Исследование антивирусов 7

Printable View

Показывать 40 сообщений этой темы на одной странице

02.01.2009, 06:26
senyak

Файл Patch_AML_v472_b30400.exe получен 2009.01.02 04:09:50 (CET)
Текущий статус: закончено
Результат: 14/38 (36.85%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2008.12.31 -
AhnLab-V3 2008.12.31.0 2009.01.01 -
AntiVir 7.9.0.45 2009.01.01 -
[B]Authentium 5.1.0.4 2009.01.01 W32/Heuristic-210!Eldorado
Avast 4.8.1281.0 2009.01.01 Win32:Adware-gen[/B]
AVG 8.0.0.199 2008.12.31 -
BitDefender 7.2 2009.01.02 -
[B]CAT-QuickHeal 10.00 2009.01.02 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.01.02 -
Comodo 851 2008.12.31 -
DrWeb 4.44.0.09170 2009.01.02 -
eTrust-Vet 31.6.6287 2009.01.01 -
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2008.12.30 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.01.02 AdWare.Win32.Zhongsou.l
Fortinet 3.117.0.0 2009.01.02 Adware/Zhongsou
GData 19 2008.12.31 Win32:Adware-gen [/B]
Ikarus T3.1.1.45.0 2009.01.02 -
K7AntiVirus 7.10.572 2008.12.31 -
[B]Kaspersky 7.0.0.125 2009.01.02 not-a-virus:AdWare.Win32.Zhongsou.l[/B]
McAfee 5481 2009.01.02 -
[B]McAfee+Artemis 5479 2008.12.30 potentially unwanted program Generic!Artemis[/B]
Microsoft 1.4205 2009.01.01 -
NOD32 3725 2008.12.31 -
[B]Norman 5.80.02 2009.01.01 W32/Zhongsou.DF[/B]
Panda 9.0.0.4 2009.01.01 -
PCTools 4.4.2.0 2008.12.31 -
Prevx1 V2 2009.01.02 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Win32.Malware.gen (suspicious)[/B]
Sophos 4.37.0 2009.01.02 -
[B]Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious[/B]
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2008.12.31 -
[B]VBA32 3.12.8.10 2009.01.01 AdWare.Win32.Zhongsou.l
ViRobot 2008.12.30.1540 2008.12.31 Adware.Zhongsou.411648[/B]
VirusBuster 4.5.11.0 2009.01.01 -[/QUOTE]
Дополнительная информация
File size: 411648 bytes
MD5...: f0cfc6ddbcf829cbeae1e1978e0d7d50
SHA1..: 8f1f1727c1481ac551409972bd7bb2c236fd77ff
SHA256: fecb0a5defe81c65665af042ce058786e49aaa3ee3de7388fa24196947ed1808
SHA512: 61c15d34efa6c62979978af2518c1596a258ae0d683bc1e4fb0822d8e1f92265
69f439427be517587854d51808f0389006cdb23eeb192c1e0f8064884f4e9246
ssdeep: 12288:TZwCT33yW+yimmz2gXFo6nmNtTirdMwEoQK:twCDyW+W42WeTEdMw3d
PEiD..: ASProtect v1.23 RC1
03.01.2009, 14:40
antanta

bobmid.exe , выловлен 30-го декабря прошлого года.

[quote]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 MemScanTrojan.Downloader.JKFL!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.02 -
[B]AntiVir 7.9.0.45 2009.01.02 HEUR/Crypted[/B]
[B]Authentium 5.1.0.4 2009.01.02 W32/Heuristic-THX!Eldorado[/B]
[B]Avast 4.8.1281.0 2009.01.03 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.199 2009.01.02 -
BitDefender 7.2 2009.01.03 -
[B]CAT-QuickHeal 10.00 2009.01.03 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.01.03 -
Comodo 866 2009.01.02 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.02 W32/Heuristic-THX!Eldorado[/B]
F-Secure 8.0.14470.0 2009.01.03 -
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2009.01.03 Win32:Trojan-gen {Other}[/B]
[B]Ikarus T3.1.1.45.0 2009.01.03 MemScanTrojan.Downloader.JKFL[/B]
K7AntiVirus 7.10.572 2009.01.02 -
Kaspersky 7.0.0.125 2009.01.03 -
McAfee 5482 2009.01.02 -
McAfee+Artemis 5482 2009.01.02 -
Microsoft 1.4205 2009.01.03 -
NOD32 3733 2009.01.02 -
Norman 5.80.02 2009.01.02 -
Panda 9.0.0.4 2009.01.02 -
PCTools 4.4.2.0 2009.01.02 -
Prevx1 V2 2009.01.03 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Heuristic.Crypted[/B]
[B]Sophos 4.37.0 2009.01.03 Sus/UnkPacker[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.03 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.02 -[/quote]

ЗЫ: А что делать с файлами, которые 99,99 % зловреды, и при этом никем не определяются? Каждый час их закидывать на virustotal, чтобы увидеть, кто первым в базы занес? :)
03.01.2009, 16:34
senyak

Файл autorun21 получен 2009.01.03 14:25:56 (CET)
Текущий статус: закончено
Результат: 19/36 (52.78%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Worm.Win32.AutoRun!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Autorun.LD
Authentium 5.1.0.4 2009.01.03 IS/Autorun
Avast 4.8.1281.0 2009.01.03 Win32:AutoRun-HL[/B]
AVG 8.0.0.199 2009.01.02 -
[B]BitDefender 7.2 2009.01.03 Trojan.Autorun.LD[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
[B]Comodo 869 2009.01.03 Win32.AutoRun.NS
DrWeb 4.44.0.09170 2009.01.03 Win32.HLLW.Autoruner.937
eTrust-Vet 31.6.6289 2009.01.02 INF/SillyAutorun.AE[/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 IS/Autorun[/B]
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2009.01.03 Trojan.Autorun.LD
Ikarus T3.1.1.45.0 2009.01.03 Worm.Win32.AutoRun[/B]
K7AntiVirus 7.10.575 2009.01.03 -
[B]Kaspersky 7.0.0.125 2009.01.03 Worm.Win32.AutoRun.acm[/B]
McAfee 5482 2009.01.02 -
McAfee+Artemis 5482 2009.01.02 -
Microsoft 1.4205 2009.01.03 -
[B]NOD32 3733 2009.01.02 Win32/AutoRun.NS
Norman 5.80.02 2009.01.02 BAT/AutoRun.AE[/B]
Panda 9.0.0.4 2009.01.03 -
PCTools 4.4.2.0 2009.01.03 -
Prevx1 V2 2009.01.03 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Autorun.LD
Sophos 4.37.0 2009.01.03 W32/AutoRun-AC[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.03 -
[B]TheHacker 6.3.1.4.204 2009.01.02 Trojan/Small.autorun
TrendMicro 8.700.0.1004 2009.01.02 Mal_Otorun1[/B]
ViRobot 2009.1.3.1541 2009.01.03 -
[B]VirusBuster 4.5.11.0 2009.01.02 INF.Autorun.Gen[/B][/QUOTE]
Дополнительная информация
File size: 315 bytes
MD5...: 57a9674adaea24a4a7d9d33b77438141
SHA1..: d9730e3b9c8322cfd3d758c455a169c4d8ce8324
SHA256: 43e8a337f8aa86644f21d8c9f80ca5ff9a2240756037f86a397b43255167f0eb
SHA512: b3a5c92f240231da4796b30b4e9399487d19ef5cb64d28ac486a6098e55c0d91
980369f31665b59f5c9ed58404372dae655e25b49853f600f36828e08192d8b4
ssdeep: 6:e1KhiDqsrV6q0TMWcWuFH6voq6swZ1wZewWcWuFHHeCyry:ZwNyMRIw3wQwRne
03.01.2009, 23:19
antanta

Файл TXPlatform.exe получен 2009.01.03 17:29:29 (CET)
Текущий статус: закончено
Результат: 12/38 (31.58%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.03 -
[B]AhnLab-V3 2008.12.31.0 2009.01.03 Win32/MalPackedB.suspicious
AntiVir 7.9.0.45 2009.01.02 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Adware-gen
AVG 8.0.0.199 2009.01.02 Win32/Heur[/B]
[B]BitDefender 7.2 2009.01.03 Backdoor.Hupigon.AYGZ[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.03 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
F-Secure 8.0.14470.0 2009.01.03 -
[B]Fortinet 3.117.0.0 2009.01.03 suspicious
GData 19 2009.01.03 Backdoor.Hupigon.AYGZ[/B]
Ikarus T3.1.1.45.0 2009.01.03 -
K7AntiVirus 7.10.575 2009.01.03 -
Kaspersky 7.0.0.125 2009.01.03 -
McAfee 5483 2009.01.03 -
[B]McAfee+Artemis 5483 2009.01.03 Generic!Artemis[/B]
Microsoft 1.4205 2009.01.03 -
[B]NOD32 3733 2009.01.02 a variant of Win32/Adware.Antivirus2008[/B]
Norman 5.80.02 2009.01.02 -
[B]Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2009.01.03 -
[B]Prevx1 V2 2009.01.03 Cloaked Malware[/B]
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Crypt.XPACK.Gen[/B]
Sophos 4.37.0 2009.01.03 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.03 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -
Дополнительная информация[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 6 минут[/I][/B][/color][/size]

Файл LBXQFASTABPDN.EXE получен 2009.01.03 17:38:55 (CET)
Текущий статус: закончено
Результат: 15/38 (39.48%)

[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2008.12.31 Virus.Win32.Agent.OQV!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Crypt.CFI.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Agent-OQV
AVG 8.0.0.199 2008.12.31 Generic3.AFDC[/B]
[B]BitDefender 7.2 2009.01.03 Dropped:Adware.AdMoke.FA[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
Comodo 851 2008.12.31 -
[B]DrWeb 4.44.0.09170 2009.01.03 BackDoor.Scrum.origin[/B]
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2009.01.03 -
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2008.12.31 Dropped:Adware.AdMoke.FA
Ikarus T3.1.1.45.0 2009.01.03 Virus.Win32.Agent.OQV[/B]
K7AntiVirus 7.10.572 2008.12.31 -
Kaspersky 7.0.0.125 2009.01.03 -
[B]McAfee 5483 2009.01.03 potentially unwanted program Generic PUP
McAfee+Artemis 5479 2008.12.30 potentially unwanted program Generic PUP
Microsoft 1.4205 2009.01.03 Trojan:Win32/Daekom.A
NOD32 3725 2008.12.31 a variant of Win32/Adware.MoKeAD[/B]
Norman 5.80.02 2009.01.02 -
[B]Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.31 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Trojan.Crypt.CFI.Gen[/B]
[B]Sophos 4.37.0 2009.01.03 Sus/Behav-269[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2008.12.30.1540 2008.12.31 -[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 28 минут[/I][/B][/color][/size]

