Исследование антивирусов 7

Printable View

Показывать 40 сообщений этой темы на одной странице

22.08.2010, 17:38
polar_owl

Только что из Помогите.
[B]c:\windows\system32\40e38710.exe[/B], прописывается в [B]UserInit[/B]
[B]avz00001.dta
Submission date: 2010-08-22 13:32:15 (UTC)
Current status: finished
Result: [COLOR="Red"]4[/COLOR]/ 42 (9.5%)[/B]
[QUOTE][B]Antivirus Version Last Update Result[/B]
AhnLab-V3 2010.08.22.00 2010.08.21 -
AntiVir 8.2.4.38 2010.08.20 -
Antiy-AVL 2.0.3.7 2010.08.16 -
Authentium 5.2.0.5 2010.08.22 -
Avast 4.8.1351.0 2010.08.22 -
Avast5 5.0.332.0 2010.08.22 -
AVG 9.0.0.851 2010.08.22 -
BitDefender 7.2 2010.08.22 -
CAT-QuickHeal 11.00 2010.08.21 -
ClamAV 0.96.2.0-git 2010.08.22 -
[B]Comodo 5817 2010.08.22 [COLOR="red"]TrojWare.Win32.Trojan.Agent.Gen[/COLOR][/B]
DrWeb 5.0.2.03300 2010.08.22 -
Emsisoft 5.0.0.37 2010.08.22 -
eSafe 7.0.17.0 2010.08.19 -
eTrust-Vet 36.1.7804 2010.08.21 -
F-Prot 4.6.1.107 2010.08.22 -
[B]F-Secure 9.0.15370.0 2010.08.22 [COLOR="red"]Suspicious:W32/Malware!Gemini[/COLOR][/B]
Fortinet 4.1.143.0 2010.08.22 -
GData 21 2010.08.22 -
Ikarus T3.1.1.88.0 2010.08.22 -
Jiangmin 13.0.900 2010.08.21 -
Kaspersky 7.0.0.125 2010.08.22 -
McAfee 5.400.0.1158 2010.08.22 -
McAfee-GW-Edition 2010.1B 2010.08.21 -
Microsoft 1.6103 2010.08.22 -
NOD32 5386 2010.08.22 -
Norman 6.05.11 2010.08.22 -
nProtect 2010-08-22.01 2010.08.22 -
[B]Panda 10.0.2.7 2010.08.22 [COLOR="red"]Suspicious file[/COLOR][/B]
PCTools 7.0.3.5 2010.08.22 -
[B]Prevx 3.0 2010.08.22 [COLOR="red"]High Risk Cloaked Malware[/COLOR][/B]
Rising 22.61.06.04 2010.08.22 -
Sophos 4.56.0 2010.08.22 -
Sunbelt 6775 2010.08.22 -
SUPERAntiSpyware 4.40.0.1006 2010.08.22 -
Symantec 20101.1.1.7 2010.08.22 -
TheHacker 6.5.2.1.352 2010.08.20 -
TrendMicro 9.120.0.1004 2010.08.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.22 -
VBA32 3.12.14.0 2010.08.20 -
ViRobot 2010.8.18.3995 2010.08.22 -
VirusBuster 5.0.27.0 2010.08.21 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=b9f8697dd287c672fdb8a1da0487be5f78bd9fb044cc4824b4f594ec47a85047-1282483935"]VirusTotal[/URL]
24.08.2010, 18:39
valho

Не было Ц.П.
File name: tftp.exe
Submission date: 2010-08-24 14:27:18 (UTC)
Current status:finished
Result: 7 /42 (16.7%)
[QUOTE]AhnLab-V3 2010.08.24.00 2010.08.23 -
AntiVir 8.2.4.38 2010.08.24 -
Antiy-AVL 2.0.3.7 2010.08.23 -
[B]Authentium 5.2.0.5 2010.08.24 W32/Backdoor2.BIRB[/B]
Avast 4.8.1351.0 2010.08.23 -
Avast5 5.0.332.0 2010.08.23 -
AVG 9.0.0.851 2010.08.24 -
BitDefender 7.2 2010.08.24 -
CAT-QuickHeal 11.00 2010.08.24 -
ClamAV 0.96.2.0-git 2010.08.24 -
Comodo 5843 2010.08.24 -
DrWeb 5.0.2.03300 2010.08.24 -
Emsisoft 5.0.0.37 2010.08.24 -
eSafe 7.0.17.0 2010.08.24 -
eTrust-Vet 36.1.7810 2010.08.23 -
[B]F-Prot 4.6.1.107 2010.08.24 W32/Backdoor2.BIRB[/B]
F-Secure 9.0.15370.0 2010.08.24 -
Fortinet 4.1.143.0 2010.08.24 -
GData 21 2010.08.24 -
Ikarus T3.1.1.88.0 2010.08.24 -
[B]Jiangmin 13.0.900 2010.08.23 Trojan/Agent.aaul[/B]
Kaspersky 7.0.0.125 2010.08.24 -
[B]McAfee 5.400.0.1158 2010.08.24 Artemis!DB3F663417BA[/B]
[B]McAfee-GW-Edition 2010.1B 2010.08.24 Artemis!DB3F663417BA[/B]
Microsoft 1.6103 2010.08.24 -
NOD32 5393 2010.08.24 -
Norman 6.05.11 2010.08.24 -
nProtect 2010-08-24.01 2010.08.24 -
Panda 10.0.2.7 2010.08.24 -
PCTools 7.0.3.5 2010.08.24 -
Prevx 3.0 2010.08.24 -
Rising 22.62.01.04 2010.08.24 -
Sophos 4.56.0 2010.08.24 -
[B]Sunbelt 6784 2010.08.24 Worm.Win32.IRCBot.Gen[/B]
SUPERAntiSpyware 4.40.0.1006 2010.08.24 -
Symantec 20101.1.1.7 2010.08.24 -
[B]TheHacker 6.5.2.1.355 2010.08.24 Trojan/Downloader.Small.vwo[/B]
TrendMicro 9.120.0.1004 2010.08.24 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.24 -
VBA32 3.12.14.0 2010.08.24 -
ViRobot 2010.8.24.4005 2010.08.24 -
VirusBuster 5.0.27.0 2010.08.23 -[/QUOTE]
Additional information
Show all
MD5 : db3f663417baec4d8da89267a4a27df5
SHA1 : 943e17378e006babd80d8b480bbd4e00fe9a70bd
SHA256: f950a2885af8d280d3a3d15171fca25b022d011c5bfbe03f94cb244116d54c5a
ssdeep: 3:WlWUqt/vll2sZ2vxrlYC8XvEXGl/nl/llakVFvlNl//vl7//llrllVlVJl/t1l9r:idqUsOxr[*lb*]lY1/E2ZnlqtW1
File size : 16896 bytes
First seen: 2007-03-28 23:38:55
Last seen : 2010-08-24 14:27:18
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x1000
timedatestamp....: 0x42DCB199 (Tue Jul 19 07:54:01 2005)
machinetype......: 0x14C (Intel I386)
25.08.2010, 08:27
olejah

Файл [B]C:\Documents and Settings\USERNAME\.exe[/B] -

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.07.28.00 2010.07.27 -
AntiVir 8.2.4.26 2010.07.27 -
Antiy-AVL 2.0.3.7 2010.07.28 -
Authentium 5.2.0.5 2010.07.28 -
Avast 4.8.1351.0 2010.07.28 -
Avast5 5.0.332.0 2010.07.28 -
AVG 9.0.0.851 2010.07.27 -
BitDefender 7.2 2010.07.28 -
CAT-QuickHeal 11.00 2010.07.28 -
ClamAV 0.96.0.3-git 2010.07.28 -
Comodo 5564 2010.07.28 -
[B]DrWeb 5.0.2.03300 2010.07.28 - [COLOR="Red"]Trojan.WinSpy.914[/COLOR][/B]
[B]Emsisoft 5.0.0.34 2010.07.28 - [COLOR="Red"]Trojan.Win32.Agent!A2[/COLOR][/B]
eSafe 7.0.17.0 2010.07.27 -
eTrust-Vet 36.1.7743 2010.07.27 -
F-Prot 4.6.1.107 2010.07.28 -
F-Secure 9.0.15370.0 2010.07.28 -
Fortinet 4.1.143.0 2010.07.24 -
GData 21 2010.07.28 -
Ikarus T3.1.1.84.0 2010.07.28 -
Jiangmin 13.0.900 2010.07.28 -
Kaspersky 7.0.0.125 2010.07.27 -
McAfee 5.400.0.1158 2010.07.28 -
McAfee-GW-Edition 2010.1 2010.07.27 -
Microsoft 1.6004 2010.07.28 -
NOD32 5318 2010.07.27 -
Norman 6.05.11 2010.07.27 -
nProtect 2010-07-28.01 2010.07.28 -
[B]Panda 10.0.2.7 2010.07.27 - [COLOR="Red"]Suspicious file[/COLOR][/B]
PCTools 7.0.3.5 2010.07.28 -
Prevx 3.0 2010.07.28 -
Rising 22.58.02.03 2010.07.28 -
Sophos 4.55.0 2010.07.28 -
Sunbelt 6652 2010.07.28 -
SUPERAntiSpyware 4.40.0.1006 2010.07.28 -
Symantec 20101.1.1.7 2010.07.28 -
TheHacker 6.5.2.1.326 2010.07.27 -
TrendMicro 9.120.0.1004 2010.07.27 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.28 -
VBA32 3.12.12.6 2010.07.27 -
ViRobot 2010.7.23.3956 2010.07.28 -
VirusBuster 5.0.27.0 2010.07.28 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=4f2ed025f3a8d12083571bbe1889c60c1d2e3759fedd5d02282e335fcb8dea2c-1280300681"]virustotal.com[/URL]

