-
File [B]sieft.jar[/B] received on 01.18.2009 17:25:24 (CET)
Result: 4/39 (10.26%)
[CODE]
Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.18 -
AhnLab-V3 2009.1.15.0 2009.01.17 -
AntiVir 7.9.0.57 2009.01.18 -
Authentium 5.1.0.4 2009.01.17 -
Avast 4.8.1281.0 2009.01.16 -
AVG 8.0.0.229 2009.01.18 -
BitDefender 7.2 2009.01.18 -
CAT-QuickHeal 10.00 2009.01.17 -
ClamAV 0.94.1 2009.01.18 -
Comodo 935 2009.01.18 -
[B]DrWeb 4.44.0.09170 2009.01.18 Java.SMSSend.16[/B]
eSafe 7.0.17.0 2009.01.18 -
eTrust-Vet 31.6.6312 2009.01.17 -
F-Prot 4.4.4.56 2009.01.17 -
[B]F-Secure 8.0.14470.0 2009.01.18 Trojan-SMS.J2ME.Swapi.e[/B]
Fortinet 3.117.0.0 2009.01.15 -
GData 19 2009.01.18 -
Ikarus T3.1.1.45.0 2009.01.18 -
K7AntiVirus 7.10.594 2009.01.17 -
[B]Kaspersky 7.0.0.125 2009.01.18 Trojan-SMS.J2ME.Swapi.e[/B]
McAfee 5499 2009.01.18 -
McAfee+Artemis 5499 2009.01.18 -
[B]Microsoft 1.4205 2009.01.18 Trojan:Java/Swapi.D[/B]
NOD32 3774 2009.01.17 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.18 -
PCTools 4.4.2.0 2009.01.18 -
Prevx1 V2 2009.01.18 -
Rising 21.12.62.00 2009.01.18 -
SecureWeb-Gateway 6.7.6 2009.01.18 -
Sophos 4.37.0 2009.01.18 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.18 -
TheHacker 6.3.1.5.222 2009.01.17 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.18 -
ViRobot 2009.1.17.1563 2009.01.17 -
VirusBuster 4.5.11.0 2009.01.18 -
[/CODE]
Additional information
File size: 7344 bytes
MD5...: fb0b4fbc04537f62e9db46798b5812b5
SHA1..: b592881a2aa87954a609440cc66c7a459231abfb
SHA256: 88b12b0f7609f2aa10a1196ad98d54fb394fa7b5a86d2bc122b746a7ac7da2a4
SHA512: c50fc2ab50edb4b99e695b17220443569f2a2934b94a425eaf38c03b4f2b2daf
2690e824040a98510baa0c53adffee208492450134f61f50aafadc017d942d2a
ssdeep: 192:/n15HNaf6Kbz/jCU1JHaIWbTWcMv5c+BPiGlXSsArz:/n1yf6Qz/jCULHaIK
TzYKQ3LQ
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
File [B]icq_2oo9.jar[/B] received on 01.18.2009 17:19:41 (CET)
Result: 9/39 (23.08%)
[CODE]
Antivirus Version Last Update Result
[B]a-squared 4.0.0.73 2009.01.18 Trojan-SMS.J2ME.Swapi!IK[/B]
AhnLab-V3 2009.1.15.0 2009.01.17 -
AntiVir 7.9.0.57 2009.01.18 -
Authentium 5.1.0.4 2009.01.17 -
[B]Avast 4.8.1281.0 2009.01.16 Other:Malware-gen[/B]
AVG 8.0.0.229 2009.01.18 -
BitDefender 7.2 2009.01.18 -
CAT-QuickHeal 10.00 2009.01.17 -
ClamAV 0.94.1 2009.01.18 -
[B]Comodo 935 2009.01.18 TrojWare.J2ME.SMS.Swapi.c
DrWeb 4.44.0.09170 2009.01.18 Java.SMSSend.1
eSafe 7.0.17.0 2009.01.18 Suspicious File[/B]
eTrust-Vet 31.6.6312 2009.01.17 -
F-Prot 4.4.4.56 2009.01.17 -
[B]F-Secure 8.0.14470.0 2009.01.18 Trojan-SMS.J2ME.Swapi.c[/B]
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.18 Other:Malware-gen
Ikarus T3.1.1.45.0 2009.01.18 Trojan-SMS.J2ME.Swapi[/B]
K7AntiVirus 7.10.594 2009.01.17 -
Kaspersky 7.0.0.125 2009.01.18 -
McAfee 5499 2009.01.18 -
McAfee+Artemis 5499 2009.01.18 -
Microsoft None 2009.01.18 -
NOD32 3774 2009.01.17 -
Norman 5.93.01 2009.01.16 -
nProtect 2009.1.8.0 2009.01.16 -
Panda 9.5.1.2 2009.01.18 -
PCTools 4.4.2.0 2009.01.18 -
[B]Prevx1 V2 2009.01.18 Cloaked Malware[/B]
Rising 21.12.62.00 2009.01.18 -
SecureWeb-Gateway 6.7.6 2009.01.18 -
Sophos 4.37.0 2009.01.18 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.18 -
