21 -
[B]NOD32 4961 2010.03.20 a variant of Win32/Kryptik.DEN[/B]
Norman 6.04.09 2010.03.20 -
nProtect 2009.1.8.0 2010.03.20 -
Panda 10.0.2.2 2010.03.20 -
PCTools 7.0.3.5 2010.03.21 -
Prevx 3.0 2010.03.21 -
Rising 22.39.06.01 2010.03.21 -
Sophos 4.51.0 2010.03.21 -
Sunbelt 6002 2010.03.21 -
[B]Symantec 20091.2.0.41 2010.03.21 Suspicious.Insight[/B]
[B]TheHacker 6.5.2.0.241 2010.03.21 Trojan/FakeAV.gen[/B]
TrendMicro 9.120.0.1004 2010.03.21 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.19.2236 2010.03.20 -
VirusBuster 5.0.27.0 2010.03.20 -[/QUOTE]
Дополнительная информация
File size: 1040384 bytes
MD5...: 0c5271f5172892de1ba2853d117f4b1e
SHA1..: c3a944a5dac592c598538ba07276f6f020829dc7
SHA256: e54b1042d66f1c45c8612b8dafb01e30f3736842d00c51936620452744444a8b
ssdeep: 24576:jIHXDIY8lUqtEo1PuWQKX1/DH59azCbpB5zq0dki99s+:E3kYjd8XJbpBh

Файл 111 получен 2010.03.24 08:55:35 (UTC)
Результат: 10/42 (23.81%)


[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.50 2010.03.24 Virus.Win32.Injector!IK[/B]
AhnLab-V3 5.0.0.2 2010.03.24 -
AntiVir 8.2.1.196 2010.03.23 -
Antiy-AVL 2.0.3.7 2010.03.24 -
Authentium 5.2.0.5 2010.03.24 -
Avast 4.8.1351.0 2010.03.23 -
Avast5 5.0.332.0 2010.03.23 -
AVG 9.0.0.787 2010.03.23 -
[B]BitDefender 7.2 2010.03.24 Gen:Trojan.Heur.hGZ@tDHN1bjaY[/B]
CAT-QuickHeal 10.00 2010.03.24 -
ClamAV 0.96.0.0-git 2010.03.24 -
[B]Comodo 4366 2010.03.24 Backdoor.Win32.Delf.~DD[/B]
DrWeb 5.0.1.12222 2010.03.24 -
eSafe 7.0.17.0 2010.03.23 -
eTrust-Vet 35.2.7385 2010.03.23 -
F-Prot 4.5.1.85 2010.03.23 -
[B]F-Secure 9.0.15370.0 2010.03.24 Gen:Trojan.Heur.hGZ@tDHN1bjaY[/B]
Fortinet 4.0.14.0 2010.03.24 -
[B]GData 19 2010.03.24 Gen:Trojan.Heur.hGZ@tDHN1bjaY
Ikarus T3.1.1.80.0 2010.03.24 Virus.Win32.Injector[/B]
Jiangmin 13.0.900 2010.03.24 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.03.24 -
McAfee 5929 2010.03.23 -
McAfee+Artemis 5929 2010.03.23 -
McAfee-GW-Edition 6.8.5 2010.03.24 -
Microsoft 1.5605 2010.03.24 -
[B]NOD32 4969 2010.03.23 a variant of Win32/Injector.BDL[/B]
Norman 6.04.10 2010.03.23 -
nProtect 2009.1.8.0 2010.03.24 -
[B]Panda 10.0.2.2 2010.03.23 Suspicious file[/B]
PCTools 7.0.3.5 2010.03.24 -
Prevx 3.0 2010.03.24 -
Rising 22.40.02.03 2010.03.24 -
Sophos 4.51.0 2010.03.24 -
Sunbelt 6031 2010.03.22 -
[B]Symantec 20091.2.0.41 2010.03.24 Suspicious.Insight[/B]
TheHacker 6.5.2.0.242 2010.03.24 -
TrendMicro 9.120.0.1004 2010.03.24 -
[B]VBA32 3.12.12.2 2010.03.23 suspected of Trojan-Dropper.Agent.109[/B]
ViRobot 2010.3.24.2241 2010.03.24 -
VirusBuster 5.0.27.0 2010.03.23 -[/QUOTE]

File uKvbEPtAuuFLQaG.dll received on 2010.03.26 15:13:05 (UTC)
Result: 13/42 (30.96%)
[QUOTE]Antivirus Version Last Update Result
[B]a-squared 4.5.0.50 2010.03.26 Trojan-Ransom.Win32.Hexzone!IK[/B]
AhnLab-V3 5.0.0.2 2010.03.26 -
[B]AntiVir 7.10.5.230 2010.03.26 TR/Ransom.20480[/B]
Antiy-AVL 2.0.3.7 2010.03.26 -
Authentium 5.2.0.5 2010.03.26 -
Avast 4.8.1351.0 2010.03.25 -
Avast5 5.0.332.0 2010.03.25 -
[B]AVG 9.0.0.787 2010.03.26 Ransom.B[/B]
BitDefender 7.2 2010.03.26 -
CAT-QuickHeal 10.00 2010.03.26 -
ClamAV 0.96.0.0-git 2010.03.26 -
Comodo 4392 2010.03.26 -
[B]DrWeb 5.0.1.12222 2010.03.26 Trojan.BrowseBan.252[/B]
eSafe 7.0.17.0 2010.03.25 -
eTrust-Vet 35.2.7390 2010.03.26 -
F-Prot 4.5.1.85 2010.03.26 -
F-Secure 9.0.15370.0 2010.03.26 -
Fortinet 4.0.14.0 2010.03.26 -
GData 19 2010.03.26 -
[B]Ikarus T3.1.1.80.0 2010.03.26 Trojan-Ransom.Win32.Hexzone
Jiangmin 13.0.900 2010.03.26 Trojan/Hexzone.akd[/B]
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.03.26 -
McAfee 5931 2010.03.25 -
[B]McAfee+Artemis 5931 2010.03.25 Artemis!7C655F4CEF28
McAfee-GW-Edition 6.8.5 2010.03.26 Trojan.Ransom.20480[/B]
Microsoft 1.5605 2010.03.26 -
[B]NOD32 4977 2010.03.26 Win32/Ransom.AC
Norman 6.04.10 2010.03.26 W32/BrowseBan.A[/B]
nProtect 2009.1.8.0 2010.03.26 -
[B]Panda 10.0.2.2 2010.03.26 Suspicious file[/B]
PCTools 7.0.3.5 2010.03.26 -
Prevx 3.0 2010.03.26 -
Rising 22.40.04.04 2010.03.26 -
[B]Sophos 4.52.0 2010.03.26 Troj/HexZon-Gen[/B]
Sunbelt 6098 2010.03.26 -
[B]Symantec 20091.2.0.41 2010.03.26 Suspicious.Insight[/B]
TheHacker 6.5.2.0.245 2010.03.26 -
TrendMicro 9.120.0.1004 2010.03.26 -
VBA32 3.12.12.2 2010.03.25 -
ViRobot 2010.3.26.2246 2010.03.26 -
VirusBuster 5.0.27.0 2010.03.26 -[/QUOTE]
Additional information
File size: 19968 bytes
MD5...: 7c655f4cef28390e156b6d9d89d74be4
SHA1..: 2af1eb6ec10b0b9b5a2ae52c5aa88dbca65377a7
SHA256: 6d3b703510bea7b56a0ac5bec94f7f3b4918ce8123b3512989e3ace5a3ce7d87
ssdeep: 384:c5m3QCvlOJKxVw/VES840AxYi1PgBBrx6yJXty6J:c51MlOnx81wSpJXtLJ
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4f87
timedatestamp.....: 0x4baa4cfb (Wed Mar 24 17:33:47 2010)
machinetype.......: 0x14c (I386)