Встречаем братца.
[QUOTE]Файл LBXQFASTABPDN.EXE получен 2009.01.03 17:38:55 (CET)
Текущий статус: закончено
Результат: 15/38 (39.47%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2008.12.31 Virus.Win32.Agent.OQV!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Crypt.CFI.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Agent-OQV
AVG 8.0.0.199 2008.12.31 Generic3.AFDC
BitDefender 7.2 2009.01.03 Dropped:Adware.AdMoke.FA[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.03 -
Comodo 851 2008.12.31 -
[B]DrWeb 4.44.0.09170 2009.01.03 BackDoor.Scrum.origin[/B]
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2009.01.03 -
Fortinet 3.117.0.0 2009.01.03 -
[B]GData 19 2008.12.31 Dropped:Adware.AdMoke.FA
Ikarus T3.1.1.45.0 2009.01.03 Virus.Win32.Agent.OQV[/B]
K7AntiVirus 7.10.572 2008.12.31 -
Kaspersky 7.0.0.125 2009.01.03 -
[B]McAfee 5483 2009.01.03 potentially unwanted program Generic PUP
McAfee+Artemis 5479 2008.12.30 potentially unwanted program Generic PUP
Microsoft 1.4205 2009.01.03 Trojan:Win32/Daekom.A
NOD32 3725 2008.12.31 a variant of Win32/Adware.MoKeAD[/B]
Norman 5.80.02 2009.01.02 -
[B]Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2008.12.31 -
Prevx1 V2 2009.01.03 -
Rising 21.10.22.00 2008.12.31 -
[B]SecureWeb-Gateway 6.7.6 2008.12.31 Trojan.Crypt.CFI.Gen[/B]
[B]Sophos 4.37.0 2009.01.03 Sus/Behav-269[/B]
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2008.12.30.1540 2008.12.31 -
VirusBuster 4.5.11.0 2009.01.03 -
Дополнительная информация
File size: 224768 bytes
MD5...: 6962277ab908a29957b857193c2d33ac
SHA1..: 7355b40200a37a19a076775011448860b296d127
SHA256: 8c5c067b7ccf3017b48c734149a219be8e6f57778c1cb924a0c9c0af10c7d64b
SHA512: 7fa5df9964dd5828e07e71c71d5ac653a360a70801ee3d2bcac58a071ba78c8d
9a48d656bdcfb940c277a51b7a73f85164e99bac59475bbdadba9374f01bb4ca
ssdeep: 6144:rfUbzKBz0Cu8HmX1aFomxl9BK/LKzF3dLJ/y:onWzI8Hm6rlu/WH
PEiD..: ASPack v2.12
TrID..: File type identification
ASPack compressed Win32 Executable (generic) (85.7%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
Win16/32 Executable Delphi generic (1.3%)
Generic Win/DOS Executable (1.2%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x490001
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x74000 0x2e800 8.00 6c615ff75193c608e3d1e698b0ff239c
DATA 0x75000 0x2000 0xe00 7.57 00711bbcacf81a1dd5473eeb4073e85c
BSS 0x77000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x78000 0x3000 0xe00 7.60 34d429ae6c449747ad3b19444bdd4317
.tls 0x7b000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x7c000 0x1000 0x200 0.20 6d63c0c5b8cb4cd53655fdff98132b6f
.reloc 0x7d000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x86000 0xa000 0x2800 6.86 53a6281c8ef57e16f325c1e176a7a1a4
.aspack 0x90000 0x4000 0x3c00 6.31 3b766a0075942997af4973dbeb3b446c
.adata 0x94000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 13 imports )
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: SysFreeString
> advapi32.dll: RegSetValueExA
> version.dll: VerQueryValueA
> gdi32.dll: UnrealizeObject
> user32.dll: CreateWindowExA
> ole32.dll: CLSIDFromString
> oleaut32.dll: SafeArrayPtrOfIndex
> ole32.dll: CoUninitialize
> oleaut32.dll: GetErrorInfo
> comctl32.dll: ImageList_SetIconSize

( 0 exports )
packers (Kaspersky): ASPack
packers (F-Prot): Aspack
packers (Avast): ASPack

Service & Privacy Policy[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 51 минуту[/I][/B][/color][/size]

Обратите внимание, Касперкому ведом сей упаковшик... Я фшоке

[QUOTE]Файл zyndle081223.exe получен 2009.01.03 20:52:41 (CET)
Текущий статус: закончено
Результат: 31/38 (81.58%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Backdoor.Rbot!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.02 TR/Dropper.Gen
Authentium 5.1.0.4 2009.01.03 W32/Heuristic-210!Eldorado
Avast 4.8.1281.0 2009.01.03 Win32:AutoRun-APU
AVG 8.0.0.199 2009.01.03 Worm/Generic.ROC
BitDefender 7.2 2009.01.03 Generic.Malware.Sdldspg.F2F94788
CAT-QuickHeal 10.00 2009.01.03 Win32.Trojan.Agent.NAL.3[/B]
ClamAV 0.94.1 2009.01.03 -
Comodo 869 2009.01.03 -
[B]DrWeb 4.44.0.09170 2009.01.03 Win32.HLLW.Autoruner.origin
eTrust-Vet 31.6.6289 2009.01.02 Win32/Hotpop!generic[/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.01.03 W32/Packed_Upack.A
Fortinet 3.117.0.0 2009.01.03 PossibleThreat
GData 19 2009.01.03 Generic.Malware.Sdldspg.F2F94788
Ikarus T3.1.1.45.0 2009.01.03 Backdoor.Rbot
K7AntiVirus 7.10.575 2009.01.03 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.01.03 -
[B]McAfee 5483 2009.01.03 New Malware.aj
McAfee+Artemis 5483 2009.01.03 New Malware.n
Microsoft 1.4205 2009.01.03 TrojanSpy:Win32/Hitpop.gen!C
NOD32 3733 2009.01.02 probably a variant of Win32/AutoRun.YE
Norman 5.80.02 2009.01.02 W32/Packed_Upack.A
Panda 9.0.0.4 2009.01.03 Trj/Downloader.MDW
PCTools 4.4.2.0 2009.01.03 Packed/Upack[/B]
Prevx1 V2 2009.01.03 -
[B]Rising 21.10.22.00 2008.12.31 Trojan.DL.Win32.MyDown.beh
SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Dropper.Gen[/B]
[B]Sophos 4.37.0 2009.01.03 Mal/Autorun-C
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious
Symantec 10 2009.01.03 W32.SillyDC
TheHacker 6.3.1.4.204 2009.01.02 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2009.01.02 Possible_OtorunA
VBA32 3.12.8.10 2009.01.03 suspected of Backdoor.XiaoBird.5 (paranoid heuristics)[/B]
ViRobot 2009.1.3.1541 2009.01.03 -
[B]VirusBuster 4.5.11.0 2009.01.03 Packed/Upack[/B]
Дополнительная информация
File size: 36260 bytes
MD5...: e32320ae765ce6a42479169b18b082c7
SHA1..: 4a65f043d2983c21bc38aee1494f2f0b2377b249
SHA256: 4540d79c12c59d800a90e3b49dde7e6b3920d66cc7060f156cd0fb3a9c90321e
SHA512: 1585e6b66270f0ca1e0d9cb9b9d6618a10c0d75874cb8867781a466c4f8b5451
8815f5afe212fddb8411c8c4d0358769b9f9e2d0f8b0a1521d8642292eba430b
ssdeep: 768:RS5rFXi7ZqJHFYAeHA4k0aKPGr7lTSRcdjAegvHqGzQrNImRayvra1GY:RO3
HFntldkqyQrimRY1P
PEiD..: -
TrID..: File type identification
DOS Executable Generic (100.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x701018
timedatestamp.....: 0x7011b0be (Tue Jul 31 15:52:30 2029)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
PS 0x1000 0x1d000 0x1f0 5.34 8fc3a0d705355501676128dd02c17c03
p_jr 0x1e000 0xc000 0x8ba4 7.99 a8523ee649d6c462e6d4f461e7124818
qp 0x2a000 0x1000 0x1f0 5.34 8fc3a0d705355501676128dd02c17c03

( 0 imports )
( 0 exports )
packers (Kaspersky): PE_Patch, UPack
packers (Avast): Upack
packers (Authentium): UPack
packers (F-Prot): UPack[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 11 минут[/I][/B][/color][/size]

Groft, извини, критика была не от тебя :-)
04.01.2009, 04:56
senyak

Файл 123 получен 2009.01.04 02:53:26 (CET)
Текущий статус: закончено
Результат: 4/38 (10.53%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Trojan-SMS!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
AntiVir 7.9.0.45 2009.01.03 -
Authentium 5.1.0.4 2009.01.03 -
Avast 4.8.1281.0 2009.01.03 -
AVG 8.0.0.199 2009.01.03 -
BitDefender 7.2 2009.01.04 -
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.04 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
[B]F-Secure 8.0.14470.0 2009.01.04 Trojan-SMS.J2ME.Konov.f[/B]
Fortinet 3.117.0.0 2009.01.03 -
GData 19 2009.01.04 -
[B]Ikarus T3.1.1.45.0 2009.01.03 Trojan-SMS[/B]
K7AntiVirus 7.10.575 2009.01.03 -
[B]Kaspersky 7.0.0.125 2009.01.04 Trojan-SMS.J2ME.Konov.f[/B]
McAfee 5483 2009.01.03 -
McAfee+Artemis 5483 2009.01.03 -
Microsoft 1.4205 2009.01.03 -
NOD32 3734 2009.01.03 -
Norman 5.80.02 2009.01.02 -
Panda 9.0.0.4 2009.01.03 -
PCTools 4.4.2.0 2009.01.03 -
Prevx1 V2 2009.01.04 -
Rising 21.10.22.00 2008.12.31 -
SecureWeb-Gateway 6.7.6 2009.01.03 -
Sophos 4.37.0 2009.01.04 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.04 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -[/QUOTE]
Дополнительная информация
File size: 2724 bytes
MD5...: fc1e1f0611b0f5b240696fd6aa8e805c
SHA1..: f57c1be1b01ed68b7c61865c81cefd7ab95c7182
SHA256: d5e338df336e02149a1ba376ebc1e2091e4a05c9c9f470a2e1152582ee092dd1
SHA512: 1984fa19f4bb5a709338c86c948c9447bf15621b408105bdbfbe54951ebd6609
1732b611afff2b7daa7cce1dcda9ad4ab0927e91bc793f5f78bc60812734e75d
ssdeep: 48:BiLvqFZ84Sx8scqQOT/gIzANMJvyfHS+b9NpBcpf/9e3oUMH:BiWR/xOc8ANk
Qy+bFBcpfFqJMH
PEiD..: -
04.01.2009, 11:16
antanta