TheHacker 6.3.1.5.222 2009.01.17 -
TrendMicro 8.700.0.1004 2009.01.16 -
VBA32 3.12.8.10 2009.01.18 -
ViRobot 2009.1.17.1563 2009.01.17 -
VirusBuster 4.5.11.0 2009.01.18 -
[/CODE]
Additional information
File size: 399289 bytes
MD5...: 02d11fb4aeeeb3af16fe0e6df959dc5d
SHA1..: b5db56bd7c5f0f80d58df7a5a8396c84666ba656
SHA256: 6546fcb34c4b82fb3d0c3417ea6a8bde4c97c4ec536410e950914dd91e4b5433
SHA512: a54785e8f65986cf24464706dccba4030a0abce0884eb0290d8f8ef37e63b77f
0a18eb94ec9037b70ca14b03ade4ecec6e04d7efe56270a24c31dbf1d7323869
ssdeep: 12288:QxF0BUjVAIqDSP6K/E2DKNAJEvKNN4yWfUzoCgICAOKWKH8OA:83jVAItC
Kc2DVqvKDWBICzKWKHo
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
-
Файл twext.exe получен 2009.01.19 14:06:45 (CET)
Текущий статус:
Результат: 10/39 (25.65%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.19 -
[B]AhnLab-V3 2009.1.15.0 2009.01.19 Win-Trojan/Zbot.60416[/B]
AntiVir 7.9.0.57 2009.01.19 -
Authentium 5.1.0.4 2009.01.18 -
[B]Avast 4.8.1281.0 2009.01.18 Win32:Zbot-AXP
AVG 8.0.0.229 2009.01.19 Win32/Cryptor
BitDefender 7.2 2009.01.19 MemScan:Trojan.Spy.ZBot.MK[/B]
CAT-QuickHeal 10.00 2009.01.19 -
ClamAV 0.94.1 2009.01.19 -
Comodo 937 2009.01.19 -
DrWeb 4.44.0.09170 2009.01.19 -
eSafe 7.0.17.0 2009.01.19 -
eTrust-Vet 31.6.6315 2009.01.19 -
F-Prot 4.4.4.56 2009.01.18 -
F-Secure 8.0.14470.0 2009.01.19 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.19 MemScan:Trojan.Spy.ZBot.MK[/B]
Ikarus T3.1.1.45.0 2009.01.19 -
K7AntiVirus 7.10.594 2009.01.17 -
Kaspersky 7.0.0.125 2009.01.19 -
McAfee 5499 2009.01.18 -
McAfee+Artemis 5499 2009.01.18 -
[B]Microsoft 1.4205 2009.01.19 Trojan:Win32/Zbot.BX
NOD32 3777 2009.01.19 a variant of Win32/Kryptik.FH[/B]
Norman 5.93.01 2009.01.16 -
[B]nProtect 2009.1.8.0 2009.01.19 Trojan.Spy.ZBot.PE[/B]
Panda 9.5.1.2 2009.01.19 -
PCTools 4.4.2.0 2009.01.19 -
Prevx1 V2 2009.01.19 -
Rising 21.13.02.00 2009.01.19 -
SecureWeb-Gateway 6.7.6 2009.01.19 -
Sophos 4.37.0 2009.01.19 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.19 -
TheHacker 6.3.1.5.223 2009.01.18 -
[B]TrendMicro 8.700.0.1004 2009.01.19 TSPY_ZBOT.CAR[/B]
VBA32 3.12.8.10 2009.01.18 -
ViRobot 2009.1.19.1565 2009.01.19 -
[B]VirusBuster 4.5.11.0 2009.01.18 TrojanSpy.ZBot.Gen!Pac.7[/B][/QUOTE]
-
Файл dwr получен 2009.01.20 08:10:59 (CET)
Текущий статус: закончено
Результат: 9/39 (23.08%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.20 -
AhnLab-V3 2009.1.20.1 2009.01.20 -
[B]AntiVir 7.9.0.57 2009.01.19 EXP/Pidief.IM.1[/B]
Authentium 5.1.0.4 2009.01.19 -
[B]Avast 4.8.1281.0 2009.01.19 JS:Pdfka-AD[/B]
AVG 8.0.0.229 2009.01.20 -
[B]BitDefender 7.2 2009.01.20 Exploit.PDF-JS.Gen.C03[/B]
CAT-QuickHeal 10.00 2009.01.20 -
ClamAV 0.94.1 2009.01.19 -
Comodo 937 2009.01.19 -
[B]DrWeb 4.44.0.09170 2009.01.20 Exploit.PDF.55[/B]
eSafe 7.0.17.0 2009.01.19 -
eTrust-Vet 31.6.6315 2009.01.19 -
F-Prot 4.4.4.56 2009.01.19 -
F-Secure 8.0.14470.0 2009.01.20 -
Fortinet 3.117.0.0 2009.01.15 -
[B]GData 19 2009.01.20 JS:Pdfka-AD [/B]
Ikarus T3.1.1.45.0 2009.01.20 -
K7AntiVirus 7.10.595 2009.01.19 -
Kaspersky 7.0.0.125 2009.01.20 -
McAfee 5500 2009.01.19 -
McAfee+Artemis 5500 2009.01.19 -