File termsrv.dll received on 2010.03.26 15:12:50 (UTC)
Result: 2/42 (4.77%)
[QUOTE]Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.03.26 -
AhnLab-V3 5.0.0.2 2010.03.26 -
AntiVir 7.10.5.230 2010.03.26 -
Antiy-AVL 2.0.3.7 2010.03.26 -
Authentium 5.2.0.5 2010.03.26 -
Avast 4.8.1351.0 2010.03.25 -
Avast5 5.0.332.0 2010.03.25 -
AVG 9.0.0.787 2010.03.26 -
BitDefender 7.2 2010.03.26 -
CAT-QuickHeal 10.00 2010.03.26 -
ClamAV 0.96.0.0-git 2010.03.26 -
Comodo 4392 2010.03.26 -
DrWeb 5.0.1.12222 2010.03.26 -
eSafe 7.0.17.0 2010.03.25 -
eTrust-Vet 35.2.7390 2010.03.26 -
F-Prot 4.5.1.85 2010.03.26 -
F-Secure 9.0.15370.0 2010.03.26 -
Fortinet 4.0.14.0 2010.03.26 -
GData 19 2010.03.26 -
Ikarus T3.1.1.80.0 2010.03.26 -
[B]Jiangmin 13.0.900 2010.03.26 Backdoor/Huigezi.akaa
K7AntiVirus 7.10.1004 2010.03.22 Trojan.Win32.Agent2.cnig[/B]
Kaspersky 7.0.0.125 2010.03.26 -
McAfee 5931 2010.03.25 -
McAfee+Artemis 5931 2010.03.25 -
McAfee-GW-Edition 6.8.5 2010.03.26 -
Microsoft 1.5605 2010.03.26 -
NOD32 4977 2010.03.26 -
Norman 6.04.10 2010.03.26 -
nProtect 2009.1.8.0 2010.03.26 -
Panda 10.0.2.2 2010.03.26 -
PCTools 7.0.3.5 2010.03.26 -
Prevx 3.0 2010.03.26 -
Rising 22.40.04.04 2010.03.26 -
Sophos 4.52.0 2010.03.26 -
Sunbelt 6098 2010.03.26 -
Symantec 20091.2.0.41 2010.03.26 -
TheHacker 6.5.2.0.245 2010.03.26 -
TrendMicro 9.120.0.1004 2010.03.26 -
VBA32 3.12.12.2 2010.03.25 -
ViRobot 2010.3.26.2246 2010.03.26 -
VirusBuster 5.0.27.0 2010.03.26 -[/QUOTE]
Additional information
File size: 215552 bytes
MD5...: a77219a971029dc2fb683e8513713803
SHA1..: 1c456520a7b7faf71900c71167038185f5a7d312
SHA256: 1eba9a909641e64e935090956b03182335d298cad78052cef3b3f75691eb3f50
ssdeep: 3072:PtNuBp/YIDqobOlqVLBBjAg79G1T65ZF8p5LGvPEDRRQLUMPZU2GdH8CN9u
iecd:PtNuBSID4AVdVAWF8p5L2ECPZzCN1
PEiD..: -
PEInfo: PE Structure information

Файл ff.exe получен 2010.03.26 16:13:06 (UTC)
Результат: 5/42 (11.91%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.03.26 -
AhnLab-V3 5.0.0.2 2010.03.26 -
AntiVir 7.10.5.230 2010.03.26 -
Antiy-AVL 2.0.3.7 2010.03.26 -
Authentium 5.2.0.5 2010.03.26 -
Avast 4.8.1351.0 2010.03.25 -
Avast5 5.0.332.0 2010.03.25 -
[B]AVG 9.0.0.787 2010.03.26 unknown virus Win32/DH.CAFF82025D[/B]
BitDefender 7.2 2010.03.26 -
CAT-QuickHeal 10.00 2010.03.26 -
ClamAV 0.96.0.0-git 2010.03.26 -
Comodo 4392 2010.03.26 -
DrWeb 5.0.1.12222 2010.03.26 -
eSafe 7.0.17.0 2010.03.25 -
eTrust-Vet 35.2.7390 2010.03.26 -
F-Prot 4.5.1.85 2010.03.26 -
F-Secure 9.0.15370.0 2010.03.26 -
Fortinet 4.0.14.0 2010.03.26 -
GData 19 2010.03.26 -
Ikarus T3.1.1.80.0 2010.03.26 -
Jiangmin 13.0.900 2010.03.26 -
K7AntiVirus 7.10.1004 2010.03.22 -
[B]Kaspersky 7.0.0.125 2010.03.26 Packed.Win32.Krap.x[/B]
McAfee 5931 2010.03.25 -
McAfee+Artemis 5931 2010.03.25 -
McAfee-GW-Edition 6.8.5 2010.03.26 -
Microsoft 1.5605 2010.03.26 -
NOD32 4977 2010.03.26 -
Norman 6.04.10 2010.03.26 -
nProtect 2009.1.8.0 2010.03.26 -
[B]Panda 10.0.2.2 2010.03.26 Suspicious file[/B]
PCTools 7.0.3.5 2010.03.26 -
Prevx 3.0 2010.03.26 -
Rising 22.40.04.04 2010.03.26 -
Sophos 4.52.0 2010.03.26 -
[B]Sunbelt 6099 2010.03.26 Trojan.Win32.Generic.pak!cobra
Symantec 20091.2.0.41 2010.03.26 Suspicious.Insight[/B]
TheHacker 6.5.2.0.245 2010.03.26 -
TrendMicro 9.120.0.1004 2010.03.26 -
VBA32 3.12.12.2 2010.03.25 -
ViRobot 2010.3.26.2246 2010.03.26 -
VirusBuster 5.0.27.0 2010.03.26 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/051bdb9e28ab6d3d04f9fb92e448307037011aae67090e33120d48c6681e3e49-1269619986[/url]