Файл - [B]C:\WINDOWS\system32\syschk32.exe[/B] -

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.08.25.00 2010.08.24 -
AntiVir 8.2.4.38 2010.08.24 -
Antiy-AVL 2.0.3.7 2010.08.23 -
Authentium 5.2.0.5 2010.08.25 -
Avast 4.8.1351.0 2010.08.24 -
Avast5 5.0.594.0 2010.08.24 -
AVG 9.0.0.851 2010.08.24 -
BitDefender 7.2 2010.08.25 -
CAT-QuickHeal 11.00 2010.08.24 -
ClamAV 0.96.2.0-git 2010.08.25 -
Comodo 5848 2010.08.24 -
[B]DrWeb 5.0.2.03300 2010.08.25 - [COLOR="Red"]Trojan.Siggen.36831[/COLOR][/B]
Emsisoft 5.0.0.37 2010.08.25 -
eSafe 7.0.17.0 2010.08.24 -
eTrust-Vet 36.1.7814 2010.08.24 -
F-Prot 4.6.1.107 2010.08.24 -
F-Secure 9.0.15370.0 2010.08.25 -
Fortinet 4.1.143.0 2010.08.24 -
GData 21 2010.08.24 -
Ikarus T3.1.1.88.0 2010.08.25 -
[B]Jiangmin 13.0.900 2010.08.23 - [COLOR="Red"]Trojan/Inject.ijv[/COLOR][/B]
Kaspersky 7.0.0.125 2010.08.25 -
McAfee 5.400.0.1158 2010.08.25 -
[B]McAfee-GW-Edition 2010.1B 2010.08.25 - [COLOR="Red"]Heuristic.BehavesLike.Win32.Trojan.H[/COLOR] [/B]
Microsoft 1.6103 2010.08.25 -
[B]NOD32 5394 2010.08.24 - [COLOR="Red"]a variant of Win32/Agent.QKY[/COLOR][/B]
Norman 6.05.11 2010.08.24 -
nProtect 2010-08-24.01 2010.08.24 -
[B]Panda 10.0.2.7 2010.08.25 - [COLOR="Red"]Suspicious file[/COLOR] [/B]
PCTools 7.0.3.5 2010.08.25 -
Prevx 3.0 2010.08.25 -
Rising 22.62.02.01 2010.08.25 -
Sophos 4.56.0 2010.08.25 -
Sunbelt 6788 2010.08.25 -
SUPERAntiSpyware 4.40.0.1006 2010.08.25 -
Symantec 20101.1.1.7 2010.08.25 -
TheHacker 6.5.2.1.355 2010.08.24 -
TrendMicro 9.120.0.1004 2010.08.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.25 -
VBA32 3.12.14.0 2010.08.24 -
[B]ViRobot 2010.8.24.4005 2010.08.24 - [COLOR="Red"]Trojan.Win32.Inject.43520.C[/COLOR][/B]
VirusBuster 5.0.27.0 2010.08.24 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=7f565f8bf7c67c20c72a5a2d5aa0403651f3afb9720ed96128cb49ea76a4ebf4-1282711015"]virustotal.com[/URL]
26.08.2010, 14:08
olejah

Наш новенький - [B]C:\Documents and Settings\Admin\Главное меню\Программы\Автозагрузка\sisgbi32.exe[/B], аналог monoca32, только, как я понял, круче -

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.08.26.00 2010.08.25 -
AntiVir 8.2.4.38 2010.08.25 -
Antiy-AVL 2.0.3.7 2010.08.23 -
Authentium 5.2.0.5 2010.08.25 -
Avast 4.8.1351.0 2010.08.25 -
Avast5 5.0.594.0 2010.08.25 -
AVG 9.0.0.851 2010.08.25 -
BitDefender 7.2 2010.08.25 -
CAT-QuickHeal 11.00 2010.08.24 -
[B]ClamAV 0.96.2.0-git 2010.08.25 - [COLOR="Red"]Worm.Palevo-9668[/COLOR][/B]
Comodo 5856 2010.08.25 -
[B]DrWeb 5.0.2.03300 2010.08.25 - [COLOR="Red"]Trojan.Packed.20894[/COLOR][/B]
Emsisoft 5.0.0.37 2010.08.25 -
eSafe 7.0.17.0 2010.08.25 -
eTrust-Vet 36.1.7815 2010.08.25 -
F-Prot 4.6.1.107 2010.08.25 -
[B]F-Secure 9.0.15370.0 2010.08.25 - [COLOR="Red"]Suspicious:W32/Malware!Gemini[/COLOR][/B]
Fortinet 4.1.143.0 2010.08.25 -
GData 21 2010.08.25 -
Ikarus T3.1.1.88.0 2010.08.25 -
Jiangmin 13.0.900 2010.08.25 -
Kaspersky 7.0.0.125 2010.08.25 -
McAfee 5.400.0.1158 2010.08.25 -
McAfee-GW-Edition 2010.1B 2010.08.25 -
Microsoft 1.6103 2010.08.25 -
NOD32 5397 2010.08.25 -
Norman 6.05.11 2010.08.25 -
nProtect 2010-08-25.02 2010.08.25 -
[B]Panda 10.0.2.7 2010.08.25 - [COLOR="Red"]Suspicious file[/COLOR][/B]
PCTools 7.0.3.5 2010.08.25 -
Prevx 3.0 2010.08.26 -
Rising 22.62.02.04 2010.08.25 -
[B]Sophos 4.56.0 2010.08.25 - [COLOR="Red"]Sus/VB-BD[/COLOR][/B]
Sunbelt 6792 2010.08.25 -
SUPERAntiSpyware 4.40.0.1006 2010.08.25 -
Symantec 20101.1.1.7 2010.08.26 -
TheHacker 6.5.2.1.355 2010.08.25 -
TrendMicro 9.120.0.1004 2010.08.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.25 -
VBA32 3.12.14.0 2010.08.25 -
ViRobot 2010.8.25.4007 2010.08.25 -
VirusBuster 5.0.27.0 2010.08.25 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=aee77e38a3b6681b910503e28f74851a893a35a2b9518c93cf3c3616136d9ca0-1282774617"]virustotal.com[/URL]
03.09.2010, 18:38
Winsent

File name: aol.exe
Submission date: 2010-09-03 14:30:07 (UTC)
Current status: finished
Result: 17/ 43 (39.5%)

[i]Antivirus results[/i]

AhnLab-V3 - 2010.09.03.01 - 2010.09.03 - [color=red]Trojan/Win32.Zbot [/color]
AntiVir - 8.2.4.50 - 2010.09.03 - -
Antiy-AVL - 2.0.3.7 - 2010.09.03 - -
Authentium - 5.2.0.5 - 2010.09.03 - -
Avast - 4.8.1351.0 - 2010.09.03 - -
Avast5 - 5.0.594.0 - 2010.09.03 - -
AVG - 9.0.0.851 - 2010.09.03 - -
BitDefender - 7.2 - 2010.09.03 - [color=red]Trojan.Generic.KD.32733 [/color]
CAT-QuickHeal - 11.00 - 2010.09.03 - -
ClamAV - 0.96.2.0-git - 2010.09.03 - -
Comodo - 5956 - 2010.09.03 - -
DrWeb - 5.0.2.03300 - 2010.09.03 - [color=red]Trojan.PWS.Panda.387 [/color]
Emsisoft - 5.0.0.37 - 2010.09.03 - [color=red]PWS.Win32!IK [/color]
eSafe - 7.0.17.0 - 2010.09.01 - -
eTrust-Vet - 36.1.7834 - 2010.09.03 - -
F-Prot - 4.6.1.107 - 2010.09.01 - -
F-Secure - 9.0.15370.0 - 2010.09.03 - [color=red]Trojan.Generic.KD.32733 [/color]
Fortinet - 4.1.143.0 - 2010.09.03 - -
GData - 21 - 2010.09.03 - [color=red]Trojan.Generic.KD.32733 [/color]
Ikarus - T3.1.1.88.0 - 2010.09.03 - [color=red]PWS.Win32 [/color]
Jiangmin - 13.0.900 - 2010.09.03 - -
K7AntiVirus - 9.63.2424 - 2010.09.02 - -
Kaspersky - 7.0.0.125 - 2010.09.03 - -
McAfee - 5.400.0.1158 - 2010.09.03 - [color=red]Artemis!F79B504BC7DB [/color]
McAfee-GW-Edition - 2010.1B - 2010.09.03 - [color=red]Artemis!F79B504BC7DB [/color]
Microsoft - 1.6103 - 2010.09.03 - [color=red]PWS:Win32/Zbot.gen!Y [/color]
NOD32 - 5420 - 2010.09.03 - -
Norman - 6.05.11 - 2010.09.03 - -
nProtect - 2010-09-03.01 - 2010.09.03 - [color=red]Trojan/W32.Agent.140288.CT [/color]
Panda - 10.0.2.7 - 2010.09.03 - [color=red]Trj/CI.A [/color]
PCTools - 7.0.3.5 - 2010.09.03 - [color=red]Trojan.Gen [/color]
Prevx - 3.0 - 2010.09.03 - [color=red]Medium Risk Malware [/color]
Rising - 22.63.04.01 - 2010.09.03 - -
Sophos - 4.57.0 - 2010.09.03 - [color=red]Mal/Zbot-U [/color]
Sunbelt - 6827 - 2010.09.03 - [color=red]Trojan.Win32.Generic!SB.0 [/color]
SUPERAntiSpyware - 4.40.0.1006 - 2010.09.03 - -
Symantec - 20101.1.1.7 - 2010.09.03 - [color=red]Trojan.Gen [/color]
TheHacker - 6.5.2.1.362 - 2010.09.03 - -
TrendMicro - 9.120.0.1004 - 2010.09.03 - -
TrendMicro-HouseCall - 9.120.0.1004 - 2010.09.03 - -
VBA32 - 3.12.14.0 - 2010.09.03 - -
ViRobot - 2010.8.31.4017 - 2010.09.03 - -
VirusBuster - 12.64.15.0 - 2010.09.02 - -

[i]File info:[/i]
MD5: f79b504bc7db28605867c8d52c783bcd
SHA1: 6d67ff3af691024200943a5e8ad86adfac1b2818
SHA256: f3c9a0059de673be0b243801a2af110d0ea6bb8413380edbfa7b5851fc77f7ad
File size: 140288 bytes
Scan date: 2010-09-03 14:30:07 (UTC)
05.09.2010, 16:22
olejah

Файл - [B]C:\WINDOWS\cfdrive32.exe[/B]