[B]Microsoft 1.4205 2009.01.20 Exploit:JS/Mult.BC[/B]
NOD32 3779 2009.01.19 -
Norman 5.93.01 2009.01.19 -
[B]nProtect 2009.1.8.0 2009.01.20 Exploit.PDF-JS.Gen.C03[/B]
Panda 9.5.1.2 2009.01.19 -
PCTools 4.4.2.0 2009.01.19 -
Prevx1 V2 2009.01.20 -
Rising 21.13.11.00 2009.01.20 -
[B]SecureWeb-Gateway 6.7.6 2009.01.19 Exploit.Pidief.IM.1[/B]
Sophos 4.37.0 2009.01.20 -
Sunbelt 3.2.1835.2 2009.01.16 -
[B]Symantec 10 2009.01.20 Bloodhound.Exploit.196[/B]
TheHacker 6.3.1.5.224 2009.01.20 -
TrendMicro 8.700.0.1004 2009.01.20 -
VBA32 3.12.8.10 2009.01.19 -
ViRobot 2009.1.20.1567 2009.01.20 -
VirusBuster 4.5.11.0 2009.01.19 -[/QUOTE]
Дополнительная информация
File size: 3531 bytes
MD5...: d4f84d9711c10c0ac8f995fbe4586f1c
SHA1..: a37d910fbc6a89300ed417e5f7ad4c93a61e67f4
SHA256: 8b679f236ece2e417a9923355eaf072d55211dea2cd3e2d7b91e8a40a84f6f2c
SHA512: a87bc4131b376dd79bef14e0a3c8ecb08e0dcf2f91e6ab9032f6f5276251f1da
dcb88eef49e2b713040ccd7bb9ec248b1c52e02de2c8029bd4d69d77707535aa
ssdeep: 96:rDg51rRORkqkrYyrKeH6yDQ18lORWC4CQX69XPz9V1YmOjrt1cKOUNrcGvhLM
iKh:f+1rROqqkrYkKeH6yDQm0QCNLiHrt/C
PEiD..: -
-
Файл mycentrialinstall_exe получен 2009.01.20 09:03:23 (CET)
Текущий статус:
Результат: 2/38 (5.27%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.20 -
AhnLab-V3 5.0.0.2 2009.01.20 -
AntiVir 7.9.0.57 2009.01.19 -
Authentium 5.1.0.4 2009.01.19 -
Avast 4.8.1281.0 2009.01.19 -
AVG 8.0.0.229 2009.01.20 -
BitDefender 7.2 2009.01.20 -
CAT-QuickHeal 10.00 2009.01.20 -
ClamAV 0.94.1 2009.01.19 -
Comodo 937 2009.01.19 -
[B]DrWeb 4.44.0.09170 2009.01.20 Trojan.Mycentria.22[/B]
eSafe 7.0.17.0 2009.01.19 -
eTrust-Vet 31.6.6315 2009.01.19 -
F-Prot 4.4.4.56 2009.01.19 -
F-Secure 8.0.14470.0 2009.01.20 -
Fortinet 3.117.0.0 2009.01.15 -
GData 19 2009.01.20 -
Ikarus T3.1.1.45.0 2009.01.20 -
K7AntiVirus 7.10.595 2009.01.19 -
Kaspersky 7.0.0.125 2009.01.20 -
McAfee 5500 2009.01.19 -
McAfee+Artemis 5500 2009.01.19 -
Microsoft 1.4205 2009.01.20 -
NOD32 3779 2009.01.19 -
Norman 5.93.01 2009.01.19 -
nProtect 2009.1.8.0 2009.01.20 -
Panda 9.5.1.2 2009.01.19 -
PCTools 4.4.2.0 2009.01.19 -
[B]Prevx1 V2 2009.01.20 Malicious Software[/B]
Rising 21.13.11.00 2009.01.20 -
SecureWeb-Gateway 6.7.6 2009.01.20 -
Sophos 4.37.0 2009.01.20 -
Sunbelt 3.2.1835.2 2009.01.16 -
TheHacker 6.3.1.5.224 2009.01.20 -
TrendMicro 8.700.0.1004 2009.01.20 -
VBA32 3.12.8.10 2009.01.19 -
ViRobot 2009.1.20.1567 2009.01.20 -
VirusBuster 4.5.11.0 2009.01.19 -[/QUOTE]
-
Пришло по Скайпу :blink:
Файл Appetite.exe получен 2009.01.20 13:05:32 (CET)
Текущий статус: закончено
Результат: 7/39 (17.95%)
Антивирус Версия Обновление Результат
[QUOTE]a-squared 4.0.0.73 2009.01.20 -
AhnLab-V3 5.0.0.2 2009.01.20 -
AntiVir 7.9.0.57 2009.01.20 -
Authentium 5.1.0.4 2009.01.19 -
Avast 4.8.1281.0 2009.01.20 -
[B]AVG 8.0.0.229 2009.01.20 VB.GCS[/B]
BitDefender 7.2 2009.01.20 -
CAT-QuickHeal 10.00 2009.01.20 -
ClamAV 0.94.1 2009.01.19 -
Comodo 939 2009.01.20 -
[B]DrWeb 4.44.0.09170 2009.01.20 Trojan.PWS.LDPinch.4182[/B]
eSafe 7.0.17.0 2009.01.19 -
eTrust-Vet 31.6.6317 2009.01.20 -
F-Prot 4.4.4.56 2009.01.19 -
F-Secure 8.0.14470.0 2009.01.20 -
Fortinet 3.117.0.0 2009.01.15 -
GData 19 2009.01.20 -
Ikarus T3.1.1.45.0 2009.01.20 -