Файл avz00001.dta получен 2010.04.01 11:07:30 (UTC)
Результат: [B]16/42[/B] (38.1%)
[CODE][B]a-squared 4.5.0.50 2010.04.01 Trojan.Win32.SuspectCRC!IK[/B]
AhnLab-V3 5.0.0.2 2010.03.31 -
AntiVir 7.10.6.13 2010.04.01 -
Antiy-AVL 2.0.3.7 2010.04.01 -
Authentium 5.2.0.5 2010.04.01 -
[B]Avast 4.8.1351.0 2010.03.31 Win32:Rootkit-gen
Avast5 5.0.332.0 2010.03.31 Win32:Rootkit-gen
AVG 9.0.0.787 2010.04.01 SHeur3.LWD[/B]
BitDefender 7.2 2010.04.01 -
[B]CAT-QuickHeal 10.00 2010.04.01 (Suspicious) - DNAScan[/B]
ClamAV 0.96.0.0-git 2010.04.01 -
[B]Comodo 4461 2010.04.01 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.04.01 Trojan.Packed.19855[/B]
eSafe 7.0.17.0 2010.03.31 -
eTrust-Vet 35.2.7401 2010.04.01 -
F-Prot 4.5.1.85 2010.04.01 -
F-Secure 9.0.15370.0 2010.04.01 -
[B]Fortinet 4.0.14.0 2010.04.01 PossibleThreat
GData 19 2010.04.01 Win32:Rootkit-gen
Ikarus T3.1.1.80.0 2010.04.01 Trojan.Win32.SuspectCRC[/B]
Jiangmin 13.0.900 2010.04.01 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.04.01 -
McAfee 5937 2010.03.31 -
McAfee+Artemis 5937 2010.03.31 -
McAfee-GW-Edition 6.8.5 2010.04.01 -
Microsoft 1.5605 2010.03.31 -
[B]NOD32 4991 2010.04.01 Win32/Spy.Shiz.NAI[/B]
Norman 6.04.10 2010.03.31 -
nProtect 2009.1.8.0 2010.04.01 -
[B]Panda 10.0.2.2 2010.04.01 Suspicious file[/B]
PCTools 7.0.3.5 2010.04.01 -
Prevx 3.0 2010.04.01 -
[B]Rising 22.41.03.04 2010.04.01 Trojan.Win32.Generic.51FCAE35[/B]
Sophos 4.52.0 2010.04.01 -
[B]Sunbelt 6124 2010.04.01 Trojan.Win32.Generic!SB.0
Symantec 20091.2.0.41 2010.04.01 Suspicious.Insight[/B]
TheHacker 6.5.2.0.248 2010.03.31 -
TrendMicro 9.120.0.1004 2010.04.01 -
[B]VBA32 3.12.12.4 2010.04.01 Win32.Spy.Shiz.NAI[/B]
ViRobot 2010.4.1.2256 2010.04.01 -
VirusBuster 5.0.27.0 2010.04.01 -
[/CODE]
[url]http://www.virustotal.com/ru/analisis/a502d7515521549647058855c44cbfad502bd00c799e873bcba376d8f60fa858-1270120050[/url]

File [B]patch.exe[/B] received on 2010.04.01 16:46:36 (UTC)
Result: [COLOR="Red"][B]10[/B][/COLOR]/42 (23.81%)
[QUOTE][U]Antivirus Version Last Update Result[/U]
a-squared 4.5.0.50 2010.04.01 -
AhnLab-V3 5.0.0.2 2010.04.01 -
[B]AntiVir 7.10.6.16 2010.04.01 TR/Rootkit.Gen[/B]
Antiy-AVL 2.0.3.7 2010.04.01 -
Authentium 5.2.0.5 2010.04.01 -
Avast 4.8.1351.0 2010.04.01 -
Avast5 5.0.332.0 2010.04.01 -
AVG 9.0.0.787 2010.04.01 -
[B]BitDefender 7.2 2010.04.01 Gen:Win32.Malware.bmW@aKexpncc[/B]
CAT-QuickHeal 10.00 2010.04.01 -
ClamAV 0.96.0.0-git 2010.04.01 -
Comodo 4461 2010.04.01 -
DrWeb 5.0.2.03300 2010.04.01 -
eSafe 7.0.17.0 2010.04.01 -
eTrust-Vet 35.2.7401 2010.04.01 -
F-Prot 4.5.1.85 2010.04.01 -
[B]F-Secure 9.0.15370.0 2010.04.01 Gen:Win32.Malware.bmW@aKexpncc[/B]
Fortinet 4.0.14.0 2010.04.01 -
[B]GData 19 2010.04.01 Gen:Win32.Malware.bmW@aKexpncc[/B]
Ikarus T3.1.1.80.0 2010.04.01 -
Jiangmin 13.0.900 2010.04.01 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.04.01 -
McAfee 5937 2010.03.31 -
McAfee+Artemis 5937 2010.03.31 -
[B]McAfee-GW-Edition 6.8.5 2010.04.01 Trojan.Rootkit.Gen[/B]
Microsoft 1.5605 2010.03.31 -
NOD32 4993 2010.04.01 -
Norman 6.04.10 2010.04.01 -
[B]nProtect 2009.1.8.0 2010.04.01 Gen:Win32.Malware.bmW@aKexpncc[/B]
Panda 10.0.2.2 2010.04.01 -
PCTools 7.0.3.5 2010.04.01 -
Prevx 3.0 2010.04.01 -
Rising 22.41.03.04 2010.04.01 -
[B]Sophos 4.52.0 2010.04.01 Troj/FakeAle-FJ
Sunbelt 6124 2010.04.01 BehavesLike.Win32.Malware (v)
Symantec 20091.2.0.41 2010.04.01 Suspicious.Insight[/B]
TheHacker 6.5.2.0.249 2010.04.01 -
[B]TrendMicro 9.120.0.1004 2010.04.01 PAK_Generic.001[/B]
VBA32 3.12.12.4 2010.04.01 -
ViRobot 2010.4.1.2256 2010.04.01 -
VirusBuster 5.0.27.0 2010.04.01 -[/QUOTE]
Additional information
File size: [B]16896[/B] bytes
MD5...: 174a637539cf5d031e007f69a8f04e61
SHA1..: f7bb6b1611a92362d2e76e19ef125e8cd5a0e486
SHA256: 95ee666f96c3929e9e430308f1d5d3210bab387efe12c1ff16de8c536fb26b8a
[url]http://www.virustotal.com/analisis/95ee666f96c3929e9e430308f1d5d3210bab387efe12c1ff16de8c536fb26b8a-1270140396[/url]