Result: - [B][COLOR="Red"]7[/COLOR] /43 (16.3%)[/B]

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.09.05.00 2010.09.04 -
AntiVir 8.2.4.50 2010.09.03 -
Antiy-AVL 2.0.3.7 2010.09.03 -
Authentium 5.2.0.5 2010.09.04 -
Avast 4.8.1351.0 2010.09.05 -
Avast5 5.0.594.0 2010.09.05 -
[B]AVG 9.0.0.851 2010.09.05 - [COLOR="Red"]Dropper.Small.GBQ[/COLOR][/B]
BitDefender 7.2 2010.09.05 -
CAT-QuickHeal 11.00 2010.09.03 -
ClamAV 0.96.2.0-git 2010.09.05 -
Comodo 5970 2010.09.04 -
[B]DrWeb 5.0.2.03300 2010.09.05 - [COLOR="Red"]Trojan.AVKill.2320[/COLOR][/B]
Emsisoft 5.0.0.37 2010.09.05 -
eSafe 7.0.17.0 2010.09.01 -
eTrust-Vet 36.1.7835 2010.09.03 -
F-Prot 4.6.1.107 2010.09.01 -
F-Secure 9.0.15370.0 2010.09.05 -
Fortinet 4.1.143.0 2010.09.04 -
GData 21 2010.09.05 -
Ikarus T3.1.1.88.0 2010.09.05 -
Jiangmin 13.0.900 2010.09.05 -
K7AntiVirus 9.63.2442 2010.09.04 -
Kaspersky 7.0.0.125 2010.09.05 -
[B]McAfee 5.400.0.1158 2010.09.05 - [COLOR="Red"]Artemis!3009AF7F0603[/COLOR]
McAfee-GW-Edition 2010.1B 2010.09.05 - [COLOR="Red"]Artemis!3009AF7F0603[/COLOR][/B]
Microsoft 1.6103 2010.09.05 -
[B]NOD32 5423 2010.09.04 - [COLOR="Red"]a variant of Win32/Injector.CVK[/COLOR][/B]
Norman 6.05.11 2010.09.04 -
nProtect 2010-09-05.01 2010.09.05 -
Panda 10.0.2.7 2010.09.04 -
PCTools 7.0.3.5 2010.09.05 -
[B]Prevx 3.0 2010.09.05 - [COLOR="Red"]High Risk Cloaked Malware[/COLOR][/B]
Rising 22.63.05.01 2010.09.04 -
Sophos 4.57.0 2010.09.05 -
Sunbelt 6833 2010.09.05 -
[B]SUPERAntiSpyware 4.40.0.1006 2010.09.05 [COLOR="Red"]Trojan.Agent/Gen-Koobface[/COLOR][/B]
Symantec 20101.1.1.7 2010.09.05 -
TheHacker 6.5.2.1.364 2010.09.05 -
TrendMicro 9.120.0.1004 2010.09.05 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.05 -
VBA32 3.12.14.0 2010.09.03 -
ViRobot 2010.8.31.4017 2010.09.04 -
VirusBuster 12.64.17.1 2010.09.04 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=f901c7d1a38e47e3dfe67e99a976cbeeb3322d69d02ee1830e142aee98e2f3c0-1283674641"]virustotal.com[/URL]

[size="1"][color="#666686"][B][I]Добавлено через 3 минуты[/I][/B][/color][/size]

Файл - [B]C:\WINDOWS\system32\msvmiode.exe[/B]

[B]Result: [COLOR="Red"]5[/COLOR] /43 (11.6%)[/B]

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.09.05.00 2010.09.04 -
AntiVir 8.2.4.50 2010.09.03 -
Antiy-AVL 2.0.3.7 2010.09.03 -
Authentium 5.2.0.5 2010.09.04 -
Avast 4.8.1351.0 2010.09.05 -
Avast5 5.0.594.0 2010.09.05 -
[B]AVG 9.0.0.851 2010.09.05 - [COLOR="Red"]Dropper.Small.GCD[/COLOR][/B]
BitDefender 7.2 2010.09.05 -
CAT-QuickHeal 11.00 2010.09.03 -
ClamAV 0.96.2.0-git 2010.09.05 -
Comodo 5970 2010.09.04 -
[B]DrWeb 5.0.2.03300 2010.09.05 - [COLOR="Red"]Trojan.DownLoader1.19905[/COLOR][/B]
Emsisoft 5.0.0.37 2010.09.05 -
eSafe 7.0.17.0 2010.09.01 -
eTrust-Vet 36.1.7835 2010.09.03 -
F-Prot 4.6.1.107 2010.09.01 -
F-Secure 9.0.15370.0 2010.09.05 -
Fortinet 4.1.143.0 2010.09.04 -
GData 21 2010.09.05 -
Ikarus T3.1.1.88.0 2010.09.05 -
Jiangmin 13.0.900 2010.09.05 -
K7AntiVirus 9.63.2442 2010.09.04 -
Kaspersky 7.0.0.125 2010.09.05 -
[B]McAfee 5.400.0.1158 2010.09.05 - [COLOR="Red"]Artemis!AC95D52BE1F7[/COLOR]
McAfee-GW-Edition 2010.1B 2010.09.05 - [COLOR="Red"]Artemis!AC95D52BE1F7[/COLOR][/B]
Microsoft 1.6103 2010.09.05 -
[B]NOD32 5423 2010.09.04 - [COLOR="Red"]a variant of Win32/Injector.CVK[/COLOR][/B]
Norman 6.05.11 2010.09.04 -
nProtect 2010-09-05.01 2010.09.05 -
Panda 10.0.2.7 2010.09.04 -
PCTools 7.0.3.5 2010.09.05 -
Prevx 3.0 2010.09.05 -
Rising 22.63.05.01 2010.09.04 -
Sophos 4.57.0 2010.09.05 -
Sunbelt 6833 2010.09.05 -
SUPERAntiSpyware 4.40.0.1006 2010.09.05 -
Symantec 20101.1.1.7 2010.09.05 -
TheHacker 6.5.2.1.364 2010.09.05 -
TrendMicro 9.120.0.1004 2010.09.05 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.05 -
VBA32 3.12.14.0 2010.09.03 -
ViRobot 2010.8.31.4017 2010.09.04 -
VirusBuster 12.64.17.1 2010.09.04 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=908734802e78ad09049d3338250651cee29f6c8424010faf817ef2db7255773a-1283670904"]virustotal.com[/URL]
05.09.2010, 22:52
kyzya

чет забили на итоги!
06.09.2010, 12:41
VV2006

Расположение: C:\Windows\System32\0, дата: 03.08.2010, информация о версии отсутствует.
[QUOTE]File name: 0
Submission date: 2010-09-06 06:58:30 (UTC)
[B]Result: [COLOR="Red"]9[/COLOR] /43 (20.9%)[/B] [URL="http://www.virustotal.com/file-scan/report.html?id=5b8c2c38cd60636ac20ae47cad87cc12133cff0c86cd5ff4e18b8564d127f3a3-1283756310"]VT Community[/URL]

AhnLab-V3 2010.09.05.00 2010.09.04 -
AntiVir 8.2.4.50 2010.09.05 -
[B]Antiy-AVL 2.0.3.7 2010.09.03 Packed/Win32.Krap.gen[/B]
Authentium 5.2.0.5 2010.09.06 -
[B]Avast 4.8.1351.0 2010.09.05 Win32:Rootkit-gen[/B]
[B]Avast5 5.0.594.0 2010.09.05 Win32:Rootkit-gen[/B]
[B]AVG 9.0.0.851 2010.09.05 SHeur3.ARJO[/B]
BitDefender 7.2 2010.09.06 -
CAT-QuickHeal 11.00 2010.09.06 -
ClamAV 0.96.2.0-git 2010.09.06 -
Comodo 5984 2010.09.05 -
[B]DrWeb 5.0.2.03300 2010.09.06 Trojan.Packed.20771[/B]
Emsisoft 5.0.0.37 2010.09.06 -
eSafe 7.0.17.0 2010.09.05 -
eTrust-Vet 36.1.7835 2010.09.03 -
F-Prot 4.6.1.107 2010.09.01 -
F-Secure 9.0.15370.0 2010.09.06 -
Fortinet 4.1.143.0 2010.09.05 -
[B]GData 21 2010.09.06 Win32:Rootkit-gen [/B]
Ikarus T3.1.1.88.0 2010.09.06 -
[B]Jiangmin 13.0.900 2010.09.06 Packed.Krap.devx[/B]
K7AntiVirus 9.63.2442 2010.09.04 -
[B]Kaspersky 7.0.0.125 2010.09.06 Packed.Win32.Krap.hr[/B]
McAfee 5.400.0.1158 2010.09.06 -
McAfee-GW-Edition 2010.1B 2010.09.06 -
Microsoft 1.6103 2010.09.06 -
NOD32 5425 2010.09.05 -
Norman 6.05.11 2010.09.05 -
nProtect 2010-09-05.01 2010.09.05 -
Panda 10.0.2.7 2010.09.05 -
PCTools 7.0.3.5 2010.09.06 -
Prevx 3.0 2010.09.06 -
Rising 22.64.00.01 2010.09.06 -
Sophos 4.57.0 2010.09.06 -
Sunbelt 6837 2010.09.06 -
SUPERAntiSpyware 4.40.0.1006 2010.09.06 -
Symantec 20101.1.1.7 2010.09.06 -
[B]TheHacker 6.5.2.1.364 2010.09.05 Trojan/Kryptik.fwu[/B]
TrendMicro 9.120.0.1004 2010.09.06 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.06 -
VBA32 3.12.14.0 2010.09.03 -
ViRobot 2010.8.31.4017 2010.09.06 -
VirusBuster 12.64.18.1 2010.09.05 -

[B]Additional information[/B]

MD5 : 8379bf99fb27045e50322a370b53c4e5
SHA1 : 1a20952d87273a5461683755aa44e1409fa5d144
SHA256: 5b8c2c38cd60636ac20ae47cad87cc12133cff0c86cd5ff4e18b8564d127f3a3

[B]VT Community[/B]

This file has never been reviewed by any VT Community member. Be the first one to comment on it!
[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 8 минут[/I][/B][/color][/size]