Не спать! Косить!
[QUOTE]Файл zU.exe получен 2009.01.04 09:05:49 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Trojan-Clicker.Win32.Klik!IK
AhnLab-V3 2008.12.31.0 2009.01.03 Win-Trojan/Fakeav.9728
AntiVir 7.9.0.45 2009.01.03 TR/Fakealert.ane.44 [/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Lighty-D
AVG 8.0.0.199 2009.01.03 Dropper.Bravix.L
BitDefender 7.2 2009.01.04 Trojan.FakeAlert.ANE
CAT-QuickHeal 10.00 2009.01.03 TrojanDropper.Rooter.b [/B]
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.04 -
[B]eTrust-Vet 31.6.6289 2009.01.02 Win32/FakeAlert!generic [/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 W32/FakeAlert.AB.gen!Eldorado
F-Secure 8.0.14470.0 2009.01.04 W32/Fakealert
Fortinet 3.117.0.0 2009.01.04 W32/FakeAlert.D!tr
GData 19 2009.01.04 Trojan.FakeAlert.ANE
Ikarus T3.1.1.45.0 2009.01.03 Trojan-Clicker.Win32.Klik
K7AntiVirus 7.10.575 2009.01.03 Trojan.Win32.Malware.1 [/B]
Kaspersky 7.0.0.125 2009.01.04 -
[B]McAfee 5483 2009.01.03 Generic Dropper.bu
McAfee+Artemis 5483 2009.01.03 Generic Dropper.bu
Microsoft 1.4205 2009.01.04 TrojanDropper:Win32/Rooter.B
NOD32 3734 2009.01.03 a variant of Win32/Kryptik.BN
Norman 5.80.02 2009.01.02 W32/Renos.BZB
Panda 9.0.0.4 2009.01.03 Generic Trojan [/B]
PCTools 4.4.2.0 2009.01.03 -
[B]Prevx1 V2 2009.01.04 Malicious Software [/B]
Rising 21.10.61.00 2009.01.04 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Fakealert.ane.44
Sophos 4.37.0 2009.01.04 Mal/EncPk-EQ
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious
Symantec 10 2009.01.04 Trojan.Virantix.C [/B]
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
[B]ViRobot 2009.1.3.1541 2009.01.03 Backdoor.Win32.IRCBot.39936.L
VirusBuster 4.5.11.0 2009.01.03 Trojan.FakeAlert.Gen!Pac.3 [/B][/CODE]
[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 4 минуты[/I][/B][/color][/size]

Продолжимс.
[QUOTE]Файл runsql.exe получен 2009.01.04 09:13:48 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.03 Trojan-Clicker.Win32.Klik!IK
AhnLab-V3 2008.12.31.0 2009.01.03 Win-Trojan/Fakeav.9728
AntiVir 7.9.0.45 2009.01.03 TR/Dropper.Gen [/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Lighty-D
AVG 8.0.0.199 2009.01.03 Dropper.Bravix.L
BitDefender 7.2 2009.01.04 Trojan.FakeAlert.ANE
CAT-QuickHeal 10.00 2009.01.03 Backdoor.UltimateDefender.gqg [/B]
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
DrWeb 4.44.0.09170 2009.01.04 -
[B]eTrust-Vet 31.6.6289 2009.01.02 Win32/FakeAlert!generic [/B]
Ewido 4.0 2008.12.31 -
[B]F-Prot 4.4.4.56 2009.01.03 W32/FakeAlert.AB.gen!Eldorado [/B]
Fortinet 3.117.0.0 2009.01.04 -
[B]GData 19 2009.01.04 Trojan.FakeAlert.ANE
Ikarus T3.1.1.45.0 2009.01.03 Trojan-Clicker.Win32.Klik
K7AntiVirus 7.10.575 2009.01.03 Trojan.Win32.Malware.1 [/B]
Kaspersky 7.0.0.125 2009.01.04 -
[B]McAfee 5483 2009.01.03 Generic Dropper.bu
McAfee+Artemis 5483 2009.01.03 Generic Dropper.bu
Microsoft 1.4205 2009.01.04 TrojanDownloader:Win32/Renos.FJ
NOD32 3734 2009.01.03 a variant of Win32/Kryptik.BN
Norman 5.80.02 2009.01.02 W32/Renos.CAG
Panda 9.0.0.4 2009.01.03 Generic Trojan [/B]
PCTools 4.4.2.0 2009.01.03 -
[B]Prevx1 V2 2009.01.04 Malicious Software [/B]
Rising 21.10.61.00 2009.01.04 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Dropper.Gen
Sophos 4.37.0 2009.01.04 Mal/EncPk-EQ
Sunbelt 3.2.1809.2 2008.12.22 VIPRE.Suspicious
Symantec 10 2009.01.04 Trojan.Virantix.C [/B]
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.02 -
VBA32 3.12.8.10 2009.01.03 -
[B]ViRobot 2009.1.3.1541 2009.01.03 Backdoor.Win32.IRCBot.39936.L
VirusBuster 4.5.11.0 2009.01.03 Trojan.FakeAlert.Gen!Pac.3[/B] [/CODE]
Дополнительная информация
File size: 278528 bytes
MD5...: 4f86af63d2df938148acf090f5ce73bd
SHA1..: 1fb27502eb373940e5bdad052b083325dfc87523
SHA256: 7604ae55c98e40cec74d9efd75dd4a4b39f5eee556e9042c28cf3776b1ba5e10
SHA512: 1f64743b07bf90a383f88b55997a0bf379756dc0c40fd5905eb83be4031f4776
4be5ae2631ff960ac59b83b1a73bca5f56fd5aec73d02c8547afab42eed83d0d

ssdeep: 6144:+P1UsU2DR906fVzzqDAnBbwLkFK8aiZ+i+MlZZZVrA:+P1UgDR9lNzzYAVg
dNA+4ZZV

PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401008
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x1000 0x200 5.78 886abbf737703371751e2ccaebab272f
.data 0x2000 0x44000 0x43000 8.00 2230ad2638b1bed16e72953f7c3c81b6
.rsrc 0x46000 0x84000 0xa00 3.61 ab2365cb0abfdcb5337cb3f9d03da60f

( 3 imports )
> KERNEL32.DLL: AddAtomA, CancelDeviceWakeupRequest, CancelWaitableTimer, CopyFileW, DebugActiveProcess, DebugBreak, DefineDosDeviceW, EnumCalendarInfoW, ExitProcess, GetEnvironmentStrings, GetLongPathNameW, GetOverlappedResult, GetThreadTimes, GetUserDefaultLCID, GlobalFindAtomA, GlobalGetAtomNameW, LocalReAlloc, SetCalendarInfoW, SetCommTimeouts, VerLanguageNameA, WaitForMultipleObjectsEx, WaitForSingleObject, WriteProfileSectionA, lstrcpy
> USER32.DLL: ChangeDisplaySettingsExA, CharUpperA, CheckRadioButton, CopyAcceleratorTableW, DestroyCursor, DialogBoxIndirectParamW, DragDetect, DrawIconEx, EnableMenuItem, EnableScrollBar, FillRect, GetAsyncKeyState, GetKeyboardLayoutNameA, GetMenuCheckMarkDimensions, GetMessageA, GetUpdateRgn, GetWindowLongA, GetWindowTextLengthA, IsCharUpperW, PostMessageW, PostThreadMessageW, RegisterWindowMessageW, SetShellWindow, SetSystemCursor, SetUserObjectSecurity
> GDI32.DLL: CopyEnhMetaFileA, CreateDCA, CreateFontW, CreateICA, CreatePatternBrush, EnumMetaFile, Escape, ExtEscape, GdiFlush, GdiPlayDCScript, GetCharWidthA, GetKerningPairsW, GetPolyFillMode, GetTextExtentExPointA, GetViewportExtEx, GetViewportOrgEx, LPtoDP, PolyPolygon, Polygon, RectInRegion, RectVisible, SelectObject, SetArcDirection, SetEnhMetaFileBits, SetPixel, SetViewportOrgEx, SetWinMetaFileBits

( 0 exports )

Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=0F166C2900A2BEA340D7049BCD8DBE00850A8D0A' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=0F166C2900A2BEA340D7049BCD8DBE00850A8D0A</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4f86af63d2df938148acf090f5ce73bd' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4f86af63d2df938148acf090f5ce73bd</a>
[/QUOTE]
04.01.2009, 13:33
kvit

[CODE][B]a-squared 4.0.0.73 2009.01.03 Win32.SuspectCrc!IK[/B]
AhnLab-V3 2008.12.31.0 2009.01.03 -
[B]AntiVir 7.9.0.45 2009.01.03 TR/Crypt.XDR.Gen[/B]
Authentium 5.1.0.4 2009.01.03 -
[B]Avast 4.8.1281.0 2009.01.03 Win32:Trojan-gen {Other}[/B]
[B]AVG 8.0.0.199 2009.01.03 Generic12.AIDL
BitDefender 7.2 2009.01.04 Dropped:Trojan.Generic.1267262[/B]
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.04 -
Comodo 869 2009.01.03 -
[B]DrWeb 4.44.0.09170 2009.01.04 Trojan.MulDrop.29356[/B]
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
F-Secure 8.0.14470.0 2009.01.04 -
[B]Fortinet 3.117.0.0 2009.01.04 PossibleThreat
GData 19 2009.01.04 Dropped:Trojan.Generic.1267262
Ikarus T3.1.1.45.0 2009.01.03 Win32.SuspectCrc[/B]
K7AntiVirus 7.10.575 2009.01.03 -
[B]Kaspersky 7.0.0.125 2009.01.04 Trojan.Win32.VB.ihj[/B]
McAfee 5483 2009.01.03 -
[B][COLOR="Red"]McAfee+Artemis 5483 2009.01.03 Generic!Artemis[/COLOR][/B]
Microsoft 1.4205 2009.01.04 -
[B]NOD32 3734 2009.01.03 a variant of Win32/Injector.GL
Norman 5.80.02 2009.01.02 W32/Smalltroj.KBEI
Panda 9.0.0.4 2009.01.03 Suspicious file[/B]
PCTools 4.4.2.0 2009.01.03 -
Prevx1 V2 2009.01.04 -
Rising 21.10.62.00 2009.01.04 -
[B]SecureWeb-Gateway 6.7.6 2009.01.03 Trojan.Crypt.XDR.Gen
Sophos 4.37.0 2009.01.04 Sus/Behav-1018
Sunbelt 3.2.1809.2 2008.12.22 BehavesLike.Win32.Malware (v)[/B]
Symantec 10 2009.01.04 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.04 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -[/CODE]

Дополнительная информация
File size: 792256 bytes
MD5...: a19d9ce5f4c3e1cb58a5b828b125afa6
SHA1..: 9947b55d8bfae5033ae7c7b8b01e36d2d6dda6cf
SHA256: 9aa6df47bf19f8ac113acb4caa0dcc5f18444671f702a20b2034af97a5d59069
SHA512: fc2bd9e8c527f9f6c4e8fb34803fee36363e1036a320631ccf0d739f496480a4
7f621ac4de1d46c09427141b65f76370d00365b9042f63e92d623a9961dc01d4
06.01.2009, 22:06
Aleksandra

Файл [B]tLBq.exe[/B] получен 2009.01.06 19:27:13 (CET)