File [B]_install.exe[/B] received on 2010.04.01 16:48:00 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: [B][COLOR="Red"]32[/COLOR][/B]/42 (76.2%)
[QUOTE][U]Antivirus Version Last Update Result[/U]
[B]a-squared 4.5.0.50 2010.04.01 Trojan-Downloader.Win32.PassAlert.r!IK[/B]
AhnLab-V3 5.0.0.2 2010.04.01 -
[B]AntiVir 7.10.6.16 2010.04.01 HEUR/Crypted[/B]
[B]Antiy-AVL 2.0.3.7 2010.04.01 Trojan/Win32.heuristic
Authentium 5.2.0.5 2010.04.01 W32/Heuristic-210!Eldorado
Avast 4.8.1351.0 2010.04.01 Win32:Malware-gen
Avast5 5.0.332.0 2010.04.01 Win32:Malware-gen[/B]
[B]AVG 9.0.0.787 2010.04.01 Generic15.CEYF
BitDefender 7.2 2010.04.01 Trojan.Agent.ANPG
CAT-QuickHeal 10.00 2010.04.01 (Suspicious) - DNAScan[/B]
ClamAV 0.96.0.0-git 2010.04.01 -
[B]Comodo 4462 2010.04.01 Heur.Packed.Unknown
DrWeb 5.0.2.03300 2010.04.01 Trojan.Winlock.275
eSafe 7.0.17.0 2010.04.01 Win32.Stration[/B]
eTrust-Vet 35.2.7401 2010.04.01 -
[B]F-Prot 4.5.1.85 2010.04.01 W32/Heuristic-210!Eldorado
F-Secure 9.0.15370.0 2010.04.01 Trojan.Agent.ANPG[/B]
Fortinet 4.0.14.0 2010.04.01 -
[B]GData 19 2010.04.01 Trojan.Agent.ANPG
Ikarus T3.1.1.80.0 2010.04.01 Trojan-Downloader.Win32.PassAlert.r
Jiangmin 13.0.900 2010.04.01 Backdoor/RBot.njz[/B]
K7AntiVirus 7.10.1004 2010.03.22 -
[B]Kaspersky 7.0.0.125 2010.04.01 Heur.Trojan.Generic[/B]
McAfee 5937 2010.03.31 -
[B]McAfee+Artemis 5937 2010.03.31 Artemis!7C957776E1F1
McAfee-GW-Edition 6.8.5 2010.04.01 Heuristic.LooksLike.Win32.Suspicious.H[/B]
Microsoft 1.5605 2010.03.31 -
[B]NOD32 4993 2010.04.01 a variant of Win32/Small.NGO
Norman 6.04.10 2010.04.01 Suspicious_M.gen
nProtect 2009.1.8.0 2010.04.01 Trojan.Agent.ANPG
Panda 10.0.2.2 2010.04.01 Trj/CI.A
PCTools 7.0.3.5 2010.04.01 HeurEngine.ZeroDayThreat[/B]
Prevx 3.0 2010.04.01 -
Rising 22.41.03.04 2010.04.01 -
[B]Sophos 4.52.0 2010.04.01 Mal/EncPk-BA
Sunbelt 6124 2010.04.01 Trojan.Win32.Generic!BT
Symantec 20091.2.0.41 2010.04.01 Suspicious.MLApp
TheHacker 6.5.2.0.249 2010.04.01 W32/Behav-Heuristic-066
TrendMicro 9.120.0.1004 2010.04.01 Cryp_MEW-11
VBA32 3.12.12.4 2010.04.01 Trojan.Win32.Scar.akln[/B]
ViRobot 2010.4.1.2256 2010.04.01 -
[B]VirusBuster 5.0.27.0 2010.04.01 Packed/MEW[/B][/QUOTE]
Additional information
File size: [B]2290[/B] bytes
MD5...: 7c957776e1f1f18d80240f9c366fa7bb
SHA1..: f156ca0d2507fef7e080860ea38ecede574b6f52
SHA256: d3fd1d0b92787898d34836ec22bea675ddefb1ce5c6725576cfc5df6d31a0ad3
[url]http://www.virustotal.com/analisis/d3fd1d0b92787898d34836ec22bea675ddefb1ce5c6725576cfc5df6d31a0ad3-1270140480[/url]

Файл netrazis.exe получен 2010.04.01 16:40:38 (UTC)
Текущий статус: закончено
Результат: 9/42 (21.43%)
Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.04.01 -
AhnLab-V3 5.0.0.2 2010.04.01 -
AntiVir 7.10.6.16 2010.04.01 -
Antiy-AVL 2.0.3.7 2010.04.01 -
Authentium 5.2.0.5 2010.04.01 -
[B]Avast 4.8.1351.0 2010.04.01 Win32:MalOb-AI
Avast5 5.0.332.0 2010.04.01 Win32:MalOb-AI[/B]
AVG 9.0.0.787 2010.04.01 -
BitDefender 7.2 2010.04.01 -
CAT-QuickHeal 10.00 2010.04.01 -
ClamAV 0.96.0.0-git 2010.04.01 -
Comodo 4461 2010.04.01 -
DrWeb 5.0.2.03300 2010.04.01 -
eSafe 7.0.17.0 2010.04.01 -
eTrust-Vet 35.2.7401 2010.04.01 -
F-Prot 4.5.1.85 2010.04.01 -
F-Secure 9.0.15370.0 2010.04.01 -
Fortinet 4.0.14.0 2010.04.01 -
GData 19 2010.04.01 Win32:MalOb-AI
Ikarus T3.1.1.80.0 2010.04.01 -
Jiangmin 13.0.900 2010.04.01 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.04.01 -
[B]McAfee 5937 2010.03.31 W32/Palevo.gen.a
McAfee+Artemis 5937 2010.03.31 W32/Palevo.gen.a[/B]
McAfee-GW-Edition 6.8.5 2010.04.01 -
Microsoft 1.5605 2010.03.31 -
[B]NOD32 4993 2010.04.01 a variant of Win32/Peerfrag.GR[/B]
Norman 6.04.10 2010.04.01 -
nProtect 2009.1.8.0 2010.04.01 -
Panda 10.0.2.2 2010.04.01 -
PCTools 7.0.3.5 2010.04.01 -
[B]Prevx 3.0 2010.04.01 High Risk Cloaked Malware[/B]
Rising 22.41.03.04 2010.04.01 -
Sophos 4.52.0 2010.04.01 -
Sunbelt 6124 2010.04.01 -
[B]Symantec 20091.2.0.41 2010.04.01 Suspicious.Insight[/B]
TheHacker 6.5.2.0.249 2010.04.01 -
[B]TrendMicro 9.120.0.1004 2010.04.01 TROJ_BREDLAB.SMD[/B]
VBA32 3.12.12.4 2010.04.01 -
ViRobot 2010.4.1.2256 2010.04.01 -
VirusBuster 5.0.27.0 2010.04.01 -

Дополнительная информация
File size: 108032 bytes
MD5 : dded5ca3e5d2899aeed5c54371866f38
SHA1 : dacc50134ea7a8e223c7d13c4304c10e6f4fb166
SHA256: 5a8847eb917eb16a00dbcd853048d1615a922a4284c209ec53222859e88588ea

Народное тестирование. Что прислали - посчитали. Февраль - Март:
(ну и вчерашние тоже прихватил)

Во какая гадость ломится в Скайп уже второй день

Файл Mario_Kolaricjpg.zip получен 2010.04.05 14:07:41 (UTC)
Текущий статус: закончено
Результат: 6/39 (15.38%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.04.05 -
AhnLab-V3 5.0.0.2 2010.04.05 -
[B]AntiVir 7.10.6.24 2010.04.03 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2010.04.02 -
Authentium 5.2.0.5 2010.04.05 -
Avast 4.8.1351.0 2010.04.05 -
Avast5 5.0.332.0 2010.04.05 -
AVG 9.0.0.787 2010.04.05 -
BitDefender 7.2 2010.04.05 -
CAT-QuickHeal 10.00 2010.04.05 -
ClamAV 0.96.0.3-git 2010.04.05 -
Comodo 4506 2010.04.05 -
[B]DrWeb 5.0.2.03300 2010.04.05 Win32.HLLW.SpyNet[/B]
eSafe 7.0.17.0 2010.04.01 -
eTrust-Vet 35.2.7408 2010.04.05 -
F-Prot 4.5.1.85 2010.04.05 -
F-Secure 9.0.15370.0 2010.04.05 -
Fortinet 4.0.14.0 2010.04.04 -
GData 19 2010.04.05 -
Ikarus T3.1.1.80.0 2010.04.05 -
Jiangmin 13.0.900 2010.04.05 -
Kaspersky 7.0.0.125 2010.04.05 -
[B]McAfee-GW-Edition 6.8.5 2010.04.03 Trojan.Dropper.Gen[/B]
Microsoft 1.5605 2010.04.05 -
NOD32 5001 2010.04.05 -
Norman 6.04.10 2010.04.05 -
nProtect 2009.1.8.0 2010.04.05 -
[B]Panda 10.0.2.2 2010.04.05 Bck/Bifrost.gen[/B]
PCTools 7.0.3.5 2010.04.05 -
Prevx 3.0 2010.04.05 -
Rising 22.41.04.05 2010.04.02 -
Sophos 4.52.0 2010.04.05 -
[B]Sunbelt 6139 2010.04.05 Virtool.Win32.VBInject.gen (v)
Symantec 20091.2.0.41 2010.04.05 Suspicious.Insight[/B]
TheHacker 6.5.2.0.253 2010.04.05 -
TrendMicro 9.120.0.1004 2010.04.05 -
VBA32 3.12.12.4 2010.04.05 -
ViRobot 2010.4.5.2261 2010.04.05 -
VirusBuster 5.0.27.0 2010.04.04 -[/QUOTE]
Дополнительная информация
File size: 40395 bytes
MD5 : af7d11e9bdab6e39b3b8530b7711de06
SHA1 : 7b1000a284ae08a7c810ec2a58930698b09428cb
SHA256: 1c1b7e719c01c36552a945c54c28dfd7532eece7e1c4151217726dfa8fc256c3
TrID : File type identification
ZIP compressed archive (100.0%)