Расположение: C:\Windows\System32\@[, дата: 14.08.2010, информация о версии отсутствует.
[QUOTE]File name: @[
Submission date: 2010-09-06 06:51:39 (UTC)
[B]Result: [COLOR="Red"]8[/COLOR] /43 (18.6%)[/B] [URL="http://www.virustotal.com/file-scan/report.html?id=8505f790368348524030e75985450370882fecba707843ad5853e65c9c2b817f-1283755899"]VT Community[/URL]

AhnLab-V3 2010.09.05.00 2010.09.04 -
AntiVir 8.2.4.50 2010.09.05 -
Antiy-AVL 2.0.3.7 2010.09.03 -
Authentium 5.2.0.5 2010.09.06 -
[B]Avast 4.8.1351.0 2010.09.05 Win32:Rootkit-gen[/B]
[B]Avast5 5.0.594.0 2010.09.05 Win32:Rootkit-gen[/B]
[B]AVG 9.0.0.851 2010.09.05 SHeur3.ATLT[/B]
BitDefender 7.2 2010.09.06 -
CAT-QuickHeal 11.00 2010.09.06 -
ClamAV 0.96.2.0-git 2010.09.06 -
[B]Comodo 5984 2010.09.05 MalCrypt.Indus![/B]
[B]DrWeb 5.0.2.03300 2010.09.06 Trojan.Packed.20771[/B]
Emsisoft 5.0.0.37 2010.09.06 -
eSafe 7.0.17.0 2010.09.05 -
eTrust-Vet 36.1.7835 2010.09.03 -
F-Prot 4.6.1.107 2010.09.01 -
F-Secure 9.0.15370.0 2010.09.06 -
Fortinet 4.1.143.0 2010.09.05 -
[B]GData 21 2010.09.06 Win32:Rootkit-gen [/B]
Ikarus T3.1.1.88.0 2010.09.06 -
Jiangmin 13.0.900 2010.09.06 -
K7AntiVirus 9.63.2442 2010.09.04 -
[B]Kaspersky 7.0.0.125 2010.09.06 Packed.Win32.Krap.hr[/B]
McAfee 5.400.0.1158 2010.09.06 -
McAfee-GW-Edition 2010.1B 2010.09.06 -
Microsoft 1.6103 2010.09.06 -
NOD32 5425 2010.09.05 -
Norman 6.05.11 2010.09.05 -
nProtect 2010-09-05.01 2010.09.05 -
Panda 10.0.2.7 2010.09.05 -
PCTools 7.0.3.5 2010.09.06 -
Prevx 3.0 2010.09.06 -
Rising 22.64.00.01 2010.09.06 -
Sophos 4.57.0 2010.09.06 -
Sunbelt 6837 2010.09.06 -
SUPERAntiSpyware 4.40.0.1006 2010.09.06 -
Symantec 20101.1.1.7 2010.09.06 -
[B]TheHacker 6.5.2.1.364 2010.09.05 Backdoor/Shiz.sn[/B]
TrendMicro 9.120.0.1004 2010.09.06 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.06 -
VBA32 3.12.14.0 2010.09.03 -
ViRobot 2010.8.31.4017 2010.09.06 -
VirusBuster 12.64.18.1 2010.09.05 -

MD5: 8ec058654b8875d7d0488109c5c1460f
SHA1: ac435944cb4fc6f3dfdbbe36f3baa2c0ee378b18
SHA256: 8505f790368348524030e75985450370882fecba707843ad5853e65c9c2b817f
File size: 72683 bytes
Scan date: 2010-09-06 06:51:39 (UTC)

[B]VT Community[/B]
This file has never been reviewed by any VT Community member. Be the first one to comment on it![/QUOTE]
07.09.2010, 17:36
olejah

Файл - [B]C:\WINDOWS\system32\eusacf.exe[/B], прописывается в userinit, был выловлен в 911 -

[B] [COLOR="Red"]1[/COLOR] /43 (2.3%)[/B]

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.09.05.00 2010.09.04 -
AntiVir 8.2.4.50 2010.09.03 -
Antiy-AVL 2.0.3.7 2010.09.03 -
Authentium 5.2.0.5 2010.09.04 -
Avast 4.8.1351.0 2010.09.05 -
Avast5 5.0.594.0 2010.09.05 -
AVG 9.0.0.851 2010.09.05 -
BitDefender 7.2 2010.09.05 -
CAT-QuickHeal 11.00 2010.09.03 -
ClamAV 0.96.2.0-git 2010.09.05 -
Comodo 5980 2010.09.05 -
DrWeb 5.0.2.03300 2010.09.05 -
Emsisoft 5.0.0.37 2010.09.05 -
eSafe 7.0.17.0 2010.09.05 -
eTrust-Vet 36.1.7835 2010.09.03 -
F-Prot 4.6.1.107 2010.09.01 -
F-Secure 9.0.15370.0 2010.09.05 -
Fortinet 4.1.143.0 2010.09.05 -
GData 21 2010.09.05 -
Ikarus T3.1.1.88.0 2010.09.05 -
Jiangmin 13.0.900 2010.09.05 -
K7AntiVirus 9.63.2442 2010.09.04 -
Kaspersky 7.0.0.125 2010.09.05 -
McAfee 5.400.0.1158 2010.09.05 -
McAfee-GW-Edition 2010.1B 2010.09.05 -
Microsoft 1.6103 2010.09.05 -
NOD32 5425 2010.09.05 -
Norman 6.05.11 2010.09.05 -
nProtect 2010-09-05.01 2010.09.05 -
[B]Panda 10.0.2.7 2010.09.05 - [COLOR="Red"]Suspicious file[/COLOR][/B]
PCTools 7.0.3.5 2010.09.05 -
Prevx 3.0 2010.09.05 -
Rising 22.63.06.00 2010.09.05 -
Sophos 4.57.0 2010.09.05 -
Sunbelt 6834 2010.09.05 -
SUPERAntiSpyware 4.40.0.1006 2010.09.05 -
Symantec 20101.1.1.7 2010.09.05 -
TheHacker 6.5.2.1.364 2010.09.05 -
TrendMicro 9.120.0.1004 2010.09.05 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.05 -
VBA32 3.12.14.0 2010.09.03 -
ViRobot 2010.8.31.4017 2010.09.05 -
VirusBuster 12.64.17.1 2010.09.04 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=932ca3c480348c8eac1231efee7074b030c27af97bf14e016aabc7069bf24cf1-1283702234"]virustotal.com[/URL]
09.09.2010, 20:01
ISO

Вот такой вот подарок:)
File name:
[B]Podarok.exe[/B]
Submission date:
2010-09-09 06:30:50 (UTC)
Result:
11/ 43 (25.6%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.09.09.00 2010.09.09 -
AntiVir 8.2.4.50 2010.09.08 -
Antiy-AVL 2.0.3.7 2010.09.09 -
Authentium 5.2.0.5 2010.09.08 -
[B]Avast 4.8.1351.0 2010.09.08 Win32:Malware-gen[/B]
[B]Avast5 5.0.594.0 2010.09.08 Win32:Malware-gen[/B]
[B]AVG 9.0.0.851 2010.09.08 Generic18.AIDN
BitDefender 7.2 2010.09.09 Gen:Trojan.Heur.DP.yGW@aGbuNVh
CAT-QuickHeal 11.00 2010.09.09 Trojan.VkHost.agg[/B]
ClamAV 0.96.2.0-git 2010.09.09 -
Comodo 6021 2010.09.09 -
DrWeb 5.0.2.03300 2010.09.09 -
Emsisoft 5.0.0.37 2010.09.09 -
eSafe 7.0.17.0 2010.09.07 -
eTrust-Vet 36.1.7843 2010.09.08 -
F-Prot 4.6.1.107 2010.09.01 -
[B]F-Secure 9.0.15370.0 2010.09.09 Gen:Trojan.Heur.DP.yGW@aGbuNVh[/B]
Fortinet 4.1.143.0 2010.09.08 -
[B]GData 21 2010.09.09 Gen:Trojan.Heur.DP.yGW@aGbuNVh[/B]
Ikarus T3.1.1.88.0 2010.09.09 -
[B]Jiangmin 13.0.900 2010.09.09 Trojan/VkHost.li[/B]
K7AntiVirus 9.63.2470 2010.09.08 -
Kaspersky 7.0.0.125 2010.09.09 -
McAfee 5.400.0.1158 2010.09.09 -
McAfee-GW-Edition 2010.1B 2010.09.09 -
[B]Microsoft 1.6103 2010.09.09 Trojan:Win32/Vkhost.A[/B]
NOD32 5435 2010.09.08 -
[B]Norman 6.06.05 2010.09.08 W32/Malware[/B]
nProtect 2010-09-09.02 2010.09.09 -
[B]Panda 10.0.2.7 2010.09.08 Trj/Downloader.MDW[/B]
PCTools 7.0.3.5 2010.09.09 -
Prevx 3.0 2010.09.09 -
Rising 22.64.03.01 2010.09.09 -
Sophos 4.57.0 2010.09.09 -
Sunbelt 6850 2010.09.09 -
SUPERAntiSpyware 4.40.0.1006 2010.09.09 -
Symantec 20101.1.1.7 2010.09.09 -
TheHacker 6.7.0.0.012 2010.09.09 -
TrendMicro 9.120.0.1004 2010.09.09 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.09 -
VBA32 3.12.14.0 2010.09.08 -
ViRobot 2010.9.8.4031 2010.09.09 -
VirusBuster 12.64.24.0 2010.09.08 -[/QUOTE]
Additional information
Show all
MD5 : de6bf05cd2f0c0bf7d278f73913452cd
SHA1 : 7be1b3058fd58f2197bca694db54824d1528d5c6
SHA256: 9d49cfa9151b08f812cd7d9718ceb52fe9f0510896f2ef85936389ed6f54b255
09.09.2010, 20:29
olejah

Файл [B]C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe[/B] -

[B][COLOR="Red"]5 [/COLOR]/43 (11.6%)[/B]