K7AntiVirus 7.10.596 2009.01.20 -
Kaspersky 7.0.0.125 2009.01.20 -
McAfee 5500 2009.01.19 -
McAfee+Artemis 5500 2009.01.19 -
[B]Microsoft 1.4205 2009.01.20 VirTool:Win32/Vbinder.P
NOD32 3780 2009.01.20 a variant of Win32/Injector.GZ[/B]
Norman 5.93.01 2009.01.19 -
[B]nProtect 2009.1.8.0 2009.01.20 Backdoor/W32.Poison.44132[/B]
Panda 9.5.1.2 2009.01.19 -
PCTools 4.4.2.0 2009.01.20 -
[B]Prevx1 V2 2009.01.20 Malicious Software[/B]
Rising 21.13.11.00 2009.01.20 -
SecureWeb-Gateway 6.7.6 2009.01.20 -
Sophos 4.37.0 2009.01.20 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.20 -
TheHacker 6.3.1.5.224 2009.01.20 -
TrendMicro 8.700.0.1004 2009.01.20 -
VBA32 3.12.8.10 2009.01.19 -
[B]ViRobot 2009.1.20.1569 2009.01.20 Backdoor.Win32.Poison.85092[/B]
VirusBuster 4.5.11.0 2009.01.19 -[/QUOTE]
Дополнительная информация
File size: 94808 bytes
MD5...: 8db69261d86a6153088d5b8c90af781b
SHA1..: 66d37e63695aaa6c40357e92603ab0243d8dc566
SHA256: d69e5e385dd8df2ff1129d14646d490a0e53ae15dc0d061269ce7c981c8fe0bf
SHA512: 91bf5dfe55a593f9b56a4ef34e4ab6ab2fbf957d9028daa6f9eeca1eeb66c98f
69ba8ac2a95129c1a0829bfd253924399af97ab8656bd82635b24b786213fcc6
ssdeep: 1536:PYwF9WD05appBix2t3Gmb9p2bYABto8uvvZe8gMiibdqZKKRawplK:QwF96
L+5mhoivxx5Ik
PEiD..: -
-
Файл nppr.dll получен 2009.01.22 09:24:51 (CET)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.22 Backdoor.Win32.Bifrose!IK
AhnLab-V3 2009.1.22.2 2009.01.22 Win-Trojan/Mailfinder.17408
AntiVir 7.9.0.57 2009.01.22 TR/Vundo.Gen[/B]
Authentium 5.1.0.4 2009.01.22 -
Avast 4.8.1281.0 2009.01.21 -
[B]AVG 8.0.0.229 2009.01.22 Win32/Heur
BitDefender 7.2 2009.01.22 MemScan:Trojan.MailFinder.B[/B]
CAT-QuickHeal 10.00 2009.01.22 -
ClamAV 0.94.1 2009.01.22 -
Comodo 940 2009.01.21 -
DrWeb 4.44.0.09170 2009.01.22 -
[B]eSafe 7.0.17.0 2009.01.20 Win32.heur[/B]
eTrust-Vet 31.6.6321 2009.01.22 -
F-Prot 4.4.4.56 2009.01.21 -
F-Secure 8.0.14470.0 2009.01.22 -
Fortinet 3.117.0.0 2009.01.22 -
[B]GData 19 2009.01.22 MemScan:Trojan.MailFinder.B
Ikarus T3.1.1.45.0 2009.01.22 Backdoor.Win32.Bifrose
K7AntiVirus 7.10.599 2009.01.22 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.01.22 -
McAfee 5502 2009.01.21 -
[B]McAfee+Artemis 5502 2009.01.21 Generic!Artemis
Microsoft 1.4205 2009.01.22 PWS:Win32/Finsgra.A[/B]
NOD32 3787 2009.01.22 -
[B]Norman 5.93.01 2009.01.21 W32/Virtumonde.AKHD
nProtect 2009.1.8.0 2009.01.22 MemScan:Trojan.MailFinder.B[/B]
Panda 9.5.1.2 2009.01.21 -
PCTools 4.4.2.0 2009.01.21 -
[B]Prevx1 V2 2009.01.22 Worm[/B]
Rising 21.13.32.00 2009.01.22 -
[B]SecureWeb-Gateway 6.7.6 2009.01.22 Trojan.Vundo.Gen[/B]
Sophos 4.37.0 2009.01.22 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.22 -
TheHacker 6.3.1.5.225 2009.01.21 -
[B]TrendMicro 8.700.0.1004 2009.01.22 PAK_Generic.001[/B]
VBA32 3.12.8.10 2009.01.22 -
ViRobot 2009.1.22.1573 2009.01.22 -
VirusBuster 4.5.11.0 2009.01.21 -[/QUOTE]
Дополнительная информация
File size: 17408 bytes
MD5...: d88540b8d78ec22660b6372d26b6d81f
SHA1..: be18d8f8d8ff020e8c1c982b1f4b07271693dc8f
[I]nppr.dll - Trojan-Mailfinder.Win32.Agent.xu
Детектирование файлов будет добавлено в следующее обновление.[/I]
-
Файл autorun2.inf.tmp получен 2009.01.22 18:20:26 (CET)