[quote][COLOR=Red][B]a-squared 4.0.0.73 2009.01.06 Trojan-Spy.Win32.Zbot.djy!IK
AhnLab-V3 2009.1.6.3 2009.01.06 Win32/IRCBot.worm.variant
AntiVir 7.9.0.45 2009.01.06 TR/Crypt.XPACK.Gen
Authentium 5.1.0.4 2009.01.05 W32/Trojan2.CKMB
Avast 4.8.1281.0 2009.01.06 Win32:Zbot-AIO
AVG 8.0.0.199 2009.01.06 Win32/Heur
BitDefender 7.2 2009.01.06 Trojan.Wsnpoem.K[/B][/COLOR]
CAT-QuickHeal 10.00 2009.01.06 -
[COLOR=Red][B]ClamAV 0.94.1 2009.01.06 Trojan.Zbot-1823[/B][/COLOR]
Comodo 884 2009.01.06 -
[COLOR=Red][B]DrWeb 4.44.0.09170 2009.01.06 Trojan.Packed.511[/B][/COLOR]
eTrust-Vet 31.6.6293 2009.01.06 -
[COLOR=Red][B]Ewido 4.0 2008.12.31 Logger.Zbot.aez
F-Prot 4.4.4.56 2009.01.05 W32/Trojan2.CKMB[/B][/COLOR]
F-Secure 8.0.14470.0 2009.01.06 -
[COLOR=Red][B]Fortinet 3.117.0.0 2009.01.06 W32/Zbot.W!tr
GData 19 2009.01.06 Trojan.Wsnpoem.K
Ikarus T3.1.1.45.0 2009.01.06 Trojan-Spy.Win32.Zbot.djy
K7AntiVirus 7.10.578 2009.01.06 Trojan-Spy.Win32.Zbot.djy[/B][/COLOR]
Kaspersky 7.0.0.125 2009.01.06 -
[COLOR=Red][B]McAfee 5486 2009.01.05 PWS-Zbot.gen.c
McAfee+Artemis 5487 2009.01.06 PWS-Zbot.gen.c
Microsoft 1.4205 2009.01.06 Trojan:Win32/Zbot.BD
NOD32 3743 2009.01.06 a variant of Win32/Spy.Agent.PZ
Norman 5.80.02 2009.01.06 W32/Zbot.APJ[/B][/COLOR]
Panda 9.0.0.4 2009.01.06 -
PCTools 4.4.2.0 2009.01.06 -
Prevx1 V2 2009.01.06 -
Rising 21.11.12.00 2009.01.06 -
[COLOR=Red][B]SecureWeb-Gateway 6.7.6 2009.01.06 Trojan.Crypt.XPACK.Gen
Sophos 4.37.0 2009.01.06 Mal/TibsPak[/B][/COLOR]
Sunbelt 3.2.1809.2 2008.12.22 -
[COLOR=Red][B]Symantec 10 2009.01.06 Infostealer.Notos!gen[/B][/COLOR]
TheHacker 6.3.1.4.205 2009.01.05 -
[COLOR=Red][B]TrendMicro 8.700.0.1004 2009.01.06 Cryp_Zbot
VBA32 3.12.8.10 2009.01.05 Trojan-Spy.Win32.Zbot.djy
ViRobot 2009.1.6.1546 2009.01.06 Trojan.Win32.Zbot.90112[/B][/COLOR]
VirusBuster 4.5.11.0 2009.01.06 -[/quote]Дополнительная информация
File size: 49624 bytes
MD5...: bc1432c0b30fc6fb41ca94ce116a9dc6
09.01.2009, 16:52
Black Angel

Файл key.EXE получен 2009.01.09 14:35:56 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.09 Tool.DOS.SimulatedVirus.B!IK[/B]
AhnLab-V3 2009.1.9.2 2009.01.09 -
[B]AntiVir 7.9.0.45 2009.01.09 SPR/Fake.CscSimX[/B]
Authentium 5.1.0.4 2009.01.08 -
Avast 4.8.1281.0 2009.01.08 -
[B]AVG 8.0.0.229 2009.01.09 DOS.Generic_c.J[/B]
[B]BitDefender 7.2 2009.01.09 Application.Viremul.B[/B]
CAT-QuickHeal 10.00 2009.01.09 -
[B]ClamAV 0.94.1 2009.01.09 DOS.Simulated.Virus[/B]
[B]Comodo 895 2009.01.08 Application.SimulatedVir[/B]
[B]DrWeb 4.44.0.09170 2009.01.09 Tool.VirEmul[/B]
[B]eSafe 7.0.17.0 2009.01.08 Dos.4907[/B]
eTrust-Vet 31.6.6299 2009.01.09 -
F-Prot 4.4.4.56 2009.01.08 -
F-Secure 8.0.14470.0 2009.01.09 -
[B]Fortinet 3.117.0.0 2009.01.09 Misc/Simulated[/B]
[B]GData 19 2009.01.09 Application.Viremul.B[/B]
[B]Ikarus T3.1.1.45.0 2009.01.09 Tool.DOS.SimulatedVirus.B[/B]
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.09 -
[B]McAfee 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]McAfee+Artemis 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]Microsoft 1.4205 2009.01.09 Tool:DOS/SimulatedVirus.B[/B]
[B]NOD32 3754 2009.01.09 SimulatedVir[/B]
Norman 5.99.02 2009.01.09 -
[B]Panda 9.4.3.3 2009.01.09 Lepe.2818[/B]
PCTools 4.4.2.0 2009.01.09 -
[B]Prevx1 V2 2009.01.09 Malicious Software[/B]
Rising 21.11.42.00 2009.01.09 -
[B]SecureWeb-Gateway 6.7.6 2009.01.09 Riskware.Fake.CscSimX[/B]
Sophos 4.37.0 2009.01.09 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.09 -
TheHacker 6.3.1.4.214 2009.01.09 -
TrendMicro 8.700.0.1004 2009.01.09 -
VBA32 3.12.8.10 2009.01.08 -
ViRobot 2009.1.9.1552 2009.01.09 -
VirusBuster 4.5.11.0 2009.01.08 -[/CODE]
Дополнительная информация
File size: 2818 bytes
MD5...: 9435eae54f53fb1e7517b2dbad8e4caf

[size="1"][color="#666686"][B][I]Добавлено через 10 минут[/I][/B][/color][/size]

Файл hosts.EXE получен 2009.01.09 14:45:13 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.09 Tool.DOS.SimulatedVirus.A!IK[/B]
AhnLab-V3 2009.1.9.2 2009.01.09 -
AntiVir 7.9.0.54 2009.01.09 -
[B]Authentium 5.1.0.4 2009.01.08 Intended_Virus!e2da[/B]
Avast 4.8.1281.0 2009.01.08 -
[B]AVG 8.0.0.229 2009.01.09 DOS.Generic_c.R[/B]
[B]BitDefender 7.2 2009.01.09 Application.Dropper.A[/B]
CAT-QuickHeal 10.00 2009.01.09 -
[B]ClamAV 0.94.1 2009.01.09 DOS.Simulated.Virus[/B]
[B]Comodo 895 2009.01.08 Application.SimulatedVir[/B]
[B]DrWeb 4.44.0.09170 2009.01.09 Tool.VirEmul[/B]
[B]eSafe 7.0.17.0 2009.01.08 Dos.Balooch[/B]
eTrust-Vet 31.6.6300 2009.01.09 -
[B]F-Prot 4.4.4.56 2009.01.08 Intended_Virus!e2da[/B]
[B]Fortinet 3.117.0.0 2009.01.09 W32/Music[/B]
[B]GData 19 2009.01.09 Application.Dropper.A[/B]
[B]Ikarus T3.1.1.45.0 2009.01.09 Tool.DOS.SimulatedVirus.A[/B]
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.09 -
[B]McAfee 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]McAfee+Artemis 5489 2009.01.08 potentially unwanted program Simulated Virus[/B]
[B]Microsoft 1.4205 2009.01.09 Tool:DOS/SimulatedVirus.A[/B]
[B]NOD32 3754 2009.01.09 SimulatedVir[/B]
Panda 9.4.3.3 2009.01.09 -
PCTools 4.4.2.0 2009.01.09 -
Rising 21.11.42.00 2009.01.09 -
SecureWeb-Gateway 6.7.6 2009.01.09 -
[B]Sophos 4.37.0 2009.01.09 Junk/Music sim[/B]
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.09 -
TheHacker 6.3.1.4.214 2009.01.09 -
TrendMicro 8.700.0.1004 2009.01.09 -
VBA32 3.12.8.10 2009.01.08 -
ViRobot 2009.1.9.1552 2009.01.09 -
VirusBuster 4.5.11.0 2009.01.08 -[/CODE]
Дополнительная информация
File size: 2974 bytes
MD5...: c7c76758a017faf547d006691fdf575d
12.01.2009, 19:25
DABbID

Файл innounp.exe получен 2009.01.12 17:19:17 (CET)
Текущий статус: закончено
Результат: 25/37 (67.57%)
[QUOTE]Антивирус Версия Обновление Результат
[COLOR="Red"]a-squared 4.0.0.73 2009.01.12 Virus.Win32.Trojan!IK[/COLOR]
[COLOR="#ff0000"]AhnLab-V3 2009.1.10.0 2009.01.12 Packed/Upack[/COLOR]
AntiVir 7.9.0.54 2009.01.12 -
[COLOR="#ff0000"]Authentium 5.1.0.4 2009.01.12 W32/Heuristic-210!Eldorado
Avast 4.8.1281.0 2009.01.12 Win32:Trojan-gen {Other}
AVG 8.0.0.229 2009.01.12 Generic10.XFN[/COLOR]
BitDefender 7.2 2009.01.12 -
[COLOR="#ff0000"]CAT-QuickHeal 10.00 2009.01.12 (Suspicious) - DNAScan[/COLOR]
ClamAV 0.94.1 2009.01.12 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
[COLOR="#ff0000"]eSafe 7.0.17.0 2009.01.12 Suspicious File[/COLOR]
eTrust-Vet 31.6.6304 2009.01.12 -
[COLOR="#ff0000"]F-Prot 4.4.4.56 2009.01.12 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.01.12 W32/Packed_Upack.A
Fortinet 3.117.0.0 2009.01.11 PossibleThreat
GData 19 2009.01.12 Win32:Trojan-gen {Other}
Ikarus T3.1.1.45.0 2009.01.12 Virus.Win32.Trojan
K7AntiVirus 7.10.584 2009.01.09 Trojan.Win32.Malware.1[/COLOR]
Kaspersky 7.0.0.125 2009.01.12 -
[COLOR="#ff0000"]McAfee 5492 2009.01.11 Generic.dx
McAfee+Artemis 5492 2009.01.11 Generic.dx[/COLOR]
Microsoft 1.4205 2009.01.12 -
NOD32 3759 2009.01.12 -
[COLOR="#ff0000"]Norman 5.93.01 2009.01.12 W32/Packed_Upack.A
Panda 9.4.3.3 2009.01.11 Trj/Lineage.BZE
PCTools 4.4.2.0 2009.01.12 Packed/Upack
Prevx1 V2 2009.01.12 Malicious Software[/COLOR]
Rising 21.12.02.00 2009.01.12 -
[COLOR="#ff0000"]SecureWeb-Gateway 6.7.6 2009.01.12 Trojan.PSW.LooksLike.Sagic
Sophos 4.37.0 2009.01.12 Sus/ComPack-C
Sunbelt 3.2.1831.2 2009.01.09 Trojan.Win32.Packed.gen (v)
TheHacker 6.3.1.4.218 2009.01.11 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2009.01.12 TROJ_PACKED.ECJ[/COLOR]
VBA32 3.12.8.10 2009.01.12 -
ViRobot 2009.1.12.1554 2009.01.12 -
[COLOR="#ff0000"]VirusBuster 4.5.11.0 2009.01.12 Packed/Upack[/COLOR]
Дополнительная информация
File size: 94564 bytes
MD5...: 8a93c3415a3ebc7cf4ebd5ace6cb062d
SHA1..: c812b4f41d318a83e6ae71375e01c8a644fab697
SHA256: 9f13fd5d3cac4362c0523c98b6411b1f576049017f262783bc0e5c8cc566db55
SHA512: 63f02e4d508329898188444929a390489404bb32aa1b47ca5360b3bba73dbea9
3c9e21a85ed69237833734f9a1508a0bda9a8357fad5c21487b92aeb0cfc2b7e
ssdeep: 1536:PmvVpfBxOTguIN7EhleATSP4cy01Ys/3ar6BY/0hNqY0NYLBKb/KkCtou40
89rv7:PmXfbxlWOAOX1P/3a0WNYLBO/ru4089P
PEiD..: -
TrID..: File type identification
DOS Executable Generic (100.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401018
timedatestamp.....: 0x4011b0be (Fri Jan 23 23:39:42 2004)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
PS 0x1000 0x63000 0x1f0 5.41 dc08bdd8c711d73e0dbdca444ea5a54b
@_G 0x64000 0x1f000 0x16f64 8.00 03a2623cf8965f89c51fd96c96ca768b
8F@ 0x83000 0x1000 0x1f0 5.41 dc08bdd8c711d73e0dbdca444ea5a54b