[QUOTE]AhnLab-V3 2010.09.08.02 2010.09.08 -
AntiVir 8.2.4.50 2010.09.08 -
Antiy-AVL 2.0.3.7 2010.09.08 -
Authentium 5.2.0.5 2010.09.08 -
Avast 4.8.1351.0 2010.09.08 -
Avast5 5.0.594.0 2010.09.08 -
AVG 9.0.0.851 2010.09.08 -
BitDefender 7.2 2010.09.08 -
CAT-QuickHeal 11.00 2010.09.08 -
ClamAV 0.96.2.0-git 2010.09.08 -
[B]Comodo 6016 2010.09.08 - [COLOR="Red"]Heur.Suspicious[/COLOR][/B]
DrWeb 5.0.2.03300 2010.09.08 -
Emsisoft 5.0.0.37 2010.09.08 -
eSafe 7.0.17.0 2010.09.07 -
eTrust-Vet 36.1.7842 2010.09.08 -
F-Prot 4.6.1.107 2010.09.01 -
F-Secure 9.0.15370.0 2010.09.08 -
[B]Fortinet 4.1.143.0 2010.09.08 - [COLOR="Red"]W32/Dropper.KL!tr[/COLOR][/B]
GData 21 2010.09.08 -
Ikarus T3.1.1.88.0 2010.09.08 -
Jiangmin 13.0.900 2010.09.08 -
K7AntiVirus 9.63.2470 2010.09.08 -
Kaspersky 7.0.0.125 2010.09.08 -
McAfee 5.400.0.1158 2010.09.08 -
McAfee-GW-Edition 2010.1B 2010.09.08 -
[B]Microsoft 1.6103 2010.09.08 - [COLOR="Red"]TrojanProxy:Win32/Slenugga.A[/COLOR]
NOD32 5435 2010.09.08 - [COLOR="Red"]a variant of Win32/Injector.CWL[/COLOR][/B]
Norman 6.06.05 2010.09.08 -
nProtect 2010-09-08.01 2010.09.08 -
Panda 10.0.2.7 2010.09.08 -
PCTools 7.0.3.5 2010.09.08 -
Prevx 3.0 2010.09.08 -
Rising 22.64.02.04 2010.09.08 -
Sophos 4.57.0 2010.09.08 -
Sunbelt 6847 2010.09.08 -
SUPERAntiSpyware 4.40.0.1006 2010.09.08 -
Symantec 20101.1.1.7 2010.09.08 -
TheHacker 6.7.0.0.010 2010.09.08 -
TrendMicro 9.120.0.1004 2010.09.08 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.08 -
[B]VBA32 3.12.14.0 2010.09.08 - [COLOR="Red"]SScope.Trojan.0923[/COLOR][/B]
ViRobot 2010.9.8.4031 2010.09.08 -
VirusBuster 12.64.24.0 2010.09.08 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=1108a16891a66fdbe6fbd81d3af2ccb20e67247df08fd34ef39d84ace26ac4c6-1283978092"]virustotal.com[/URL]
12.09.2010, 13:05
olejah

Файл - [B]C:\Documents and Settings\Yurez\Application Data\Dawa\gyhe.exe[/B]

[B][COLOR="Red"]3 [/COLOR]/43 (7.0%)[/B]

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.09.12.00 2010.09.11 -
AntiVir 8.2.4.50 2010.09.10 -
Antiy-AVL 2.0.3.7 2010.09.12 -
Authentium 5.2.0.5 2010.09.11 -
Avast 4.8.1351.0 2010.09.11 -
Avast5 5.0.594.0 2010.09.11 -
AVG 9.0.0.851 2010.09.12 -
[B]BitDefender 7.2 2010.09.12 - [COLOR="Red"]Gen:Variant.Kazy.351[/COLOR][/B]
CAT-QuickHeal 11.00 2010.09.10 -
ClamAV 0.96.2.0-git 2010.09.12 -
Comodo 6051 2010.09.12 -
DrWeb 5.0.2.03300 2010.09.12 -
Emsisoft 5.0.0.37 2010.09.12 -
eSafe 7.0.17.0 2010.09.07 -
eTrust-Vet 36.1.7850 2010.09.12 -
F-Prot 4.6.1.107 2010.09.11 -
F-Secure 9.0.15370.0 2010.09.11 -
Fortinet 4.1.143.0 2010.09.12 -
[B]GData 21 2010.09.12 - [COLOR="Red"]Gen:Variant.Kazy.351[/COLOR][/B]
Ikarus T3.1.1.88.0 2010.09.12 -
Jiangmin 13.0.900 2010.09.12 -
K7AntiVirus 9.63.2496 2010.09.11 -
Kaspersky 7.0.0.125 2010.09.12 -
McAfee 5.400.0.1158 2010.09.12 -
McAfee-GW-Edition 2010.1B 2010.09.12 -
Microsoft 1.6103 2010.09.12 -
NOD32 5443 2010.09.11 -
Norman 6.06.06 2010.09.12 -
[B]nProtect 2010-09-12.01 2010.09.12 - [COLOR="Red"]Gen:Variant.Kazy.351[/COLOR][/B]
Panda 10.0.2.7 2010.09.11 -
PCTools 7.0.3.5 2010.09.12 -
Prevx 3.0 2010.09.12 -
Rising 22.64.06.00 2010.09.12 -
Sophos 4.57.0 2010.09.12 -
Sunbelt 6865 2010.09.12 -
SUPERAntiSpyware 4.40.0.1006 2010.09.12 -
Symantec 20101.1.1.7 2010.09.12 -
TheHacker 6.7.0.0.015 2010.09.11 -
TrendMicro 9.120.0.1004 2010.09.11 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.12 -
VBA32 3.12.14.0 2010.09.08 -
ViRobot 2010.9.8.4031 2010.09.11 -
VirusBuster 12.65.1.1 2010.09.11 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=aa47e4173917fd122284cbe792adf82e902f53b91c415d2371a7b1c5dbc1f65e-1284282021"]virustotal.com[/URL]
14.09.2010, 17:36
ISO

[B]aaax.exe[/B]
Submission date:
2010-09-14 13:29:11 (UTC)
Result:
12/ 42 (28.6%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.09.13.00 2010.09.13 -
[B]AntiVir 8.2.4.52 2010.09.14 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2010.09.14 -
[B]Authentium 5.2.0.5 2010.09.14 W32/Sality.C.gen!Eldorado[/B]
Avast 4.8.1351.0 2010.09.14 -
Avast5 5.0.594.0 2010.09.14 -
[B]AVG 9.0.0.851 2010.09.14 Win32/Sality.dropper[/B]
BitDefender 7.2 2010.09.14 -
[B]CAT-QuickHeal 11.00 2010.09.14 (Suspicious) - DNAScan[/B]
ClamAV 0.96.2.0-git 2010.09.14 -
[B]Comodo 6073 2010.09.14 Win32.Kashu.RA[/B]
DrWeb 5.0.2.03300 2010.09.14 -
eSafe 7.0.17.0 2010.09.14 -
eTrust-Vet 36.1.7854 2010.09.14 -
[B]F-Prot 4.6.1.107 2010.09.13 W32/Sality.C.gen!Eldorado[/B]
F-Secure 9.0.15370.0 2010.09.14 -
Fortinet 4.1.143.0 2010.09.13 -
GData 21 2010.09.14 -
Ikarus T3.1.1.88.0 2010.09.14 -
[B]Jiangmin 13.0.900 2010.09.14 Trojan/Inject.lyc
K7AntiVirus 9.63.2502 2010.09.14 Virus[/B]
Kaspersky 7.0.0.125 2010.09.14 -
[B]McAfee 5.400.0.1158 2010.09.14 Suspect-D!F0768E5884FC[/B]
McAfee-GW-Edition 2010.1B 2010.09.14 -
Microsoft 1.6103 2010.09.14 -
NOD32 5450 2010.09.14 -
[B]Norman 6.06.06 2010.09.14 Crypt.dam[/B]
nProtect 2010-09-14.01 2010.09.14 -
Panda 10.0.2.7 2010.09.14 -
PCTools 7.0.3.5 2010.09.14 -
Prevx 3.0 2010.09.14 -
[B]Rising 22.65.01.04 2010.09.14 Packer.Win32.Agent.bp[/B]
Sophos 4.57.0 2010.09.14 -
Sunbelt 6874 2010.09.14 -
SUPERAntiSpyware 4.40.0.1006 2010.09.14 -
Symantec 20101.1.1.7 2010.09.14 -
TheHacker 6.7.0.0.017 2010.09.14 -
TrendMicro 9.120.0.1004 2010.09.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.14 -
VBA32 3.12.14.0 2010.09.14 -
[B]ViRobot 2010.8.25.4006 2010.09.14 Trojan.Win32.Sality.103140[/B]
VirusBuster 12.65.5.0 2010.09.14 -[/QUOTE]
Additional information
Show all
MD5 : f0768e5884fc208ffe808b951163ba0f
SHA1 : ffdc12d0d505247b9c33dbd7975fc6c718072c0c
SHA256: 8e874aaba072a531f135ff75cb422ddf1796386f9aa4c5b0aafde99859a4555d

Ссылка на другой файл, но результат такой же [URL="http://www.virustotal.com/file-scan/report.html?id=4e5a455dd7eece22991ea1c4ca48524a96a702a9dafd7005bea053f7fcbd678e-1284509311"]http://www.virustotal.com/file-scan/report.html?id=4e5a455dd7eece22991ea1c4ca48524a96a702a9dafd7005bea053f7fcbd678e-1284509311[/URL]
17.09.2010, 06:22
grobik

File name: [B]46783848.exe[/B]
Submission date: 2010-09-17 01:38:30 (UTC)
Current status: finished

Result: 5 /43 (11.6%)