Текущий статус: закончено
Результат: 23/39 (58.98%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.22 Worm.Win32.AutoRun!IK[/B]
AhnLab-V3 5.0.0.2 2009.01.22 -
[B]AntiVir 7.9.0.57 2009.01.22 TR/Spy.179[/B]
Authentium 5.1.0.4 2009.01.22 -
[B]Avast 4.8.1281.0 2009.01.22 VBS:Malware-gen
AVG 8.0.0.229 2009.01.22 Worm/Small.2.D[/B]
BitDefender 7.2 2009.01.22 -
CAT-QuickHeal 10.00 2009.01.22 -
ClamAV 0.94.1 2009.01.22 -
[B]Comodo 942 2009.01.22 Backdoor.Win32.Delf.AWS
DrWeb 4.44.0.09170 2009.01.22 Win32.HLLW.Autoruner[/B]
eSafe 7.0.17.0 2009.01.22 -
[B]eTrust-Vet 31.6.6321 2009.01.22 INF/Liphew[/B]
F-Prot 4.4.4.56 2009.01.21 -
[B]F-Secure 8.0.14470.0 2009.01.22 Worm.Win32.AutoRun.dms[/B]
Fortinet 3.117.0.0 2009.01.22 -
[B]GData 19 2009.01.22 VBS:Malware-gen
Ikarus T3.1.1.45.0 2009.01.22 Worm.Win32.AutoRun[/B]
K7AntiVirus 7.10.599 2009.01.22 -
[B]Kaspersky 7.0.0.125 2009.01.22 Worm.Win32.AutoRun.dms
McAfee 5502 2009.01.21 Generic!atr[/B]
[B]McAfee+Artemis 5502 2009.01.21 Generic!atr
Microsoft 1.4205 2009.01.22 Worm:Win32/Autorun!inf
NOD32 3790 2009.01.22 Win32/Delf.AWS[/B]
Norman 5.93.01 2009.01.22 Autorun.NY
nProtect 2009.1.8.0 2009.01.22 -
[B]Panda 9.5.1.2 2009.01.21 Bck/Hupigon.LEO[/B]
PCTools 4.4.2.0 2009.01.22 -
Prevx1 V2 2009.01.22 -
Rising 21.13.32.00 2009.01.22 -
[B]SecureWeb-Gateway 6.7.6 2009.01.22 Trojan.Spy.179
Sophos 4.37.0 2009.01.22 W32/SillyFDC-AV
Sunbelt 3.2.1835.2 2009.01.16 INF.Autorun (v)[/B]
Symantec 10 2009.01.22 -
TheHacker 6.3.1.5.225 2009.01.21 -
[B]TrendMicro 8.700.0.1004 2009.01.22 Mal_Otorun1
VBA32 3.12.8.11 2009.01.22 Trojan.Autorun.gen
ViRobot 2009.1.22.1574 2009.01.22 INF.Autorun.186.D[/B]
VirusBuster 4.5.11.0 2009.01.22 -[/QUOTE]
Дополнительная информация
File size: 186 bytes
MD5...: 388cdce38219e26795c8df2e4b9a8a4c
SHA1..: 0e72b83417eab223464533d1b749d4bd8a6caa13
SHA256: 29eecdb0b3889f3fd97795e770d38455e8af0ca84119dda8e009a123aa527d9b
SHA512: 8912302845a77e2d19d0306acdefa1bd55666004eb6240f1d47fceef2ebccf11
02fceaf5564de89499106ee03514e6c9ffb82805faaf54be0a9e5f304be0b5b7
ssdeep: 3:00nwLFQRMeLVSNdYRUNDVNdoYAFxFQRMeLVSNeNSFSpoYAFxFQRMeLVSN0QFQR
MA:jwLqRtsNdYRUDndFYqRtsN0S+YqRtsNA
PEiD..: -
TrID..: File type identification
Generic INI configuration (100.0%)
PEInfo: -
-
Файл wxilib.dll получен 2009.01.23 09:11:41 (CET)
Результат: 6/39 (15.39%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.23 Trojan-Ransom!IK[/B]
AhnLab-V3 5.0.0.2 2009.01.23 -
AntiVir 7.9.0.60 2009.01.22 -
Authentium 5.1.0.4 2009.01.22 -
Avast 4.8.1281.0 2009.01.22 -
[B]AVG 8.0.0.229 2009.01.22 Adload_r.GK[/B]
BitDefender 7.2 2009.01.23 -
CAT-QuickHeal 10.00 2009.01.23 -
ClamAV 0.94.1 2009.01.23 -
Comodo 942 2009.01.22 -
[B]DrWeb 4.44.0.09170 2009.01.23 Trojan.Blackmailer.origin[/B]
eSafe 7.0.17.0 2009.01.22 -
eTrust-Vet 31.6.6323 2009.01.23 -
[B]F-Prot 4.4.4.56 2009.01.22 W32/Hexzone.B.gen!Eldorado[/B]
F-Secure 8.0.14470.0 2009.01.23 -
Fortinet 3.117.0.0 2009.01.23 -
GData 19 2009.01.23 -
[B]Ikarus T3.1.1.45.0 2009.01.23 Trojan-Ransom[/B]
K7AntiVirus 7.10.601 2009.01.22 -
Kaspersky 7.0.0.125 2009.01.23 -
McAfee 5503 2009.01.22 -
McAfee+Artemis 5503 2009.01.22 -
Microsoft 1.4205 2009.01.23 -
NOD32 3791 2009.01.22 -