[url]http://www.virustotal.com/ru/analisis/1c1b7e719c01c36552a945c54c28dfd7532eece7e1c4151217726dfa8fc256c3-1270476461[/url]

Файл install_flash_player.exe получен 2010.04.06 05:18:42 (UTC)
Результат: 10/39 (25.65%)


[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.50 2010.04.06 Trojan-Dropper.Win32.Sirefef!IK[/B]
AhnLab-V3 5.0.0.2 2010.04.05 -
[B]AntiVir 7.10.6.25 2010.04.05 TR/Crypt.ZPACK.Gen[/B]
Antiy-AVL 2.0.3.7 2010.04.02 -
Authentium 5.2.0.5 2010.04.06 -
Avast 4.8.1351.0 2010.04.05 -
Avast5 5.0.332.0 2010.04.05 -
AVG 9.0.0.787 2010.04.05 -
BitDefender 7.2 2010.04.06 -
CAT-QuickHeal 10.00 2010.04.06 -
ClamAV 0.96.0.3-git 2010.04.06 -
[B]Comodo 4513 2010.04.06 TrojWare.Win32.Trojan.Agent.Gen[/B]
DrWeb 5.0.2.03300 2010.04.06 -
eSafe 7.0.17.0 2010.04.01 -
eTrust-Vet 35.2.7409 2010.04.05 -
F-Prot 4.5.1.85 2010.04.05 -
F-Secure 9.0.15370.0 2010.04.06 -
Fortinet 4.0.14.0 2010.04.04 -
GData 19 2010.04.06 -
[B]Ikarus T3.1.1.80.0 2010.04.06 Trojan-Dropper.Win32.Sirefef[/B]
Jiangmin 13.0.900 2010.04.06 -
Kaspersky 7.0.0.125 2010.04.06 -
[B]McAfee-GW-Edition 6.8.5 2010.04.05 Trojan.Crypt.ZPACK.Gen
Microsoft 1.5605 2010.04.06 TrojanDropper:Win32/Sirefef.B
NOD32 5002 2010.04.05 a variant of Win32/Kryptik.DMJ[/B]
Norman 6.04.10 2010.04.05 -
nProtect 2009.1.8.0 2010.04.05 -
[B]Panda 10.0.2.2 2010.04.05 Suspicious file[/B]
PCTools 7.0.3.5 2010.04.06 -
Prevx 3.0 2010.04.06 -
Rising 22.42.01.01 2010.04.06 -
Sophos 4.52.0 2010.04.06 -
Sunbelt 6142 2010.04.06 -
[B]Symantec 20091.2.0.41 2010.04.06 Suspicious.Insight[/B]
TheHacker 6.5.2.0.254 2010.04.05 -
TrendMicro 9.120.0.1004 2010.04.06 -
[B]VBA32 3.12.12.4 2010.04.05 Trojan.Win32.Waledac.45[/B]
ViRobot 2010.4.6.2262 2010.04.06 -
VirusBuster 5.0.27.0 2010.04.05 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/ead25148132d0660ad2786cd4f4c835c62e59fe519f93807c22b9d3a495f7ca1-1270531122[/url]

[QUOTE]Файл avz00007.dta получен 2010.04.08 18:10:49 (UTC)Антивирус Версия Обновление Результат
a-squared 4.5.0.50 2010.04.08 -
AhnLab-V3 5.0.0.2 2010.04.08 -
AntiVir 7.10.6.49 2010.04.08 -
Antiy-AVL 2.0.3.7 2010.04.08 -
Authentium 5.2.0.5 2010.04.08 -
Avast 4.8.1351.0 2010.04.08 -
Avast5 5.0.332.0 2010.04.08 -
AVG 9.0.0.787 2010.04.08 -
BitDefender 7.2 2010.04.08 -
CAT-QuickHeal 10.00 2010.04.08 -
ClamAV 0.96.0.3-git 2010.04.08 -
Comodo 4540 2010.04.08 -
DrWeb 5.0.2.03300 2010.04.08 -
eSafe 7.0.17.0 2010.04.08 -
eTrust-Vet 35.2.7414 2010.04.08 -
F-Prot 4.5.1.85 2010.04.07 -
F-Secure 9.0.15370.0 2010.04.08 -
Fortinet 4.0.14.0 2010.04.08 -
GData 19 2010.04.08 -
Ikarus T3.1.1.80.0 2010.04.08 -
Jiangmin 13.0.900 2010.04.08 -
Kaspersky 7.0.0.125 2010.04.08 -
McAfee-GW-Edition 6.8.5 2010.04.08 -
Microsoft 1.5605 2010.04.08 -
NOD32 5011 2010.04.08 -
Norman 6.04.11 2010.04.08 -
nProtect 2009.1.8.0 2010.04.06 -
Panda 10.0.2.2 2010.04.08 -
PCTools 7.0.3.5 2010.04.08 -
Prevx 3.0 2010.04.08 -
Rising 22.42.03.03 2010.04.08 -
Sophos 4.52.0 2010.04.08 -
Sunbelt 6151 2010.04.08 -
[B]Symantec 20091.2.0.41 2010.04.08 Suspicious.Insight[/B]
TheHacker 6.5.2.0.258 2010.04.08 -
TrendMicro 9.120.0.1004 2010.04.08 -
[B]VBA32 3.12.12.4 2010.04.05 suspected of Malware-Cryptor.Win32.MTA.gen[/B]
ViRobot 2010.4.8.2267 2010.04.08 -
VirusBuster 5.0.27.0 2010.04.08 -

Дополнительная информация
File size: 183296 bytes
MD5 : 6238e5fc8c4d2c5cef3368a6112ca3b9
SHA1 : 1b4e65878d64b36d93a4bd6c017412234115dbf5
SHA256: a98d45e6cb1e5601169eb9614ba58c96048ea396d6d64f63a0d9ad2002ec3c85[/QUOTE]
Два подозрения, [URL="http://virusinfo.info/showpost.php?p=618254&postcount=736"]но....[/URL]