[QUOTE]
Antivirus Version Last Update Result
AhnLab-V3 2010.09.17.00 2010.09.16 -
AntiVir 8.2.4.52 2010.09.16 -
Antiy-AVL 2.0.3.7 2010.09.17 -
Authentium 5.2.0.5 2010.09.17 -
Avast 4.8.1351.0 2010.09.17 -
Avast5 5.0.594.0 2010.09.17 -
AVG 9.0.0.851 2010.09.16 -
BitDefender 7.2 2010.09.17 -
CAT-QuickHeal 11.00 2010.09.16 -
ClamAV 0.96.2.0-git 2010.09.17 -
[B]Comodo 6103 2010.09.17 TrojWare.Win32.Hoax.Archsms.~dy01[/B]
DrWeb 5.0.2.03300 2010.09.17 -
[B]Emsisoft 5.0.0.37 2010.09.17 Hoax.Win32.ArchSMS!IK[/B]
eSafe 7.0.17.0 2010.09.17 -
eTrust-Vet 36.1.7860 2010.09.16 -
F-Prot 4.6.1.107 2010.09.16 -
F-Secure 9.0.15370.0 2010.09.17 -
Fortinet 4.1.143.0 2010.09.16 -
GData 21 2010.09.17 -
[B]Ikarus T3.1.1.88.0 2010.09.17 Hoax.Win32.ArchSMS[/B]
Jiangmin 13.0.900 2010.09.16 -
K7AntiVirus 9.63.2533 2010.09.16 -
Kaspersky 7.0.0.125 2010.09.17 -
McAfee 5.400.0.1158 2010.09.17 -
McAfee-GW-Edition 2010.1C 2010.09.16 -
Microsoft 1.6201 2010.09.17 -
NOD32 5456 2010.09.16 -
Norman 6.06.06 2010.09.16 -
nProtect 2010-09-16.02 2010.09.16 -
[B]Panda 10.0.2.7 2010.09.16 Suspicious file[/B]
PCTools 7.0.3.5 2010.09.17 -
[B]Prevx 3.0 2010.09.17 High Risk Cloaked Malware[/B]
Rising 22.65.03.04 2010.09.16 -
Sophos 4.57.0 2010.09.17 -
Sunbelt 6884 2010.09.16 -
SUPERAntiSpyware 4.40.0.1006 2010.09.17 -
Symantec 20101.1.1.7 2010.09.17 -
TheHacker 6.7.0.0.020 2010.09.17 -
TrendMicro 9.120.0.1004 2010.09.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.17 -
VBA32 3.12.14.0 2010.09.16 -
ViRobot 2010.8.25.4006 2010.09.16 -
VirusBuster 12.65.10.0 2010.09.16 -
[/QUOTE]
MD5 : e5b1361486d00fdfe6634479451243d8
SHA1 : deba9fc19b4a1af4a36f7cd76f6ddc6e5172e589
SHA256: ed2f90b7865632f213489fc6c29696e206a5c4f5e82b813df2fbc852d1da6db2

File size : 8253956 bytes
First seen: 2010-09-17 01:21:44
Last seen : 2010-09-17 02:14:57
[url]http://www.virustotal.com/file-scan/report.html?id=ed2f90b7865632f213489fc6c29696e206a5c4f5e82b813df2fbc852d1da6db2-1284689697[/url]
21.09.2010, 08:56
Vadim_SVN

File name: [B]avz00001.dta[/B]
Submission date: 2010-09-20 08:55:28 (UTC)
Result: [B][COLOR="Red"]4 [/COLOR]/43 (9.3%)[/B]

[CODE]AhnLab-V3 2010.09.20.00 2010.09.20 -
AntiVir 8.2.4.58 2010.09.20 -
Antiy-AVL 2.0.3.7 2010.09.20 -
Authentium 5.2.0.5 2010.09.20 -
Avast 4.8.1351.0 2010.09.19 -
Avast5 5.0.594.0 2010.09.19 -
AVG 9.0.0.851 2010.09.19 -
BitDefender 7.2 2010.09.20 -
CAT-QuickHeal 11.00 2010.09.20 -
ClamAV 0.96.2.0-git 2010.09.20 -
Comodo 6138 2010.09.20 -
[B]DrWeb 5.0.2.03300 2010.09.20 Trojan.WinSpy.935[/B]
Emsisoft 5.0.0.37 2010.09.20 -
eSafe 7.0.17.0 2010.09.17 -
eTrust-Vet 36.1.7862 2010.09.17 -
F-Prot 4.6.2.117 2010.09.19 -
F-Secure 9.0.15370.0 2010.09.20 -
Fortinet 4.1.143.0 2010.09.20 -
GData 21 2010.09.20 -
Ikarus T3.1.1.88.0 2010.09.20 -
Jiangmin 13.0.900 2010.09.20 -
K7AntiVirus 9.63.2552 2010.09.18 -
Kaspersky 7.0.0.125 2010.09.20 -
[B]McAfee 5.400.0.1158 2010.09.20 Artemis!B346F01B0FDC
McAfee-GW-Edition 2010.1C 2010.09.20 Artemis!B346F01B0FDC[/B]
Microsoft 1.6201 2010.09.20 -
NOD32 5462 2010.09.19 -
Norman 6.06.06 2010.09.19 -
nProtect 2010-09-20.02 2010.09.20 -
Panda 10.0.2.7 2010.09.19 -
PCTools 7.0.3.5 2010.09.20 -
Prevx 3.0 2010.09.20 -
Rising 22.66.00.01 2010.09.20 -
Sophos 4.57.0 2010.09.20 -
Sunbelt 6898 2010.09.20 -
SUPERAntiSpyware 4.40.0.1006 2010.09.20 -
[B]Symantec 20101.1.1.7 2010.09.20 WS.Reputation.1[/B]
TheHacker 6.7.0.0.025 2010.09.20 -
TrendMicro 9.120.0.1004 2010.09.19 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.20 -
VBA32 3.12.14.0 2010.09.20 -
ViRobot 2010.9.20.4051 2010.09.20 -
VirusBuster 12.65.14.0 2010.09.19 -[/CODE]
Additional information
MD5 : b346f01b0fdcecf5caf4530a947a6a3e
File size : 11264 bytes
Прописывается в HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls
Обитает в C:\Program Files\Internet Explorer\setupapi.dll
[url]http://www.virustotal.com/file-scan/report.html?id=458a68e322993fc7b10294563021511f1cb2539351253775ce83dc90cb163079-1284972928[/url]

File name: [B]0.4412461684318797.exe[/B]
Submission date: 2010-09-20 10:19:01 (UTC)
Result: [B][COLOR="Red"]4 [/COLOR]/42 (9.5%)[/B]
[CODE]AhnLab-V3 2010.09.20.00 2010.09.20 -
AntiVir 8.2.4.58 2010.09.20 -
Antiy-AVL 2.0.3.7 2010.09.20 -
Authentium 5.2.0.5 2010.09.20 -
Avast 4.8.1351.0 2010.09.19 -
Avast5 5.0.594.0 2010.09.19 -
AVG 9.0.0.851 2010.09.20 -
BitDefender 7.2 2010.09.20 -
CAT-QuickHeal 11.00 2010.09.20 -
ClamAV 0.96.2.0-git 2010.09.20 -
Comodo 6140 2010.09.20 -
[B]DrWeb 5.0.2.03300 2010.09.20 Trojan.MulDrop1.44194[/B]
Emsisoft 5.0.0.37 2010.09.20 -
eSafe 7.0.17.0 2010.09.17 -
eTrust-Vet 36.1.7862 2010.09.17 -
F-Prot 4.6.2.117 2010.09.19 -
F-Secure 9.0.15370.0 2010.09.20 -
Fortinet 4.1.143.0 2010.09.20 -
GData 21 2010.09.20 -
Ikarus T3.1.1.88.0 2010.09.20 -
Jiangmin 13.0.900 2010.09.20 -
K7AntiVirus 9.63.2552 2010.09.18 -
Kaspersky 7.0.0.125 2010.09.20 -
[B]McAfee 5.400.0.1158 2010.09.20 Artemis!5AA44AB48913
McAfee-GW-Edition 2010.1C 2010.09.20 Artemis!5AA44AB48913[/B]
Microsoft 1.6201 2010.09.20 -
NOD32 5463 2010.09.20 -
Norman 6.06.06 2010.09.20 -
nProtect 2010-09-20.02 2010.09.20 -
Panda 10.0.2.7 2010.09.19 -
PCTools 7.0.3.5 2010.09.20 -
Prevx 3.0 2010.09.20 -
Rising 22.66.00.03 2010.09.20 -
Sophos 4.57.0 2010.09.20 -
SUPERAntiSpyware 4.40.0.1006 2010.09.20 -
Symantec 20101.1.1.7 2010.09.20 -
TheHacker 6.7.0.0.025 2010.09.20 -
TrendMicro 9.120.0.1004 2010.09.20 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.20 -
[B]VBA32 3.12.14.0 2010.09.20 BScope.Crex[/B]
ViRobot 2010.9.20.4051 2010.09.20 -
VirusBuster 12.65.14.0 2010.09.19 -[/CODE]
Additional information
MD5 : 5aa44ab48913e82572a428b1b14e9941
File size : 94792 bytes
[url]http://www.virustotal.com/file-scan/report.html?id=347c8bebef7c75a03e3a11829f605f6de0499baebf480baac53c18f36ab2c22d-1284977941[/url]
01.10.2010, 01:30
Никита Соловьев