Norman 5.93.01 2009.01.22 -
nProtect 2009.1.8.0 2009.01.23 -
Panda 9.5.1.2 2009.01.22 -
PCTools 4.4.2.0 2009.01.22 -
[B]Prevx1 V2 2009.01.23 Fraudulent Security Program[/B]
Rising 21.13.41.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.23 -
Sophos 4.37.0 2009.01.23 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.23 -
TheHacker 6.3.1.5.226 2009.01.22 -
TrendMicro 8.700.0.1004 2009.01.23 -
VBA32 3.12.8.11 2009.01.22 -
ViRobot 2009.1.23.1576 2009.01.23 -
VirusBuster 4.5.11.0 2009.01.22 -[/QUOTE]
Дополнительная информация
File size: 323584 bytes
MD5...: 5fb85cc01066e45fd1e1dded6a4e8a4e
SHA1..: 5e2bc3102447e3db75b811d1830da7330223d164
SHA256: 9d13fef337a7570d3fcc356b2b2438934fc2e003eac63292c822c3953839c267
SHA512: 98894c6f53eefae13892408f743048496c5b869b31ca0f8cf6aff6d95a1f3f05
89f39e874944dab19173e3fa552cc143e4c48f3ca5117822b4133e3ebd064091
ssdeep: 6144:Esf4gitY5tecWw4cQuLmQbgvPx8eRCnJI9yt+QDMZ:Jck4cQuLYNRdkHgZ
PEiD..: -
TrID..: File type identification
DirectShow filter (77.7%)
Win32 Executable MS Visual C++ (generic) (14.5%)
Win32 Executable Generic (3.2%)
Win32 Dynamic Link Library (generic) (2.9%)
Generic Win/DOS Executable (0.7%)
-
Файл live.gif получен 2009.01.23 12:03:01 (CET)
Текущий статус: закончено
Результат: 7/39 (17.95%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.73 2009.01.23 Trojan.HTML.IFrame!IK[/B]
AhnLab-V3 5.0.0.2 2009.01.23 -
[B]AntiVir 7.9.0.60 2009.01.23 HTML/IFrame.AC[/B]
Authentium 5.1.0.4 2009.01.22 -
Avast 4.8.1281.0 2009.01.22 -
AVG 8.0.0.229 2009.01.23 -
BitDefender 7.2 2009.01.23 -
CAT-QuickHeal 10.00 2009.01.23 -
ClamAV 0.94.1 2009.01.23 -
[B]Comodo 943 2009.01.23 TrojWare.HTML.IFrame.ac[/B]
DrWeb 4.44.0.09170 2009.01.23 -
eSafe 7.0.17.0 2009.01.22 -
eTrust-Vet 31.6.6322 2009.01.23 -
F-Prot 4.4.4.56 2009.01.22 -
[B]F-Secure 8.0.14470.0 2009.01.23 Trojan.HTML.IFrame.ac[/B]
Fortinet 3.117.0.0 2009.01.23 -
GData 19 2009.01.23 -
[B]Ikarus T3.1.1.45.0 2009.01.23 Trojan.HTML.IFrame[/B]
K7AntiVirus 7.10.601 2009.01.22 -
[B]Kaspersky 7.0.0.125 2009.01.23 Trojan.HTML.IFrame.ac[/B]
McAfee 5503 2009.01.22 -
McAfee+Artemis 5503 2009.01.22 -
Microsoft 1.4205 2009.01.23 -
NOD32 3792 2009.01.23 -
Norman 5.93.01 2009.01.23 -
nProtect 2009.1.8.0 2009.01.23 -
Panda 9.5.1.2 2009.01.23 -
PCTools 4.4.2.0 2009.01.22 -
Prevx1 V2 2009.01.23 -
Rising 21.13.41.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.23 Script.IFrame.AC[/B]
Sophos 4.37.0 2009.01.23 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.23 -
TheHacker 6.3.1.5.226 2009.01.22 -
TrendMicro 8.700.0.1004 2009.01.23 -
VBA32 3.12.8.11 2009.01.22 -
ViRobot 2009.1.23.1576 2009.01.23 -
VirusBuster 4.5.11.0 2009.01.22 -[/QUOTE]
Дополнительная информация
File size: 282 bytes
MD5...: 69e43b1eefc2eae2870fefb39f5f272b
SHA1..: b5af47e88ebab99931ab86d31a77257a185e524e
SHA256: 464346e40a005818953b52b6bf1e06873c5dfec37268f3b7919599cd247ee2f3
SHA512: f3807844bf286659463fa930538c686a169206ec4882099c95cea10bca792535
cf4abd96bf285ee8f14222c8f8ff52cb6252e8eafdded00c47fcbf67cd677292
ssdeep: 3:+FUhXCHTaVXGLSMy8d3WRbKxhsRcOq94IK:f0UqSva3WR26RcOq9O
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
-
м.б. и ложное срабатывание. Это из раздела "Помогите!"