( 0 imports )

( 0 exports )
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=8a93c3415a3ebc7cf4ebd5ace6cb062d' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=8a93c3415a3ebc7cf4ebd5ace6cb062d</a>
packers (Kaspersky): PE_Patch, UPack
packers (Authentium): UPack
packers (F-Prot): UPack
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=D5F7FF8364CF5375711701B8DDD94100EB95778A' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=D5F7FF8364CF5375711701B8DDD94100EB95778A</a>[/QUOTE]
12.01.2009, 22:13
senyak

Файл autorun.rar получен 2009.01.12 20:04:59 (CET)
Текущий статус: закончено
Результат: 5/38 (13.16%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.12 -
AhnLab-V3 2009.1.10.0 2009.01.12 -
AntiVir 7.9.0.54 2009.01.12 -
Authentium 5.1.0.4 2009.01.12 -
Avast 4.8.1281.0 2009.01.12 -
AVG 8.0.0.229 2009.01.12 -
BitDefender 7.2 2009.01.12 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.12 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6301 2009.01.10 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.12 -
Fortinet 3.117.0.0 2009.01.11 -
GData 19 2009.01.12 -
Ikarus T3.1.1.45.0 2009.01.12 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.12 -
[B]McAfee 5493 2009.01.12 W32/Conficker.worm!inf
McAfee+Artemis 5493 2009.01.12 W32/Conficker.worm!inf
Microsoft 1.4205 2009.01.12 Worm:Win32/Conficker.B!inf[/B]
NOD32 3759 2009.01.12 -
Norman 5.93.01 2009.01.12 -
[B]Panda 9.4.3.3 2009.01.12 W32/Conficker.C.worm[/B]
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.12 -
Rising 21.12.02.00 2009.01.12 -
SecureWeb-Gateway 6.7.6 2009.01.12 -
Sophos 4.37.0 2009.01.12 -
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.12 W32.Downadup!autorun[/B]
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.12 -
VBA32 3.12.8.10 2009.01.12 -
ViRobot 2009.1.12.1554 2009.01.12 -
VirusBuster 4.5.11.0 2009.01.12 -[/QUOTE]
Дополнительная информация
File size: 29663 bytes
MD5...: 21b0f00ae0d46d52c88a78b542f4bfa5
SHA1..: 0cc575c1fddd6796b9809c4ae438082ed0064357
SHA256: 2f09ce46b26377de1b6b8d46d524ed561ce05d7e3a8295781ee003ec779b48ae
SHA512: a43e74319726e8522c718a33cea595ff3c5007cf03ca2540200e2f80e46a78ad
a3ab495154a6a30fca62d4f1db5731b4afb6b6a7bb4626db98e92cb1fbad144f
ssdeep: 768:bT0GDmiHNP4bwGjUcfazYSRzH6qIUBCl+m:30imiHNP4kGjYN5aqIUBCl+m
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
packers (F-Prot): Unicode
13.01.2009, 17:45
IgorKr

Файл setup.exe получен 2009.01.13 15:37:30 (CET)
Текущий статус: закончено
Результат: 9/38 (23.69%)

[QUOTE]
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
[B]AVG 8.0.0.229 2009.01.13 SHeur2.KOR.dropper[/B]
[B]BitDefender 7.2 2009.01.13 Trojan.Vundo.GGF[/B]
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 927 2009.01.13 -
DrWeb 4.44.0.09170 2009.01.13 -
[B]eSafe 7.0.17.0 2009.01.12 Suspicious File[/B]
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
[B]GData 19 2009.01.13 Trojan.Vundo.GGF[/B]
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
[B]McAfee+Artemis 5493 2009.01.12 Generic!Artemis[/B]
[B]Microsoft 1.4205 2009.01.13 Trojan:Win32/AgentBypass.gen!I[/B]
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.13 -
[B]Panda 9.5.1.2 2009.01.13 Suspicious file[/B]
PCTools 4.4.2.0 2009.01.13 -
[B]Prevx1 V2 2009.01.13 Malicious Software[/B]
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Trojan.Win32.Packed.gen (v)[/B]
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
VBA32 3.12.8.10 2009.01.12 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Дополнительная информация
File size: 5512192 bytes
MD5...: fcd73882f7cfca40d9283c0df2ad375e
SHA1..: 2dcac82db6726466e8491a746d7157630e879eb5
SHA256: 61201460005f89e05e4ef34b8156a03e4dcb5b93db6006265947c028cf18eea1
SHA512: 9893cf69f04ff0321dae133b677f76fa7057fae86cd3fc7adb779b6a526df8b7
3d42d45a0968f634d460b536e68c790876872a5f8e43081d7cb1b92a12a396cd
ssdeep: 98304:hv0s8YL870pr14I/jxikW+IvJvK7pcr2xVeRjlobkSPuxhqjBpd+0RpA44
a:1Dfpr14I/jxRyJv+qKAoASPuxmpd+0Rr
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x100645c
timedatestamp.....: 0x480251cd (Sun Apr 13 18:32:45 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x99c8 0x9a00 6.58 fd7744c26c2bf4d279968be94b283b11
.data 0xb000 0x1be4 0x400 4.25 99858e86526942a66950c7139f78a725
.rsrc 0xd000 0x537868 0x537a00 8.00 a049d0a5dd3dbe7ef6ec019c9e94b6a6

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, lstrlenA, GetModuleFileNameA, GetSystemDirectoryA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, lstrcpyA, GlobalFree, GlobalUnlock, GlobalLock, GlobalAlloc, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, FreeResource, GetProcAddress, LoadResource, SizeofResource, FindResourceA, lstrcatA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, LockResource
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=361A4EEA00420789B602008C240A1900095139A6' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=361A4EEA00420789B602008C240A1900095139A6</a>
packers (F-Prot): CAB, ZIP
[/QUOTE]
14.01.2009, 07:37
ZhIV

Файл csrcs-.exe получен 2009.01.14 05:23:20 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.14 Trojan.Win32.Autoit.dt!IK
AhnLab-V3 2009.1.13.3 2009.01.14 Win-Trojan/Midgare.229888.B
AntiVir 7.9.0.54 2009.01.13 TR/Autoit.fi.420388
Authentium 5.1.0.4 2009.01.13 W32/Trojan2.FKMP
Avast 4.8.1281.0 2009.01.13 Win32:Trojan-gen {Other}
AVG 8.0.0.229 2009.01.13 Worm/Autoit.LYM
BitDefender 7.2 2009.01.14 Trojan.Generic.1175909
CAT-QuickHeal 10.00 2009.01.12 TrojanDownloader.Small.agrv
ClamAV 0.94.1 2009.01.13 Worm.Autorun-1793
[/B]Comodo 927 2009.01.13 -
DrWeb 4.44.0.09170 2009.01.13 -
[B]eSafe 7.0.17.0 2009.01.13 Suspicious File
[/B]eTrust-Vet 31.6.6306 2009.01.13 -
[B]F-Prot 4.4.4.56 2009.01.13 W32/Trojan2.FKMP
F-Secure 8.0.14470.0 2009.01.14 Trojan.Win32.Autoit.fi
[/B]Fortinet 3.117.0.0 2009.01.14 -
[B]GData 19 2009.01.14 Trojan.Generic.1175909
Ikarus T3.1.1.45.0 2009.01.14 Trojan.Win32.Autoit.dt
K7AntiVirus 7.10.584 2009.01.09 Trojan.Win32.Midgare.rdk
Kaspersky 7.0.0.125 2009.01.14 Trojan.Win32.Autoit.fi
McAfee 5494 2009.01.13 W32/Autorun.worm.zf.gen
McAfee+Artemis 5494 2009.01.13 W32/Autorun.worm.zf.gen
Microsoft 1.4205 2009.01.13 Worm:AutoIt/Renocide.gen!A
NOD32 3763 2009.01.13 Win32/Packed.Autoit.Gen
Norman 5.93.01 2009.01.13 W32/Agent.JIIR
Panda 9.5.1.2 2009.01.13 W32/Autoit.Z
[/B]PCTools 4.4.2.0 2009.01.13 -
Prevx1 V2 2009.01.14 -
Rising 21.12.20.00 2009.01.14 -
[B]SecureWeb-Gateway 6.7.6 2009.01.13 Trojan.Autoit.fi.420388[/B]
Sophos 4.37.0 2009.01.13 Sus/Behav-1011
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.14 W32.Harakit
TheHacker 6.3.1.4.219 2009.01.14 Trojan/Autoit.gs
TrendMicro 8.700.0.1004 2009.01.14 WORM_AUTORUN.HP
[/B]VBA32 3.12.8.10 2009.01.13 -
ViRobot 2009.1.14.1557 2009.01.14 -
VirusBuster 4.5.11.0 2009.01.13 -[/CODE]