new

[QUOTE]
AhnLab-V3 2010.10.01.00 2010.09.30 -
AntiVir 7.10.12.92 2010.09.30 [B]TR/Spy.513024.20[/B]
Antiy-AVL 2.0.3.7 2010.09.30 -
Authentium 5.2.0.5 2010.09.30 -
Avast 4.8.1351.0 2010.09.30 -
Avast5 5.0.594.0 2010.09.30 -
AVG 9.0.0.851 2010.09.30 -
BitDefender 7.2 2010.09.30 [B]Gen:Trojan.Heur.TP.Fm0@biX1I!h[/B]
CAT-QuickHeal 11.00 2010.09.30 -
ClamAV 0.96.2.0-git 2010.09.30 -
Comodo 6246 2010.09.30 -
DrWeb 5.0.2.03300 2010.09.30 [B]Win32.Dat.8[/B]
Emsisoft 5.0.0.50 2010.09.30 -
eSafe 7.0.17.0 2010.09.30 -
eTrust-Vet 36.1.7885 2010.09.30 -
F-Prot 4.6.2.117 2010.09.30 -
F-Secure 9.0.15370.0 2010.09.30 [B]Gen:Trojan.Heur.TP.Fm0@biX1I!h[/B]
Fortinet 4.1.143.0 2010.09.30 -
GData 21 2010.09.30 [B]Gen:Trojan.Heur.TP.Fm0@biX1I!h[/B]
Ikarus T3.1.1.90.0 2010.09.30 -
Jiangmin 13.0.900 2010.09.30 -
K7AntiVirus 9.63.2648 2010.09.30 -
Kaspersky 7.0.0.125 2010.09.30 -
McAfee 5.400.0.1158 2010.09.30 -
McAfee-GW-Edition 2010.1C 2010.09.30 -
Microsoft 1.6201 2010.09.30 [B]Virus:Win32/Bamital.E[/B]
NOD32 5493 2010.09.30 -
Norman 6.06.07 2010.09.30 -
nProtect 2010-09-30.01 2010.09.30 [B]Trojan-Downloader/W32.Small.513024[/B]
Panda 10.0.2.7 2010.09.30 -
PCTools 7.0.3.5 2010.09.30 -
Prevx 3.0 2010.09.30 [B]Medium Risk Malware[/B]
Rising 22.67.02.07 2010.09.30 -
Sophos 4.58.0 2010.09.30 [B]Troj/Patched-O[/B]
Sunbelt 6951 2010.09.30 -
SUPERAntiSpyware 4.40.0.1006 2010.09.30 -
Symantec 20101.2.0.161 2010.09.30 -
TheHacker 6.7.0.1.041 2010.09.30 -
TrendMicro 9.120.0.1004 2010.09.30 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.30 -
VBA32 3.12.14.1 2010.09.27 -
ViRobot 2010.8.31.4017 2010.09.30 -
VirusBuster 12.66.8.0 2010.09.30 -
[/QUOTE]
02.11.2010, 17:31
ISO

File name:
prezidente.exe
Result:
18/ 43 (41.9%)
[QUOTE]Antivirus Version Last Update Result
[B]AhnLab-V3 2010.11.02.00 2010.11.01 Win32/Palevo.worm.104960.CV[/B]
AntiVir 7.10.13.104 2010.11.02 -
Antiy-AVL 2.0.3.7 2010.11.02 -
[B]Authentium 5.2.0.5 2010.11.02 W32/SuspPack.CT.gen!Eldorado
Avast 4.8.1351.0 2010.11.02 Win32:Crypt-HXJ
Avast5 5.0.594.0 2010.11.02 Win32:Crypt-HXJ
AVG 9.0.0.851 2010.11.02 Cryptic.BEB
BitDefender 7.2 2010.11.02 Gen:Variant.Kazy.2381[/B]
CAT-QuickHeal 11.00 2010.10.26 -
ClamAV 0.96.2.0-git 2010.11.02 -
[B]Comodo 6589 2010.11.02 TrojWare.Win32.Kryptik.HSQ
DrWeb 5.0.2.03300 2010.11.02 Trojan.Packed.21155[/B]
Emsisoft 5.0.0.50 2010.11.02 -
eSafe 7.0.17.0 2010.11.02 -
eTrust-Vet 36.1.7950 2010.11.02 -
[B]F-Prot 4.6.2.117 2010.11.01 W32/SuspPack.CT.gen!Eldorado
F-Secure 9.0.16160.0 2010.11.02 Gen:Variant.Kazy.2381[/B]
Fortinet 4.2.249.0 2010.11.02 -
[B]GData 21 2010.11.02 Gen:Variant.Kazy.2381[/B]
Ikarus T3.1.1.90.0 2010.11.02 -
Jiangmin 13.0.900 2010.11.02 -
K7AntiVirus 9.67.2882 2010.11.01 -
Kaspersky 7.0.0.125 2010.11.02 -
[B]McAfee 5.400.0.1158 2010.11.02 W32/Rimecud.gen.i[/B]
McAfee-GW-Edition 2010.1C 2010.11.02 -
[B]Microsoft 1.6301 2010.11.02 Trojan:Win32/Rimecud.A
NOD32 5585 2010.11.02 a variant of Win32/Kryptik.HSQ[/B]
Norman 6.06.10 2010.11.02 -
[B]nProtect 2010-11-02.01 2010.11.02 Gen:Variant.Kazy.2381
Panda 10.0.2.7 2010.11.01 Suspicious file[/B]
PCTools 7.0.3.5 2010.11.02 -
Prevx 3.0 2010.11.02 -
Rising 22.72.00.03 2010.11.02 -
[B]Sophos 4.59.0 2010.11.02 Sus/EncPk-CC[/B]
Sunbelt 7194 2010.11.02 -
SUPERAntiSpyware 4.40.0.1006 2010.11.02 -
Symantec 20101.2.0.161 2010.11.02 -
TheHacker 6.7.0.1.075 2010.11.02 -
TrendMicro 9.120.0.1004 2010.11.02 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.02 -
VBA32 3.12.14.1 2010.11.01 -
[B]ViRobot 2010.10.4.4074 2010.11.02 -
VirusBuster 12.70.16.0 2010.11.02 Trojan.Kryptik.BQEX[/B][/QUOTE]
Additional information
Show all
MD5 : 7b3106352b39e89c90530c88bd988c9b
SHA1 : 0084583548833f9226c457f5fd1dfb8fc3675951
SHA256: 03aed9a2f086b375e63a3e7746c4e0195cdc39dba92db06ab1bc655bb5ba90c3
13.11.2010, 01:59
Sonchus

services.exe
поймано из C:\WINDOWS\services.exe
File name:
5F794DBB00F819FDA47200416C5FF600407A70C3.exe
Submission date:
2010-11-10 13:23:02 (UTC)
Current status:
finished
Result:
5 /43 (11.6%)
Antivirus Version Last Update Result
AhnLab-V3 2010.11.10.02 2010.11.10 -
AntiVir 7.10.13.201 2010.11.10 -
Antiy-AVL 2.0.3.7 2010.11.10 -
Authentium 5.2.0.5 2010.11.10 -
Avast 4.8.1351.0 2010.11.10 -
Avast5 5.0.594.0 2010.11.10 -
AVG 9.0.0.851 2010.11.10 Generic20.CD
BitDefender 7.2 2010.11.10 -
CAT-QuickHeal 11.00 2010.11.09 Win32.Backdoor.PoisonIvy.ay3
ClamAV 0.96.4.0 2010.11.10 -
Comodo 6674 2010.11.10 -
DrWeb 5.0.2.03300 2010.11.10 -
Emsisoft 5.0.0.50 2010.11.10 -
eSafe 7.0.17.0 2010.11.09 -
eTrust-Vet 36.1.7966 2010.11.10 -
F-Prot 4.6.2.117 2010.11.09 -
F-Secure 9.0.16160.0 2010.11.10 -
Fortinet 4.2.249.0 2010.11.10 -
GData 21 2010.11.10 -
Ikarus T3.1.1.90.0 2010.11.10 -
Jiangmin 13.0.900 2010.11.10 -
K7AntiVirus 9.67.2940 2010.11.09 -
Kaspersky 7.0.0.125 2010.11.10 -
McAfee 5.400.0.1158 2010.11.10 -
McAfee-GW-Edition 2010.1C 2010.11.10 Heuristic.BehavesLike.Win32.Suspicious.D
Microsoft 1.6301 2010.11.10 Spammer:Win32/Tedroo.I
NOD32 5606 2010.11.10 -
Norman 6.06.10 2010.11.10 -
nProtect 2010-11-10.01 2010.11.10 -
Panda 10.0.2.7 2010.11.09 Adware/SecurityTool
PCTools 7.0.3.5 2010.11.10 -
Prevx 3.0 2010.11.10 -
Rising 22.73.02.06 2010.11.10 -
Sophos 4.59.0 2010.11.10 -
Sunbelt 7270 2010.11.10 -
SUPERAntiSpyware 4.40.0.1006 2010.11.10 -
Symantec 20101.2.0.161 2010.11.10 -
TheHacker 6.7.0.1.081 2010.11.10 -
TrendMicro 9.120.0.1004 2010.11.10 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.10 -
VBA32 3.12.14.1 2010.11.09 -
ViRobot 2010.10.30.4121 2010.11.10 -
VirusBuster 12.72.5.0 2010.11.09 -
Additional information
Show all
MD5 : bdac41e7090e56aceaef2b9d7330a40d
SHA1 : 401905ec1005c0a8d653d2973d9fb8c23a56386a
SHA256: 4dd48539837a40aeced0db52409fa4c044a2abc281f2c35369c7a31a4fd64dcf
13.11.2010, 10:44
ISO