[url]http://virusinfo.info/showthread.php?t=38257[/url]
Файл avz00002.dta получен 2009.01.26 13:30:50 (CET)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.26 -
AhnLab-V3 5.0.0.2 2009.01.26 -
[B]AntiVir 7.9.0.60 2009.01.26 TR/ATRAPS.Gen [/B]
Authentium 5.1.0.4 2009.01.26 -
Avast 4.8.1281.0 2009.01.25 -
AVG 8.0.0.229 2009.01.26 -
BitDefender 7.2 2009.01.26 -
CAT-QuickHeal 10.00 2009.01.24 -
ClamAV 0.94.1 2009.01.26 -
Comodo 947 2009.01.26 -
DrWeb 4.44.0.09170 2009.01.26 -
[B]eSafe 7.0.17.0 2009.01.25 Suspicious File [/B]
eTrust-Vet 31.6.6325 2009.01.24 -
F-Prot 4.4.4.56 2009.01.25 -
F-Secure 8.0.14470.0 2009.01.26 -
Fortinet 3.117.0.0 2009.01.25 -
GData 19 2009.01.26 -
Ikarus T3.1.1.45.0 2009.01.26 -
K7AntiVirus 7.10.604 2009.01.24 -
Kaspersky 7.0.0.125 2009.01.26 -
McAfee 5506 2009.01.25 -
McAfee+Artemis 5506 2009.01.25 -
Microsoft 1.4205 2009.01.26 -
NOD32 3800 2009.01.26 -
Norman 5.93.01 2009.01.26 -
nProtect 2009.1.8.0 2009.01.26 -
Panda 9.5.1.2 2009.01.26 -
PCTools 4.4.2.0 2009.01.26 -
Prevx1 V2 2009.01.26 -
Rising 21.13.42.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.26 Trojan.ATRAPS.Gen
[/B]Sophos 4.37.0 2009.01.26 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.26 -
TheHacker 6.3.1.5.229 2009.01.26 -
[B]TrendMicro 8.700.0.1004 2009.01.26 PAK_Generic.005
[/B]VBA32 3.12.8.11 2009.01.25 -
ViRobot 2009.1.23.1577 2009.01.26 -
VirusBuster 4.5.11.0 2009.01.25
[/CODE]
Ответ из ЛК:
[B]dpsec.dll - Trojan.Win32.Agent.bkzf[/B]
New malicious software was found in this file. It's detection will be included in the next
update. Thank you for your help.