Дополнительная информация
File size: 420360 bytes
MD5...: e297074d0a30c50ef6d227a362261685
SHA1..: 851d5403686594bd1752ef827aaed440f88e983e
SHA256: 6736a1ef071073c2e949168573730f33cca14a3f6d4a5848c4d9d4f1d647adca
SHA512: 827dbb1bd64e3c1fa731d8b890bf17f555ba68138818ecb796a95bf65cef601b 9446996bd519a25421871d0b397c458c0d95ca4d3126dc05ef85813563f648c9 
ssdeep: 12288:tnNhuBoY8SorxgmA+nlvVl/2RSHOJGBaObFR4U:tPatCg7EPt2SOEoOQU 
PEiD..: -

[size="1"][color="#666686"][B][I]Добавлено через 8 минут[/I][/B][/color][/size]

Файл autorun.inf получен 2009.01.14 05:29:51 (CET)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.14 -
AhnLab-V3 2009.1.13.3 2009.01.14 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
[B]AVG 8.0.0.229 2009.01.13 Worm/AutoRun
BitDefender 7.2 2009.01.14 Trojan.AutorunINF.Gen
[/B]CAT-QuickHeal 10.00 2009.01.12 -
[B]ClamAV 0.94.1 2009.01.13 Worm.Autorun-1792[/B]
Comodo 927 2009.01.13 -
DrWeb 4.44.0.09170 2009.01.13 -
eSafe 7.0.17.0 2009.01.13 -
[B]eTrust-Vet 31.6.6306 2009.01.13 INF/Frethog[/B]
F-Prot 4.4.4.56 2009.01.13 -
[B]F-Secure 8.0.14470.0 2009.01.14 BAT/AutoRun.AE[/B]
Fortinet 3.117.0.0 2009.01.14 -
[B]GData 19 2009.01.14 Trojan.AutorunINF.Gen[/B]
Ikarus T3.1.1.45.0 2009.01.14 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.14 -
McAfee 5494 2009.01.13 -
McAfee+Artemis 5494 2009.01.13 -
Microsoft 1.4205 2009.01.13 -
NOD32 3763 2009.01.13 -
[B]Norman 5.93.01 2009.01.13 BAT/AutoRun.AE[/B]
Panda 9.5.1.2 2009.01.13 -
PCTools 4.4.2.0 2009.01.13 -
Prevx1 V2 2009.01.14 -
Rising 21.12.20.00 2009.01.14 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
[B]Sophos 4.37.0 2009.01.14 W32/Yahlov-A
Sunbelt 3.2.1831.2 2009.01.09 INF.Autorun (v)[/B]
Symantec 10 2009.01.14 -
TheHacker 6.3.1.4.219 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.14 -
VBA32 3.12.8.10 2009.01.13 -
ViRobot 2009.1.14.1557 2009.01.14 -
[B]VirusBuster 4.5.11.0 2009.01.13 INF.Autorun.Gen[/B][/CODE]

Дополнительная информация
File size: 473 bytes
MD5...: 6ed92792d0051fbc0a84d6aea3a8970a
SHA1..: 688d1291f9a62e37bbc2c716526deb5969467094
SHA256: e8ee51ea254861ff70bd860ee1c9b8c5cb5cf27480cd66be199e83ddeaebdeb2
SHA512: 9dc6de65f9f55e2a9e35fcf549f2cfbce0f755b78cbcb9f3b4211b0de0360948 1aaa2a2e50e2baef309c8165ac04abca755a61aa0a8d182ebdf1e67073914b74 
ssdeep: 12:ZbgpDMbuRuuPM5BXiheTmNXq4izKswQwMDzrMRi:6F0ud4Bkqm3SwQV04 
PEiD..: -
TrID..: File type identification Unknown!
PEInfo: -
14.01.2009, 12:58
OSSP2008

Файл Virus.Win32.Parite.d получен 2009.01.14 10:50:22 (CET)
Текущий статус: закончено
Результат: [B]31/38[/B] (81.58%)

[QUOTE][B]a-squared 4.0.0.73 2009.01.14 Backdoor.Rbot!IK[/B]
AhnLab-V3 2009.1.13.3 2009.01.14 -
[B]AntiVir 7.9.0.54 2009.01.13 W32/Parite
Authentium 5.1.0.4 2009.01.13 W32/Parite.D
Avast 4.8.1281.0 2009.01.13 Win32:Parite
AVG 8.0.0.229 2009.01.13 BackDoor.RBot.EL
BitDefender 7.2 2009.01.14 Win32.Parite.D
CAT-QuickHeal 10.00 2009.01.14 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.01.14 W32.Parite.B
Comodo 927 2009.01.13 Virus.Win32.Parite.d
DrWeb 4.44.0.09170 2009.01.14 Win32.Parite.4
eSafe 7.0.17.0 2009.01.13 Virus.Win32.Parite.d[/B]
eTrust-Vet 31.6.6307 2009.01.14 -
[B]F-Prot 4.4.4.56 2009.01.13 W32/Spybot.BFC
F-Secure 8.0.14470.0 2009.01.14 Virus.Win32.Parite.d
Fortinet 3.117.0.0 2009.01.14 W32/Parite.B
GData 19 2009.01.14 Win32.Parite.D
Ikarus T3.1.1.45.0 2009.01.14 Backdoor.Rbot[/B]
K7AntiVirus 7.10.584 2009.01.09 -
[B]Kaspersky 7.0.0.125 2009.01.14 Virus.Win32.Parite.d
McAfee 5494 2009.01.13 W32/Pate.d
McAfee+Artemis 5494 2009.01.13 W32/Pate.d
Microsoft 1.4205 2009.01.14 Virus:Win32/Parite.D
NOD32 3763 2009.01.13 Win32/Parite.D
Norman 5.93.01 2009.01.13 W32/Spybot.BNKS
Panda 9.5.1.2 2009.01.13 Generic Malware[/B]
PCTools 4.4.2.0 2009.01.13 -
[B]Prevx1 V2 2009.01.14 Malicious Software
Rising 21.12.22.00 2009.01.14 Win32.Parite.d
SecureWeb-Gateway 6.7.6 2009.01.14 Win32.Parite
Sophos 4.37.0 2009.01.14 W32/Parite-A
Sunbelt 3.2.1831.2 2009.01.09 Backdoor.IRCBot
Symantec 10 2009.01.14 W32.Spybot.Worm[/B]
TheHacker 6.3.1.4.219 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.14 PE_PATE.D
VBA32 3.12.8.10 2009.01.13 Win32.Parite.D[/B]
ViRobot 2009.1.14.1558 2009.01.14 -
VirusBuster 4.5.11.0 2009.01.13 -[/QUOTE]
15.01.2009, 07:25
ZhIV

File autorun.exe received on 01.15.2009 04:56:27 (CET)
[QUOTE]Antivirus Version Last Update Result
[B]a-squared 4.0.0.73 2009.01.15 Trojan-PWS.Legmir!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.14 -
[B]AntiVir 7.9.0.54 2009.01.14 CC/UKMalw.LB
Authentium 5.1.0.4 2009.01.14 W32/Trojan.BWKV[/B]
Avast 4.8.1281.0 2009.01.14 -
[B]AVG 8.0.0.229 2009.01.14 Generic12.PHK[/B]
BitDefender 7.2 2009.01.15 -
CAT-QuickHeal 10.00 2009.01.15 -
[B]ClamAV 0.94.1 2009.01.15 Trojan.Agent-17889
Comodo 931 2009.01.14 TrojWare.Win32.PWS.Agent.AAA[/B]
DrWeb 4.44.0.09170 2009.01.15 -
[B]eSafe 7.0.17.0 2009.01.14 Win32.Backdoor.EggDr
[/B]eTrust-Vet 31.6.6308 2009.01.15 -
[B]F-Prot 4.4.4.56 2009.01.14 W32/Trojan.BWKV[/B]
F-Secure 8.0.14470.0 2009.01.15 -
[B]Fortinet 3.117.0.0 2009.01.15 Generic.A!tr[/B]
GData 19 2009.01.15 -
[B]Ikarus T3.1.1.45.0 2009.01.15 Trojan-PWS.Legmir
K7AntiVirus 7.10.584 2009.01.09 Trojan-Spy.Win32.BZub.Family
[/B]Kaspersky 7.0.0.125 2009.01.15 -
[B]McAfee 5495 2009.01.14 Generic Packed
McAfee+Artemis 5495 2009.01.14 Generic Packed[/B]
Microsoft 1.4205 2009.01.15 -
NOD32 3767 2009.01.15 -
[B]Norman 5.93.01 2009.01.13 W32/Malware.dam[/B]
Panda 9.5.1.2 2009.01.14 -
[B]PCTools 4.4.2.0 2009.01.14 Trojan.Agent.EAPN
Prevx1 V2 2009.01.15 System Back Door[/B]
Rising 21.12.30.00 2009.01.15 -
[B]SecureWeb-Gateway 6.7.6 2009.01.15 Virus.UKMalw.LB[/B]
Sophos 4.37.0 2009.01.15 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Trojan-PWS.LegMir
Symantec 10 2009.01.15 Backdoor.EggDrop
TheHacker 6.3.1.4.220 2009.01.14 Trojan/Legmir.gen
TrendMicro 8.700.0.1004 2009.01.14 TROJ_LEGMIR.AL
VBA32 3.12.8.10 2009.01.14 Trojan.PWS.Legmir
ViRobot 2009.1.14.1559 2009.01.14 Trojan.Win32.PSWLmir.61440.C
VirusBuster 4.5.11.0 2009.01.14 Trojan.Agent.EAPN[/B][/QUOTE]

Additional information
File size: 61440 bytes
MD5...: 9a667611eb788402ccadd829e29a4184
SHA1..: 1b28150e07c4da97c7f343f63acf8a468a5f3733
SHA256: 4849c6b6f0575b511cbdda7ae3cbb6d88520b7093db32d52791c022d2526aa32
SHA512: 6efc167db4174c8cb31041b4c6dbf07edd7691e1b4855748c824d9e566633daa c1d5c8ba06f9ea2373f9c6711aff67eeadf6056094b99e8bf577a23d35ed8fb3 
ssdeep: 768:nsj44SFkaaLPP+GizfclAzfvy1NQ/zY09OiJos/yQ:U44xeGYnzfvy1NQGio s7 
PEiD..: Armadillo v1.71
15.01.2009, 16:26
Hanson