File TDSS.new.exe received on 2010.04.09 10:14:58 (UTC)
Result: 7/39 (17.95%)
[QUOTE]a-squared 4.5.0.50 2010.04.09 -
AhnLab-V3 5.0.0.2 2010.04.09 -
AntiVir 7.10.6.52 2010.04.09 -
Antiy-AVL 2.0.3.7 2010.04.09 -
Authentium 5.2.0.5 2010.04.09 -
Avast 4.8.1351.0 2010.04.09 -
Avast5 5.0.332.0 2010.04.09 -
[B]AVG 9.0.0.787 2010.04.09 Win32/Heur[/B]
BitDefender 7.2 2010.04.09 -
CAT-QuickHeal 10.00 2010.04.09 -
ClamAV 0.96.0.3-git 2010.04.09 -
Comodo 4547 2010.04.09 -
DrWeb 5.0.2.03300 2010.04.09 -
eSafe 7.0.17.0 2010.04.08 -
eTrust-Vet 35.2.7417 2010.04.09 -
F-Prot 4.5.1.85 2010.04.08 -
[B]F-Secure 9.0.15370.0 2010.04.09 Suspicious:W32/Malware!Gemini[/B]
Fortinet 4.0.14.0 2010.04.08 -
GData 19 2010.04.09 -
Ikarus T3.1.1.80.0 2010.04.09 -
Jiangmin 13.0.900 2010.04.09 -
Kaspersky 7.0.0.125 2010.04.09 -
[B]McAfee-GW-Edition 6.8.5 2010.04.09 Heuristic.LooksLike.Trojan.TDss.B[/B]
Microsoft 1.5605 2010.04.09 -
[B]NOD32 5012 2010.04.09 a variant of Win32/Kryptik.DON[/B]
Norman 6.04.11 2010.04.09 -
nProtect 2009.1.8.0 2010.04.06 -
[B]Panda 10.0.2.2 2010.04.08 Suspicious file[/B]
PCTools 7.0.3.5 2010.04.09 -
Prevx 3.0 2010.04.09 -
Rising 22.42.04.03 2010.04.09 -
[B]Sophos 4.52.0 2010.04.09 Sus/UnkPack-C[/B]
Sunbelt 6155 2010.04.09 -
[B]Symantec 20091.2.0.41 2010.04.09 Packed.Generic.295[/B]
TheHacker 6.5.2.0.258 2010.04.09 -
TrendMicro 9.120.0.1004 2010.04.09 -
VBA32 3.12.12.4 2010.04.09 -
ViRobot 2010.4.9.2269 2010.04.09 -
VirusBuster 5.0.27.0 2010.04.08 -[/QUOTE]
[url]http://www.virustotal.com/analisis/7a20947bdf2dd45f96664af8ca62449e788e87954c672430146de2d40874fa68-1270808098[/url]

P.S. И это очень печально.

[size="1"][color="#666686"][B][I]Добавлено через 24 минуты[/I][/B][/color][/size]

File 3.safe received on 2010.04.09 10:40:56 (UTC)
Result: 7/39 (17.95%)
[QUOTE][B]a-squared 4.5.0.50 2010.04.09 Trojan.Win32.Hiloti!IK[/B]
AhnLab-V3 5.0.0.2 2010.04.09 -
AntiVir 7.10.6.52 2010.04.09 -
Antiy-AVL 2.0.3.7 2010.04.09 -
Authentium 5.2.0.5 2010.04.09 -
Avast 4.8.1351.0 2010.04.09 -
Avast5 5.0.332.0 2010.04.09 -
AVG 9.0.0.787 2010.04.09 -
BitDefender 7.2 2010.04.09 -
CAT-QuickHeal 10.00 2010.04.09 -
ClamAV 0.96.0.3-git 2010.04.09 -
[B]Comodo 4547 2010.04.09 TrojWare.Win32.Downloader.Mufanom.I[/B]
DrWeb 5.0.2.03300 2010.04.09 -
eSafe 7.0.17.0 2010.04.08 -
[B]eTrust-Vet 35.2.7417 2010.04.09 Win32/Hiloti.B!generic[/B]
F-Prot 4.5.1.85 2010.04.08 -
F-Secure 9.0.15370.0 2010.04.09 -
Fortinet 4.0.14.0 2010.04.08 -
GData 19 2010.04.09 -
[B]Ikarus T3.1.1.80.0 2010.04.09 Trojan.Win32.Hiloti[/B]
Jiangmin 13.0.900 2010.04.09 -
Kaspersky 7.0.0.125 2010.04.09 -
McAfee-GW-Edition 6.8.5 2010.04.09 -
Microsoft 1.5605 2010.04.09 -
NOD32 5012 2010.04.09 -
Norman 6.04.11 2010.04.09 -
nProtect 2009.1.8.0 2010.04.06 -
[B]Panda 10.0.2.2 2010.04.08 Suspicious file[/B]
PCTools 7.0.3.5 2010.04.09 -
Prevx 3.0 2010.04.09 -
Rising 22.42.04.03 2010.04.09 -
[B]Sophos 4.52.0 2010.04.09 Mal/Hiloti-C[/B]
Sunbelt 6155 2010.04.09 -
Symantec 20091.2.0.41 2010.04.09 -
TheHacker 6.5.2.0.258 2010.04.09 -
TrendMicro 9.120.0.1004 2010.04.09 -
[B]VBA32 3.12.12.4 2010.04.09 Bscope.Malware-Cryptor.Tip[/B]
ViRobot 2010.4.9.2269 2010.04.09 -
VirusBuster 5.0.27.0 2010.04.08 -[/QUOTE]
[url]http://www.virustotal.com/analisis/af0dde544106fde288b4507c792efffa27b95c83e4d524a7c196f304729a4a51-1270809656[/url]

Интересно, что даёт анпак того же файла:

File dump.safe received on 2010.04.09 10:44:08 (UTC)
Result: 11/39 (28.21%)
[QUOTE][B]a-squared 4.5.0.50 2010.04.09 Trojan-Downloader.Win32.Mufanom!IK[/B]
AhnLab-V3 5.0.0.2 2010.04.09 -
AntiVir 7.10.6.52 2010.04.09 -
Antiy-AVL 2.0.3.7 2010.04.09 -
[B]Authentium 5.2.0.5 2010.04.09 W32/Mufanom.A.gen!Eldorado[/B]
Avast 4.8.1351.0 2010.04.09 -
Avast5 5.0.332.0 2010.04.09 -
[B]AVG 9.0.0.787 2010.04.09 Generic17.GST[/B]
BitDefender 7.2 2010.04.09 -
CAT-QuickHeal 10.00 2010.04.09 -
ClamAV 0.96.0.3-git 2010.04.09 -
Comodo 4547 2010.04.09 -
[B]DrWeb 5.0.2.03300 2010.04.09 Trojan.DownLoad1.43052[/B]
eSafe 7.0.17.0 2010.04.08 -
eTrust-Vet 35.2.7417 2010.04.09 -
[B]F-Prot 4.5.1.85 2010.04.08 W32/Mufanom.A.gen!Eldorado
F-Secure 9.0.15370.0 2010.04.09 Trojan-Downloader:W32/Mufanom.B[/B]
Fortinet 4.0.14.0 2010.04.08 -
GData 19 2010.04.09 -
[B]Ikarus T3.1.1.80.0 2010.04.09 Trojan-Downloader.Win32.Mufanom[/B]
Jiangmin 13.0.900 2010.04.09 -
[B]Kaspersky 7.0.0.125 2010.04.09 Trojan-Downloader.Win32.Mufanom.pgq[/B]
McAfee-GW-Edition 6.8.5 2010.04.09 -
[B]Microsoft 1.5605 2010.04.09 Trojan:Win32/Hiloti.gen!D
NOD32 5012 2010.04.09 probably a variant of Win32/Cimag.W[/B]
Norman 6.04.11 2010.04.09 -
nProtect 2009.1.8.0 2010.04.06 -
Panda 10.0.2.2 2010.04.08 -
PCTools 7.0.3.5 2010.04.09 -
Prevx 3.0 2010.04.09 -
[B]Rising 22.42.04.03 2010.04.09 Trojan.DL.Win32.Downloader.GEN[/B]
Sophos 4.52.0 2010.04.09 -
Sunbelt 6155 2010.04.09 -
Symantec 20091.2.0.41 2010.04.09 -
TheHacker 6.5.2.0.258 2010.04.09 -
TrendMicro 9.120.0.1004 2010.04.09 -
VBA32 3.12.12.4 2010.04.09 -
ViRobot 2010.4.9.2269 2010.04.09 -
VirusBuster 5.0.27.0 2010.04.08 -[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 1 час 36 минут[/I][/B][/color][/size]