File name:
usrinit.exe
Submission date:
2010-11-13 07:36:28 (UTC)
Result:
28/ 43 (65.1%)
[B]Позавчера KIS ещё не знал эту гадость. На экране просьба отправить деньги на номер сотового билайн. Был дописан в реестре в в разделе HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon в строке Userinit[/B]
[QUOTE]
Antivirus Version Last Update Result
[B]AhnLab-V3 2010.11.13.00 2010.11.12 Malware/Win32.Generic
AntiVir 7.10.13.235 2010.11.12 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2010.11.13 -
Authentium 5.2.0.5 2010.11.13 -
[B]Avast 4.8.1351.0 2010.11.12 Win32:Malware-gen
Avast5 5.0.594.0 2010.11.12 Win32:Malware-gen
AVG 9.0.0.851 2010.11.12 Dropper.Generic2.BTBU
BitDefender 7.2 2010.11.13 Trojan.Generic.KDV.62930[/B]
CAT-QuickHeal 11.00 2010.11.09 -
[B]ClamAV 0.96.4.0 2010.11.13 BC.Heuristic.Trojan.SusPacked.BF-6.B[/B]
[B]Comodo 6703 2010.11.13 Heur.Suspicious
DrWeb 5.0.2.03300 2010.11.13 Trojan.Inject.13011
Emsisoft 5.0.0.50 2010.11.13 Trojan.Win32.Calelk!IK
eSafe 7.0.17.0 2010.11.11 Win32.TRDropper[/B]
eTrust-Vet 36.1.7973 2010.11.13 -
F-Prot 4.6.2.117 2010.11.13 -
[B]F-Secure 9.0.16160.0 2010.11.13 Trojan.Generic.KDV.62930
Fortinet 4.2.249.0 2010.11.12 W32/Refroso.JUA!tr
GData 21 2010.11.13 Trojan.Generic.KDV.62930
Ikarus T3.1.1.90.0 2010.11.13 Trojan.Win32.Calelk[/B]
Jiangmin 13.0.900 2010.11.13 -
[B]K7AntiVirus 9.67.2973 2010.11.12 Riskware
Kaspersky 7.0.0.125 2010.11.13 Trojan-Dropper.Win32.VB.arml
McAfee 5.400.0.1158 2010.11.13 Generic.dx!uqb
McAfee-GW-Edition 2010.1C 2010.11.12 Generic.dx!uqb
Microsoft 1.6301 2010.11.13 Trojan:Win32/Calelk.A
NOD32 5616 2010.11.13 a variant of Win32/Injector.DNO
Norman 6.06.10 2010.11.12 W32/Obfuscated.N!genr
nProtect 2010-11-13.01 2010.11.13 Trojan.Generic.KDV.62930
Panda 10.0.2.7 2010.11.12 Trj/CI.A[/B]
PCTools 7.0.3.5 2010.11.13 -
Prevx 3.0 2010.11.13 -
[B]Rising 22.73.03.06 2010.11.12 Trojan.Win32.Generic.52467B5E
Sophos 4.59.0 2010.11.13 Mal/Koobface-G
Sunbelt 7296 2010.11.13 Trojan.Win32.Generic!BT
SUPERAntiSpyware 4.40.0.1006 2010.11.13 Trojan.Agent/Gen-Koobface[Bonkers][/B]
Symantec 20101.2.0.161 2010.11.13 -
TheHacker 6.7.0.1.083 2010.11.13 -
TrendMicro 9.120.0.1004 2010.11.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.13 -
VBA32 3.12.14.2 2010.11.12 -
ViRobot 2010.11.13.4145 2010.11.13 -
VirusBuster 12.75.1.0 2010.11.12 -[/QUOTE]
Additional information
Show all
MD5 : 965ba42d98350532e4365f3fc4e7455e
SHA1 : 34eb0da8cabe535714e9f0112f99982969fc1516
SHA256: 2782073aa45e702c2cdc4f15f861df79611cb595922d40b0424e2bb57b497eea
15.11.2010, 15:36
maksimog

Блин, думаю почему у меня ПК глючит, взял на потестить касперского...
Скорее всего в последний раз...

[QUOTE]File name:
000057721_FOUND.000.exe
Submission date:
2010-04-05 03:53:08 (UTC)
Current status:
finished
Result:
39 /42 (92.9%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.04.05 IM-Worm.Win32.VB!IK
AhnLab-V3 5.0.0.2 2010.04.03 Win32/Cogduni.worm.61440
AntiVir 7.10.6.24 2010.04.03 BDS/Pakes
Antiy-AVL 2.0.3.7 2010.04.02 -
Authentium 5.2.0.5 2010.04.04 W32/Lurka.A
Avast 4.8.1351.0 2010.04.04 Win32:Trojan-gen
Avast5 5.0.332.0 2010.04.04 Win32:Trojan-gen
AVG 9.0.0.787 2010.04.04 BackDoor.Bifrose.EU
BitDefender 7.2 2010.04.05 Backdoor.Agent.YPB
CAT-QuickHeal 10.00 2010.04.03 Worm.SillyFDC.gen
ClamAV 0.96.0.0-git 2010.04.03 W32.Virut.Gen.D-61
Comodo 4502 2010.04.05 Worm.Win32.VB.NJO0
DrWeb 5.0.2.03300 2010.04.05 Trojan.MulDrop.8034
eSafe 7.0.17.0 2010.04.01 Win32.WormWinNTLurka
eTrust-Vet 35.2.7405 2010.04.02 Win32/Lurka.A
F-Prot 4.5.1.85 2010.04.04 W32/Lurka.A
F-Secure 9.0.15370.0 2010.04.05 Backdoor.Agent.YPB
Fortinet 4.0.14.0 2010.04.04 W32/Lurker.A
GData 19 2010.04.05 Backdoor.Agent.YPB
Ikarus T3.1.1.80.0 2010.04.05 IM-Worm.Win32.VB
Jiangmin 13.0.900 2010.04.04 Win32/lurker.a
K7AntiVirus 7.10.1004 2010.03.22 Virus.Win32.Virut.Generic
Kaspersky 7.0.0.125 2010.04.05 -
McAfee 5937 2010.03.31 W32/Lurka.a
McAfee+Artemis 5937 2010.03.31 W32/Lurka.a
McAfee-GW-Edition 6.8.5 2010.04.03 Trojan.Backdoor.Pakes
Microsoft 1.5605 2010.04.04 Virus:Win32/Lurka.A
NOD32 4999 2010.04.04 a variant of Win32/VB.NJO
Norman 6.04.10 2010.04.03 W32/Lurker.B
nProtect 2009.1.8.0 2010.04.04 Backdoor.Agent.YPB
Panda 10.0.2.2 2010.04.04 -
PCTools 7.0.3.5 2010.04.05 Malware.Lurkasys
Prevx 3.0 2010.04.05 High Risk Cloaked Malware
Rising 22.41.04.05 2010.04.02 Worm.VB.aii
Sophos 4.52.0 2010.04.05 W32/Lurka-A
Sunbelt 6138 2010.04.05 Virus.Win32.Virut.b (v)
Symantec 20091.2.0.41 2010.04.05 W32.Lurkasys.A!inf
TheHacker 6.5.2.0.252 2010.04.05 W32/Lurka.A
TrendMicro 9.120.0.1004 2010.04.04 PE_LURKER.A
VBA32 3.12.12.4 2010.04.02 SScope.Backdoor.Bifrose.ago
ViRobot 2010.4.3.2259 2010.04.04 I-Worm.Win32.Generic.61440
VirusBuster 5.0.27.0 2010.04.04 Win32.Lurka.H
Additional information
Show all
MD5 : db8ecedc7b0080d146f21308a6fe019a
SHA1 : 4bd76d23077d0ce35668843bb3eec270a8d95852
SHA256: 1e281ae1c8cfb658222b3f3948fdf9b7b529d6a9ed5df0295a34ad9c67808ae7
ssdeep: 6144:D87jogxu/xzDegxu/xzDWGd6gxu/xzDocNgxu/xzDPfyFmL6wgxu/xzD:HniniDnPNnLf4
2/n
File size : 831488 bytes
First seen: 2010-04-05 03:53:08
Last seen : 2010-04-05 03:53:08
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID:
Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: v
copyright....: n/a
product......: v
description..: n/a
original name: windown_update.exe
internal name: windown_update
file version.: 1.00
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x10EC
timedatestamp....: 0x1A197200 (Thu Nov 17 00:00:00 1983)
machinetype......: 0x14C (Intel I386)

[[ 3 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0xB10C, 0xC000, 4.97, dc120d6c2d669975993d9735d751d60c
.data, 0xD000, 0x14D8, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e
.rsrc, 0xF000, 0xBD125, 0xBE000, 4.06, d97386c600d5b7ae518d4cebf82e2ec4

[[ 1 import(s) ]]
msvbvm60.dll: MethCallEngine, -, -, -, EVENT_SINK_AddRef, -, -, DllFunctionCall, EVENT_SINK_Release, -, EVENT_SINK_QueryInterface, __vbaExceptHandler, -, -, ProcCallEngine, -, -, -, -, -, -, -, -[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 3 часа 38 минут[/I][/B][/color][/size]

А это чудо пришло в письме, как подарок...

[QUOTE]File name:
1.exe
Submission date:
2010-11-15 08:03:00 (UTC)
Current status:
finished
Result:
4 /43 (9.3%)

VT Community

malware
Safety score: 0.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.11.15.00 2010.11.14 -
AntiVir 7.10.13.238 2010.11.14 -
Antiy-AVL 2.0.3.7 2010.11.15 -
Authentium 5.2.0.5 2010.11.15 -
Avast 4.8.1351.0 2010.11.14 -
Avast5 5.0.594.0 2010.11.14 -
AVG 9.0.0.851 2010.11.15 -
BitDefender 7.2 2010.11.15 -
CAT-QuickHeal 11.00 2010.11.09 -
ClamAV 0.96.4.0 2010.11.15 -
Comodo 6724 2010.11.15 -
DrWeb 5.0.2.03300 2010.11.15 Trojan.Siggen2.8259
Emsisoft 5.0.0.50 2010.11.15 -
eSafe 7.0.17.0 2010.11.14 -
eTrust-Vet 36.1.7976 2010.11.15 -
F-Prot 4.6.2.117 2010.11.15 -
F-Secure 9.0.16160.0 2010.11.15 -
Fortinet 4.2.249.0 2010.11.14 -
GData 21 2010.11.15 -
Ikarus T3.1.1.90.0 2010.11.15 -
Jiangmin 13.0.900 2010.11.15 -
K7AntiVirus 9.67.2973 2010.11.12 -
Kaspersky 7.0.0.125 2010.11.15 -
McAfee 5.400.0.1158 2010.11.15 -
McAfee-GW-Edition 2010.1C 2010.11.15 -
Microsoft 1.6301 2010.11.15 -
NOD32 5619 2010.11.14 a variant of Win32/Kryptik.IDZ
Norman 6.06.10 2010.11.14 -
nProtect 2010-11-15.01 2010.11.15 -
Panda 10.0.2.7 2010.11.14 -
PCTools 7.0.3.5 2010.11.15 -
Prevx 3.0 2010.11.15 High Risk Cloaked Malware
Rising 22.73.06.01 2010.11.15 -
Sophos 4.59.0 2010.11.15 -
Sunbelt 7314 2010.11.15 -
SUPERAntiSpyware 4.40.0.1006 2010.11.15 Trojan.Agent/Gen-Fuffan
Symantec 20101.2.0.161 2010.11.15 -
TheHacker 6.7.0.1.083 2010.11.15 -
TrendMicro 9.120.0.1004 2010.11.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.15 -
VBA32 3.12.14.2 2010.11.12 -
ViRobot 2010.11.15.4147 2010.11.15 -
VirusBuster 12.75.3.0 2010.11.14 -[/QUOTE]

Показывать 40 сообщений этой темы на одной странице