Файл autorun.inf
[QUOTE]Файл avz00001.dta получен 2009.01.15 12:06:46 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 19/39 (48.72%)
Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Trojan.Autorun.TE!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
AntiVir 7.9.0.54 2009.01.15 -
Authentium 5.1.0.4 2009.01.14 -
[B]Avast 4.8.1281.0 2009.01.14 BV:AutoRun-G
AVG 8.0.0.229 2009.01.15 Worm/AutoRun.BR
BitDefender 7.2 2009.01.15 Trojan.Autorun.TE[/B]
CAT-QuickHeal 10.00 2009.01.15 -
[B]ClamAV 0.94.1 2009.01.15 BAT.Autorun-8[/B]
Comodo 932 2009.01.15 -
[B][COLOR="Red"]DrWeb 4.44.0.09170 2009.01.15 -[/COLOR][/B]
eSafe 7.0.17.0 2009.01.14 -
[B]eTrust-Vet 31.6.6309 2009.01.15 INF/Hamweq[/B]
F-Prot 4.4.4.56 2009.01.14 -
[B]F-Secure 8.0.14470.0 2009.01.15 BAT/AutoRun.AE[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Trojan.Autorun.TE
Ikarus T3.1.1.45.0 2009.01.15 Trojan.Autorun.TE[/B]
K7AntiVirus 7.10.584 2009.01.09 -
[B][COLOR="Red"]Kaspersky 7.0.0.125 2009.01.15 -[/COLOR][/B]
[B]McAfee 5495 2009.01.14 Generic!atr
McAfee+Artemis 5495 2009.01.14 Generic!atr
Microsoft 1.4205 2009.01.15 Worm:Win32/Hamweq!inf[/B]
[COLOR="Red"][B]NOD32[/B] 3768 2009.01.15 -[/COLOR]
[B]Norman 5.93.01 2009.01.13 BAT/AutoRun.AE
nProtect 2009.1.8.0 2009.01.15 Trojan.Autorun.TE[/B]
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.14 -
Prevx1 V2 2009.01.15 -
Rising 21.12.32.00 2009.01.15 -
[COLOR="Red"][B]SecureWeb-Gateway 6.7.6 2009.01.15 -[/B][/COLOR]
[B]Sophos 4.37.0 2009.01.15 W32/HostInf-A[/B]
Sunbelt 3.2.1831.2 2009.01.09 -
[COLOR="Red"][B]Symantec[/B] 10 2009.01.15 -[/COLOR]
[B]TheHacker 6.3.1.4.220 2009.01.14 Trojan/Small.autorun
TrendMicro 8.700.0.1004 2009.01.15 Mal_Otorun1[/B]
VBA32 3.12.8.10 2009.01.14 -
[B]ViRobot 2009.1.15.1560 2009.01.15 INF.Autorun.274.K[/B]
[B]VirusBuster 4.5.11.0 2009.01.14 INF.Autorun.Gen[/B][/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 9 минут[/I][/B][/color][/size]

Файл twex_exe получен 2009.01.15 14:17:59 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 19/39 (48.72%)
[QUOTE]
Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.15 -
[B]AhnLab-V3 2009.1.15.0 2009.01.15 Win32/IRCBot.worm.variant[/B]
AntiVir 7.9.0.54 2009.01.15 -
Authentium 5.1.0.4 2009.01.14 -
[B]Avast 4.8.1281.0 2009.01.14 Win32:Zbot-AVH
AVG 8.0.0.229 2009.01.15 Generic12.WWQ
BitDefender 7.2 2009.01.15 Backdoor.Bot.68054[/B]
CAT-QuickHeal 10.00 2009.01.15 -
[B]ClamAV 0.94.1 2009.01.15 Trojan.Zbot-2903[/B]
Comodo 932 2009.01.15 -
[B]DrWeb 4.44.0.09170 2009.01.15 Trojan.PWS.Panda.31[/B]
eSafe 7.0.17.0 2009.01.15 -
[B]eTrust-Vet 31.6.6309 2009.01.15 Win32/VMalum.EKDU[/B]
F-Prot 4.4.4.56 2009.01.14 -
F-Secure 8.0.14470.0 2009.01.15 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Backdoor.Bot.68054[/B]
Ikarus T3.1.1.45.0 2009.01.15 -
[B]K7AntiVirus 7.10.584 2009.01.09 Trojan-Spy.Win32.Zbot.hme[/B]
Kaspersky 7.0.0.125 2009.01.15 -
McAfee 5495 2009.01.14 -
McAfee+Artemis 5495 2009.01.14 -
[B]Microsoft 1.4205 2009.01.15 TrojanSpy:Win32/Zbot.gen!C
NOD32 3768 2009.01.15 a variant of Win32/Kryptik.DB
Norman 5.93.01 2009.01.13 W32/Malware.EQSW
nProtect 2009.1.8.0 2009.01.15 Trojan-Spy/W32.ZBot.148480[/B]
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.15 -
Prevx1 V2 2009.01.15 -
[B]Rising 21.12.32.00 2009.01.15 Trojan.Spy.Win32.Zbot.fak[/B]
SecureWeb-Gateway 6.7.6 2009.01.15 -
[B]Sophos 4.37.0 2009.01.15 Mal/Zbot-H[/B]
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.15 Infostealer.Banker.C
TheHacker 6.3.1.4.220 2009.01.14 Trojan/Spy.Zbot.hme[/B]
TrendMicro 8.700.0.1004 2009.01.15 -
[B]VBA32 3.12.8.10 2009.01.14 Trojan-Spy.Win32.Zbot.hme[/B]
ViRobot 2009.1.15.1560 2009.01.15 -
[B]VirusBuster 4.5.11.0 2009.01.14 TrojanSpy.ZBot.Gen!Pac.6[/B][/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 1 минуту[/I][/B][/color][/size]

Файл pe044_sys получен 2009.01.15 14:15:44 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 12/39 (30.77%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Virus.Win32.Agent.VGV!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
AntiVir 7.9.0.54 2009.01.15 -
Authentium 5.1.0.4 2009.01.14 -
[B]Avast 4.8.1281.0 2009.01.14 Win32:Agent-VGV
AVG 8.0.0.229 2009.01.15 BackDoor.Ntrootkit.AM
BitDefender 7.2 2009.01.15 Trojan.Dropper.SFO[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
Comodo 932 2009.01.15 -
DrWeb 4.44.0.09170 2009.01.15 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.14 -
[B]F-Secure 8.0.14470.0 2009.01.15 Trojan-Dropper.Win32.Agent.stj[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Trojan.Dropper.SFO
Ikarus T3.1.1.45.0 2009.01.15 Virus.Win32.Agent.VGV[/B]
K7AntiVirus 7.10.584 2009.01.09 -
[B]Kaspersky 7.0.0.125 2009.01.15 Trojan-Dropper.Win32.Agent.stj[/B]
McAfee 5495 2009.01.14 -
McAfee+Artemis 5495 2009.01.14 -
Microsoft 1.4205 2009.01.15 -
NOD32 3768 2009.01.15 -
Norman 5.93.01 2009.01.13 -
[B]nProtect 2009.1.8.0 2009.01.15 Trojan.Dropper.SFO[/B]
Panda 9.5.1.2 2009.01.14 -
PCTools 4.4.2.0 2009.01.15 -
Prevx1 V2 2009.01.15 -
[B]Rising 21.12.32.00 2009.01.15 Dropper.Win32.Cutwail.t[/B]
SecureWeb-Gateway 6.7.6 2009.01.15 -
Sophos 4.37.0 2009.01.15 -
Sunbelt 3.2.1831.2 2009.01.09 -
[B]Symantec 10 2009.01.15 Trojan.Pandex[/B]
TheHacker 6.3.1.4.220 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.15 TROJ_DROPPER.AXR[/B]
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.14 -[/QUOTE]
15.01.2009, 22:12
senyak

Файл A0010364.exe получен 2009.01.15 19:57:03 (CET)
Текущий статус: закончено
Результат: 18/38 (47.37%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Virus.Win32.Trojan!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
[B]AntiVir 7.9.0.54 2009.01.15 Worm/SdBot.IW[/B]
Authentium 5.1.0.4 2009.01.15 -
[B]Avast 4.8.1281.0 2009.01.15 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.229 2009.01.15 -
[B]BitDefender 7.2 2009.01.15 Backdoor.Bot.8454[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
Comodo 932 2009.01.15 -
DrWeb 4.44.0.09170 2009.01.15 -
[B]eSafe 7.0.17.0 2009.01.15 SuspiciousR-Mytob3[/B]
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.15 -
F-Secure 8.0.14470.0 2009.01.15 -
[B]Fortinet 3.117.0.0 2009.01.15 PossibleThreat
GData 19 2009.01.15 Backdoor.Bot.8454
Ikarus T3.1.1.45.0 2009.01.15 Virus.Win32.Trojan[/B]
[B]K7AntiVirus 7.10.584 2009.01.09 Backdoor.Win32.SdBot.AEGC[/B]
Kaspersky 7.0.0.125 2009.01.15 -
[B]McAfee 5496 2009.01.15 Generic.eb[/B]
[B]McAfee+Artemis 5496 2009.01.15 Generic!Artemis[/B]
Microsoft 1.4205 2009.01.15 -
NOD32 3769 2009.01.15 -
Norman 5.93.01 2009.01.15 -
nProtect 2009.1.8.0 2009.01.15 -
[B]Panda 9.5.1.2 2009.01.14 W32/Gaobot.OXI.worm[/B]
PCTools 4.4.2.0 2009.01.15 -
[B]Prevx1 V2 2009.01.15 System Back Door
Rising 21.12.32.00 2009.01.15 Backdoor.SdBot.syt
SecureWeb-Gateway 6.7.6 2009.01.15 Worm.SdBot.IW[/B]
Sophos 4.37.0 2009.01.15 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Backdoor.SDBot
Symantec 10 2009.01.15 W32.IRCBot[/B]
TheHacker 6.3.1.4.220 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.15 BKDR_SDBOT.EMK[/B]
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.15 -
[/QUOTE]File size: 3081895 bytes
MD5...: 72a571e7fc21d88228d44fdc59dc5c6d
SHA1..: c30951ece7962e9791bb5860981d71065a8a7051
SHA256: 9b3b3d7eccfc1207889a2923270f570d53d38236ac261139ea6bc87b30c11b53
SHA512: 057d006d4a61f46d397f45271b1dedc073e0763bbb2d78d33bdfb80fb31e8f66
eeb1d6fd8e0e10ab0cbe806f6f602196b5e8a1850dbabd0eb91291fabc429c1b
ssdeep: 49152:xZYrlj+PSaHxZPiefYmLeV9Ia0Uvpz0y43s7HC3dACmZfEPXbFqIpZ:e95
MLPiiYs2B0yI3UHC32CmJEDEI7
PEiD..: -