Как только не называют Black Energy 2.1+! А некоторые - вообще никак не называют :)
File rootkit.ex1 received on 2010.04.09 12:19:39 (UTC)
Result: 26/39 (66.67%)
[QUOTE][B]a-squared 4.5.0.50 2010.04.09 Trojan.SuspectCRC!IK[/B]
AhnLab-V3 5.0.0.2 2010.04.09 -
[B]AntiVir 7.10.6.53 2010.04.09 TR/Obfuscated.GQ.10[/B]
[B]Antiy-AVL 2.0.3.7 2010.04.09 Trojan/Win32.Agent.gen[/B]
Authentium 5.2.0.5 2010.04.09 -
[B]Avast 4.8.1351.0 2010.04.09 Win32:Zbot-LYA[/B]
[B]Avast5 5.0.332.0 2010.04.09 Win32:Zbot-LYA[/B]
[B]AVG 9.0.0.787 2010.04.09 Generic16.BYLT
BitDefender 7.2 2010.04.09 Trojan.Generic.3256916
CAT-QuickHeal 10.00 2010.04.09 Backdoor.Rustock.e[/B]
ClamAV 0.96.0.3-git 2010.04.09 -
[B]Comodo 4548 2010.04.09 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.04.09 Trojan.Winlock.1110[/B]
eSafe 7.0.17.0 2010.04.08 -
eTrust-Vet 35.2.7417 2010.04.09 -
F-Prot 4.5.1.85 2010.04.08 -
[B]F-Secure 9.0.15370.0 2010.04.09 Trojan.Generic.3256916
Fortinet 4.0.14.0 2010.04.08 W32/Bancos.E
GData 19 2010.04.09 Trojan.Generic.3256916
Ikarus T3.1.1.80.0 2010.04.09 Trojan.SuspectCRC[/B]
Jiangmin 13.0.900 2010.04.09 -
Kaspersky 7.0.0.125 2010.04.09 -
[B]McAfee-GW-Edition 6.8.5 2010.04.09 Heuristic.LooksLike.Win32.Suspicious.B!85
Microsoft 1.5605 2010.04.09 Backdoor:Win32/Rustock.E
NOD32 5012 2010.04.09 probably a variant of Win32/Kryptik.BRT
Norman 6.04.11 2010.04.09 W32/Obfuscated.V[/B]
nProtect 2009.1.8.0 2010.04.06 -
[B]Panda 10.0.2.2 2010.04.08 Trj/CI.A
PCTools 7.0.3.5 2010.04.09 Trojan-PSW.Generic[/B]
Prevx 3.0 2010.04.09 -
Rising 22.42.04.03 2010.04.09 -
[B]Sophos 4.52.0 2010.04.09 Mal/Bancos-E
Sunbelt 6155 2010.04.09 Trojan.Win32.Generic!BT
Symantec 20091.2.0.41 2010.04.09 Infostealer[/B]
TheHacker 6.5.2.0.258 2010.04.09 -
[B]TrendMicro 9.120.0.1004 2010.04.09 TROJ_Gen.BA33L9
VBA32 3.12.12.4 2010.04.09 Malware-Cryptor.Win32.Vals.22[/B]
ViRobot 2010.4.9.2269 2010.04.09 -
[B]VirusBuster 5.0.27.0 2010.04.09 Trojan.Obfuscated.DXYU[/B][/QUOTE]

[url]http://www.virustotal.com/analisis/5af3fd53aea5e008d8725c720ea0290e2e0cd485d8a953053ccf02e5e81a94a0-1270815579[/url]

File vk-__o______a.exe received on 2010.04.13 10:42:41 (UTC)
Result: 10/40 (25%)

[QUOTE]a-squared 4.5.0.50 2010.04.13 -
AhnLab-V3 5.0.0.2 2010.04.12 -
AntiVir 7.10.6.65 2010.04.13 -
Antiy-AVL 2.0.3.7 2010.04.13 -
Authentium 5.2.0.5 2010.04.12 -
Avast 4.8.1351.0 2010.04.13 -
Avast5 5.0.332.0 2010.04.13 -
AVG 9.0.0.787 2010.04.13 -
BitDefender 7.2 2010.04.13 -
CAT-QuickHeal 10.00 2010.04.13 -
[B]ClamAV 0.96.0.3-git 2010.04.13 Trojan.Magania-9679[/B]
[B]Comodo 4585 2010.04.13 TrojWare.Win32.TrojanDropper.Delf.~HP[/B]
DrWeb 5.0.2.03300 2010.04.13 -
eSafe 7.0.17.0 2010.04.12 -
eTrust-Vet 35.2.7421 2010.04.12 -
F-Prot 4.5.1.85 2010.04.12 -
F-Secure 9.0.15370.0 2010.04.13 -
Fortinet 4.0.14.0 2010.04.12 -
GData 19 2010.04.13 -
Ikarus T3.1.1.80.0 2010.04.13 -
[B]Jiangmin 13.0.900 2010.04.13 Worm.VBS.ew[/B]
[B]Kaspersky 7.0.0.125 2010.04.13 Type_Script[/B]
McAfee 5.400.0.1158 2010.04.13 -
[B]McAfee-GW-Edition 6.8.5 2010.04.13 Heuristic.LooksLike.Win32.Suspicious.H[/B]
Microsoft 1.5605 2010.04.13 -
NOD32 5024 2010.04.13 -
[B]Norman 6.04.11 2010.04.13 W32/Agent.TXES[/B]
[B]nProtect 2009.1.8.0 2010.04.06 Trojan/W32.Agent.180736.K[/B]
Panda 10.0.2.7 2010.04.13 -
PCTools 7.0.3.5 2010.04.13 -
Prevx 3.0 2010.04.13 High Risk Worm
[B]Rising 22.43.01.01 2010.04.13 Trojan.Win32.GyBird.c[/B]
Sophos 4.52.0 2010.04.13 -
Sunbelt 6170 2010.04.13 -
Symantec 20091.2.0.41 2010.04.13 -
TheHacker 6.5.2.0.259 2010.04.12 -
TrendMicro 9.120.0.1004 2010.04.13 -
VBA32 3.12.12.4 2010.04.09 -
[B]ViRobot 2010.4.13.2273 2010.04.13 Trojan.Win32.Delf.180224.B[/B]
VirusBuster 5.0.27.0 2010.04.12 -[/QUOTE]