Файл imcast.exe получен 2009.01.15 20:07:37 (CET)
Текущий статус: закончено
Результат: 17/39 (43.59%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.15 Virus.Win32.Trojan!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.15 -
[B]AntiVir 7.9.0.54 2009.01.15 Worm/SdBot.IW[/B]
Authentium 5.1.0.4 2009.01.15 -
[B]Avast 4.8.1281.0 2009.01.15 Win32:Trojan-gen {Other}[/B]
AVG 8.0.0.229 2009.01.15 -
[B]BitDefender 7.2 2009.01.15 Backdoor.Bot.8454[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
[B]Comodo 932 2009.01.15 Unclassified Malware[/B]
DrWeb 4.44.0.09170 2009.01.15 -
[B]eSafe 7.0.17.0 2009.01.15 SuspiciousR-Mytob3[/B]
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.15 -
F-Secure 8.0.14470.0 2009.01.15 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.15 Backdoor.Bot.8454
Ikarus T3.1.1.45.0 2009.01.15 Virus.Win32.Trojan[/B]
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.15 -
McAfee 5496 2009.01.15 -
[B]McAfee+Artemis 5496 2009.01.15 Generic!Artemis[/B]
Microsoft 1.4205 2009.01.15 -
NOD32 3769 2009.01.15 -
[B]Norman 5.93.01 2009.01.15 W32/SDBot.AEGC
nProtect 2009.1.8.0 2009.01.15 Backdoor.Bot.8454
Panda 9.5.1.2 2009.01.14 W32/Gaobot.OXI.worm[/B]
PCTools 4.4.2.0 2009.01.15 -
[B]Prevx1 V2 2009.01.15 System Back Door
Rising 21.12.32.00 2009.01.15 Backdoor.SdBot.syt
SecureWeb-Gateway 6.7.6 2009.01.15 Worm.SdBot.IW[/B]
Sophos 4.37.0 2009.01.15 -
[B]Sunbelt 3.2.1831.2 2009.01.09 Backdoor.SDBot
Symantec 10 2009.01.15 W32.IRCbot[/B]
TheHacker 6.3.1.4.220 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.15 -
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.15 -[/QUOTE]
Дополнительная информация
File size: 2084864 bytes
MD5...: b43ddd1591bb03fdcaa6db6a4b5def3e
SHA1..: 021edd86872c4212f1774b8fa4132a441da70255
SHA256: 694b76a4d42b814107e990de7abc84771c69fa5142e0ffd5001aa3a5d3f2c89f
SHA512: 3f76391a4732cc372875f540ab1456782015e06a7c8e6b4d83f1f1de72b39754
96c9bc36f3127cd3e867ed0e3b64e4fe14cadb08f4181f8d62e5cc46a4b4378a
ssdeep: 24576:qUXiFqZWuBMdWHwbAcXx1XqYsZ63bl7fPcD9lehwhmbTsOsbK7vn4VNdjl
6QppDM:7sFu6pXx160I1CUNrbM0oNlCVGT
PEiD..: Armadillo v1.71
16.01.2009, 05:42
ISO

File autochk.dll received on 01.16.2009 03:29:33 (CET)
Result: 10/39 (25.65%)

[CODE]
Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.16 -
AhnLab-V3 2009.1.15.0 2009.01.15 -
[B]AntiVir 7.9.0.55 2009.01.15 TR/Spy.Gen[/B]
Authentium 5.1.0.4 2009.01.15 -
[B]Avast 4.8.1281.0 2009.01.15 Win32:Spyware-gen[/B]
AVG 8.0.0.229 2009.01.15 -
[B]BitDefender 7.2 2009.01.16 Trojan.Generic.1275934[/B]
CAT-QuickHeal 10.00 2009.01.15 -
ClamAV 0.94.1 2009.01.15 -
Comodo 932 2009.01.15 -
DrWeb 4.44.0.09170 2009.01.15 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6309 2009.01.15 -
F-Prot 4.4.4.56 2009.01.15 -
F-Secure 8.0.14470.0 2009.01.16 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.16 Trojan.Generic.1275934[/B]
Ikarus T3.1.1.45.0 2009.01.16 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.16 -
McAfee 5496 2009.01.15 -
McAfee+Artemis 5496 2009.01.15 -
Microsoft 1.4205 2009.01.16 -
NOD32 3769 2009.01.15 -
[B]Norman 5.93.01 2009.01.15 W32/Malware.EVEF
nProtect 2009.1.8.0 2009.01.16 Trojan.Generic.1275934
Panda 9.5.1.2 2009.01.15 Generic Trojan[/B]
PCTools 4.4.2.0 2009.01.15 -
[B]Prevx1 V2 2009.01.16 Worm[/B]
Rising 21.12.32.00 2009.01.15 -
[B]SecureWeb-Gateway 6.7.6 2009.01.16 Trojan.Spy.Gen[/B]
Sophos 4.37.0 2009.01.16 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.16 -
TheHacker 6.3.1.4.220 2009.01.14 -
[B]TrendMicro 8.700.0.1004 2009.01.15 TSPY_AGENT.ZZR[/B]
VBA32 3.12.8.10 2009.01.14 -
ViRobot 2009.1.15.1560 2009.01.15 -
VirusBuster 4.5.11.0 2009.01.15 -
[/CODE]
Additional information
File size: 16384 bytes
MD5...: 864b2ab9501c5be2a824d5863e139ed8
SHA1..: 0ddcac074bc254b97ab0dbbf0bdef1bd799b128c
SHA256: 8e8258a7249614ac9838df5ceadde908463eda2ce22278b8b6a2b6b0c85bef22
SHA512: 75b8ffe8172aa29a664ec1bf0b309132f4254541d9c4d2a1c548ce8ae462784b
892a2279ea6e973d102c49501b51e17a732a8799d650bdb1667270f93116cbfa
ssdeep: 384:8hqiM6cZM19GxfyT/UiSc7XSLdpZKvBpZVB5Y+T:uNKIUiSPLdXcBDVB
16.01.2009, 18:06
senyak

Файл smspodmenka.jar получен 2009.01.16 16:01:13 (CET)
Текущий статус: закончено
Результат: 10/39 (25.65%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.16 Trojan-SMS.J2ME.Swapi!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.16 -
AntiVir 7.9.0.55 2009.01.16 -
Authentium 5.1.0.4 2009.01.16 -
[B]Avast 4.8.1281.0 2009.01.16 Other:Malware-gen[/B]
AVG 8.0.0.229 2009.01.16 -
BitDefender 7.2 2009.01.16 -
CAT-QuickHeal 10.00 2009.01.16 -
ClamAV 0.94.1 2009.01.16 -
[B]Comodo 933 2009.01.16 TrojWare.J2ME.SMS.Swapi.c
DrWeb 4.44.0.09170 2009.01.16 Java.SMSSend.1[/B]
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6311 2009.01.16 -
F-Prot 4.4.4.56 2009.01.15 -
[B]F-Secure 8.0.14470.0 2009.01.16 Trojan-SMS.J2ME.Swapi.c[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.16 Other:Malware-gen
Ikarus T3.1.1.45.0 2009.01.16 Trojan-SMS.J2ME.Swapi[/B]
K7AntiVirus 7.10.593 2009.01.16 -
[B]Kaspersky 7.0.0.125 2009.01.16 Trojan-SMS.J2ME.Swapi.c[/B]
McAfee 5496 2009.01.15 -
McAfee+Artemis 5496 2009.01.15 -
[B]Microsoft 1.4205 2009.01.16 Trojan:Java/Swapi.C[/B]
NOD32 3771 2009.01.16 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.15 -
PCTools 4.4.2.0 2009.01.16 -
[B]Prevx1 V2 2009.01.16 Cloaked Malware[/B]
Rising 21.12.42.00 2009.01.16 -
SecureWeb-Gateway 6.7.6 2009.01.16 -
Sophos 4.37.0 2009.01.16 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.16 -
TheHacker 6.3.1.4.220 2009.01.14 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.16 -
ViRobot 2009.1.16.1562 2009.01.16 -
VirusBuster 4.5.11.0 2009.01.15 -[/QUOTE]
Дополнительная информация
File size: 4293 bytes
MD5...: 8c04cde53fbf4c00ed53c0ad3fd0d3e7
SHA1..: 8a802bb7b53c2e5353c5ec490ab963c423b85e97
SHA256: 7391c65fa3d89fa33f75933b6f4790982a2340719ca35a5f86cfd56b33555b93
SHA512: aafdfadad9e826c723f911760f5ae8bf661b24bcc11d455d55c224a84b86daab
9b0a44745f9a0ddf81b8088e2761158d9eca27f72abb629f058f4991c500b89e
ssdeep: 96:gcFXq9sIgtFSf9rph6w2TXX4qbvtmH+0vv/hXUhSi1YJ:gcFXEskH2TYAvIXn
/hINO
PEiD..: -
18.01.2009, 16:04
kvit

Еще один Trojan-SMS.J2ME.Swapi.c
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.18 -
AhnLab-V3 2009.1.15.0 2009.01.17 -
AntiVir 7.9.0.57 2009.01.17 -
Authentium 5.1.0.4 2009.01.17 -
[B]Avast 4.8.1281.0 2009.01.16 Other:Malware-gen[/B]
AVG 8.0.0.229 2009.01.17 -
BitDefender 7.2 2009.01.18 -
CAT-QuickHeal 10.00 2009.01.17 -
ClamAV 0.94.1 2009.01.18 -
Comodo 935 2009.01.18 -
DrWeb 4.44.0.09170 2009.01.18 -
eSafe 7.0.17.0 2009.01.15 -
eTrust-Vet 31.6.6312 2009.01.17 -
F-Prot 4.4.4.56 2009.01.17 -
[B]F-Secure 8.0.14470.0 2009.01.18 Trojan-SMS.J2ME.Swapi.c[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.18 Other:Malware-gen[/B]
Ikarus T3.1.1.45.0 2009.01.18 -
K7AntiVirus 7.10.594 2009.01.17 -
[B]Kaspersky 7.0.0.125 2009.01.18 Trojan-SMS.J2ME.Swapi.c[/B]
McAfee 5498 2009.01.17 -
McAfee+Artemis 5498 2009.01.17 -
[B]Microsoft 1.4205 2009.01.18 Trojan:Java/Swapi.C[/B]
NOD32 3774 2009.01.17 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.18 -
PCTools 4.4.2.0 2009.01.18 -
Prevx1 V2 2009.01.18 -
Rising 21.12.62.00 2009.01.18 -
SecureWeb-Gateway 6.7.6 2009.01.17 -
Sophos 4.37.0 2009.01.18 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.18 -
TheHacker 6.3.1.5.222 2009.01.17 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.17 -
ViRobot 2009.1.17.1563 2009.01.17 -
VirusBuster 4.5.11.0 2009.01.17 -[/CODE]

[B]Дополнительная информация[/B]
File size: 270636 bytes
MD5...: 92155ab7dffbdbb37a2169d5636d1bb9
SHA1..: da0552b3bdd38e6387d1b5d683a1575accfb51f7
SHA256: 7d3045aa6ad2cf61c62be16f77e2b4f0a94d0540788f3a2e9153bda802323b13
SHA512: 48b1a85bdc78cd0d8c3510293b0f7d9c566468b2e32d1bc59b0625136bbcefcb
0aed2771a7cd51c3a545bad1211b180a00fd9278e0c07c8f36888edab34a59d5
ssdeep: 6144:QTNF0BUjiQAIqDSwI6vI3/IRKyXWXDLeNLU29JCZEvVBuNN4y7WLbUz1:Qx
F0BUjVAIqDSP6K/E2DKNAJEvKNN4y1
PEiD..: -
TrID..: File type identification
ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: -
packers (Kaspersky): PE_Patch

Показывать 40 сообщений этой темы на одной странице