[url]http://www.virustotal.com/analisis/787c6eb4ab6d9209ff78baa92e40a29212d104eb471dbccbca90fd3d8b1033e1-1271155361[/url]

Файл autorun.in получен 2010.04.14 03:54:13 (UTC)
[QUOTE]
a-squared 4.5.0.50 2010.04.14 -
AhnLab-V3 5.0.0.2 2010.04.13 -
[COLOR="Red"]AntiVir 7.10.6.69 2010.04.13 TR/AutorunINF.633[/COLOR]
Antiy-AVL 2.0.3.7 2010.04.13 -
Authentium 5.2.0.5 2010.04.14 -
Avast 4.8.1351.0 2010.04.13 -
Avast5 5.0.332.0 2010.04.13 -
AVG 9.0.0.787 2010.04.14 -
[COLOR="#ff0000"]BitDefender 7.2 2010.04.14 Trojan.AutorunINF.Gen[/COLOR]
CAT-QuickHeal 10.00 2010.04.14 -
[COLOR="#ff0000"]ClamAV 0.96.0.3-git 2010.04.13 Worm.Autorun-1792[/COLOR]
Comodo 4593 2010.04.14 -
DrWeb 5.0.2.03300 2010.04.14 -
eSafe 7.0.17.0 2010.04.13 -
eTrust-Vet 35.2.7423 2010.04.13 -
F-Prot 4.5.1.85 2010.04.13 -
[COLOR="#ff0000"]F-Secure 9.0.15370.0 2010.04.14 Trojan.AutorunINF.Gen[/COLOR]
Fortinet 4.0.14.0 2010.04.12 -
[COLOR="#ff0000"]GData 19 2010.04.14 Trojan.AutorunINF.Gen[/COLOR]
Ikarus T3.1.1.80.0 2010.04.14 -
Jiangmin 13.0.900 2010.04.13 -
Kaspersky 7.0.0.125 2010.04.14 -
[COLOR="#ff0000"]McAfee 5.400.0.1158 2010.04.14 Generic!atr.b[/COLOR]
[COLOR="#ff0000"]McAfee-GW-Edition 6.8.5 2010.04.13 Trojan.AutorunINF.633[/COLOR]
[COLOR="#ff0000"]Microsoft 1.5605 2010.04.14 VirTool:INF/Autorun.gen[/COLOR]
NOD32 5026 2010.04.13 -
Norman 6.04.11 2010.04.13 -
[COLOR="#ff0000"]nProtect 2009.1.8.0 2010.04.06 Trojan.AutorunINF.Gen[/COLOR]
[COLOR="#ff0000"]Panda 10.0.2.7 2010.04.13 W32/Harakit.D.worm[/COLOR]
PCTools 7.0.3.5 2010.04.14 -
Prevx 3.0 2010.04.14 -
Rising 22.43.02.01 2010.04.14 -
Sophos 4.52.0 2010.04.14 -
[COLOR="#ff0000"]Sunbelt 6174 2010.04.14 INF.Autorun (v)[/COLOR]
Symantec 20091.2.0.41 2010.04.14 -
[COLOR="#ff0000"]TheHacker 6.5.2.0.260 2010.04.13 Trojan/Autorun.gen[/COLOR]
TrendMicro 9.120.0.1004 2010.04.13 -
VBA32 3.12.12.4 2010.04.09 -
ViRobot 2010.4.13.2274 2010.04.13 -
VirusBuster 5.0.27.0 2010.04.13 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/89f6b2a673e19143122179d1e164cc916a74c2416a9392ea40fe15e62a3abcef-1271217253[/url]

[size="1"][color="#666686"][B][I]Добавлено через 5 минут[/I][/B][/color][/size]

айл autorun.i получен 2010.04.14 04:04:34 (UTC)
Результат: [COLOR="Red"]12[/COLOR]/40 (30%)

[QUOTE]a-squared 4.5.0.50 2010.04.14 -
AhnLab-V3 5.0.0.2 2010.04.13 -
AntiVir 7.10.6.69 2010.04.13 -
Antiy-AVL 2.0.3.7 2010.04.13 -
Authentium 5.2.0.5 2010.04.14 -
[COLOR="Red"]Avast 4.8.1351.0 2010.04.13 BV:AutoRun-AK[/COLOR]
[COLOR="#ff0000"]Avast5 5.0.332.0 2010.04.13 BV:AutoRun-AK[/COLOR]
AVG 9.0.0.787 2010.04.14 -
[COLOR="#ff0000"]BitDefender 7.2 2010.04.14 Trojan.AutorunINF.Gen[/COLOR]
CAT-QuickHeal 10.00 2010.04.14 -
[COLOR="#ff0000"]ClamAV 0.96.0.3-git 2010.04.13 Worm.Autorun-1792[/COLOR]
Comodo 4593 2010.04.14 -
DrWeb 5.0.2.03300 2010.04.14 -
eSafe 7.0.17.0 2010.04.13 -
eTrust-Vet 35.2.7423 2010.04.13 -
F-Prot 4.5.1.85 2010.04.13 -
[COLOR="#ff0000"]F-Secure 9.0.15370.0 2010.04.14 Trojan.AutorunINF.Gen[/COLOR]
Fortinet 4.0.14.0 2010.04.12 -
[COLOR="#ff0000"]GData 19 2010.04.14 Trojan.AutorunINF.Gen[/COLOR]
Ikarus T3.1.1.80.0 2010.04.14 -
Jiangmin 13.0.900 2010.04.13 -
Kaspersky 7.0.0.125 2010.04.14 -
[COLOR="#ff0000"]McAfee 5.400.0.1158 2010.04.14 Generic!atr.b[/COLOR]
McAfee-GW-Edition 6.8.5 2010.04.13 -
[COLOR="#ff0000"]Microsoft 1.5605 2010.04.14 VirTool:INF/Autorun.gen[/COLOR]
NOD32 5026 2010.04.13 -
Norman 6.04.11 2010.04.13 -
[COLOR="#ff0000"]nProtect 2009.1.8.0 2010.04.06 Trojan.AutorunINF.Gen[/COLOR]
[COLOR="#ff0000"]Panda 10.0.2.7 2010.04.13 W32/Harakit.D.worm[/COLOR]
PCTools 7.0.3.5 2010.04.14 -
Prevx 3.0 2010.04.14 -
Rising 22.43.02.01 2010.04.14 -
Sophos 4.52.0 2010.04.14 -
[COLOR="#ff0000"]Sunbelt 6174 2010.04.14 INF.Autorun (v)[/COLOR]
Symantec 20091.2.0.41 2010.04.14 -
[COLOR="#ff0000"]TheHacker 6.5.2.0.260 2010.04.13 Trojan/Autorun.gen[/COLOR]
TrendMicro 9.120.0.1004 2010.04.13 -
VBA32 3.12.12.4 2010.04.09 -
ViRobot 2010.4.13.2274 2010.04.13 -
VirusBuster 5.0.27.0 2010.04.13 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/3b42703c3a25e4dfbaa79e01eb05736ee76add377a5bd3279c2fc3be75ba6c6d-1271217874[/url]