-
Взятс флешки:
Файл abra.rar получен 2009.01.26 14:59:23 (CET)
Текущий статус: закончено
Результат: 9/39 (23.08%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.26 -
AhnLab-V3 5.0.0.2 2009.01.26 -
AntiVir 7.9.0.60 2009.01.26 -
Authentium 5.1.0.4 2009.01.26 -
Avast 4.8.1281.0 2009.01.25 -
[B]AVG 8.0.0.229 2009.01.26 Worm/Generic_c.ZW[/B]
BitDefender 7.2 2009.01.26 -
CAT-QuickHeal 10.00 2009.01.24 -
ClamAV 0.94.1 2009.01.26 -
[B]Comodo 947 2009.01.26 Worm.Win32.AutoRun.etg
DrWeb 4.44.0.09170 2009.01.26 Win32.HLLW.Shadow[/B]
eSafe 7.0.17.0 2009.01.26 -
eTrust-Vet 31.6.6325 2009.01.24 -
F-Prot 4.4.4.56 2009.01.25 -
F-Secure 8.0.14470.0 2009.01.26 -
Fortinet 3.117.0.0 2009.01.25 -
GData 19 2009.01.26 -
Ikarus T3.1.1.45.0 2009.01.26 -
K7AntiVirus 7.10.606 2009.01.26 -
[B]Kaspersky 7.0.0.125 2009.01.26 Worm.Win32.AutoRun.etg[/B]
McAfee 5506 2009.01.25 -
McAfee+Artemis 5506 2009.01.25 -
[B]Microsoft 1.4205 2009.01.26 Worm:Win32/Conficker.B!inf[/B]
NOD32 3800 2009.01.26 -
Norman 5.93.01 2009.01.26 -
nProtect 2009.1.8.0 2009.01.26 -
[B]Panda 9.5.1.2 2009.01.26 W32/Conficker.C.worm[/B]
PCTools 4.4.2.0 2009.01.26 -
Prevx1 V2 2009.01.26 -
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.26 -
Sophos 4.37.0 2009.01.26 Mal/ConfInf-A
Sunbelt 3.2.1835.2 2009.01.16 -
[B]Symantec 10 2009.01.26 W32.Downadup!autorun[/B]
TheHacker 6.3.1.5.229 2009.01.26 -
TrendMicro 8.700.0.1004 2009.01.26 -
VBA32 3.12.8.11 2009.01.25 -
ViRobot 2009.1.23.1577 2009.01.26 -
[B]VirusBuster 4.5.11.0 2009.01.25 INF.Conficker.F[/B][/QUOTE]
Дополнительная информация
File size: 29608 bytes
MD5...: 46f649a4c561471e7cbeedfe9dbb10b2
SHA1..: 09df0fa0262dff115077e4bc4361655ccee7b7d0
SHA256: df7293082038452ffe2a296c5c1233be7b663593508eb35be52e614b3278bf19
SHA512: 2a800c48e78f1a18b93d0e3845e8bf45dd8803de7c4afa2337757a63ad6ef3b0
43c0dbd77e86e935679e5e6ca0ac0ec76df501c6b8d7185fffde5e3167ea4067
ssdeep: 768:/FUNB0x1o8t9jYSyvjIPKANjWApF45nfd5FOQ1s:/F241z9sSyvjFAnC7OQ1
s
PEiD..: -
Файл jwgkvsq.rar получен 2009.01.26 15:00:46 (CET)
Текущий статус: закончено
Результат: 25/38 (65.79%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.26 -
AhnLab-V3 5.0.0.2 2009.01.26 -
[B]AntiVir 7.9.0.60 2009.01.26 TR/Dropper.Gen[/B]
[B]Authentium 5.1.0.4 2009.01.26 W32/Conficker!Generic
Avast 4.8.1281.0 2009.01.25 Win32:Confi
AVG 8.0.0.229 2009.01.26 Worm/Downadup
BitDefender 7.2 2009.01.26 Win32.Worm.Downadup.Gen
CAT-QuickHeal 10.00 2009.01.24 Win32.Net-Worm.Kido.ih.3.Pack[/B]
ClamAV 0.94.1 2009.01.26 -
Comodo 947 2009.01.26 -
[B]DrWeb 4.44.0.09170 2009.01.26 Win32.HLLW.Shadow.based
eSafe 7.0.17.0 2009.01.26 Suspicious File[/B]
eTrust-Vet 31.6.6325 2009.01.24 -
[B]F-Prot 4.4.4.56 2009.01.25 W32/Conficker!Generic[/B]
F-Secure 8.0.14470.0 2009.01.26 -
Fortinet 3.117.0.0 2009.01.25 -
[B]GData 19 2009.01.26 Win32.Worm.Downadup.Gen
Ikarus T3.1.1.45.0 2009.01.26 Net-Worm.Win32.Kido
K7AntiVirus 7.10.606 2009.01.26 Net-Worm.Win32.Kido.ih
Kaspersky 7.0.0.125 2009.01.26 Net-Worm.Win32.Kido.ih
McAfee 5506 2009.01.25 W32/Conficker.worm.gen.a
McAfee+Artemis 5506 2009.01.25 W32/Conficker.worm.gen.a
Microsoft 1.4205 2009.01.26 Worm:Win32/Conficker.B
NOD32 3800 2009.01.26 a variant of Win32/Conficker.AE
nProtect 2009.1.8.0 2009.01.26 Win32.Worm.Downadup.Gen
Panda 9.5.1.2 2009.01.26 W32/Conficker.C.worm[/B]
PCTools 4.4.2.0 2009.01.26 -
Prevx1 V2 2009.01.26 Worm
Rising 21.13.42.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.26 Trojan.Dropper.Gen[/B]
Sophos 4.37.0 2009.01.26 -
Sunbelt 3.2.1835.2 2009.01.16 -
[B]Symantec 10 2009.01.26 W32.Downadup.B[/B]
TheHacker 6.3.1.5.229 2009.01.26 -
[B]TrendMicro 8.700.0.1004 2009.01.26 WORM_DOWNAD.AD
VBA32 3.12.8.11 2009.01.25 Net-Worm.Win32.Kido.ih[/B]
ViRobot 2009.1.23.1577 2009.01.26 -
[B]VirusBuster 4.5.11.0 2009.01.25 Trojan.Conficker.Gen!Pac[/B][/QUOTE]
Дополнительная информация
File size: 165435 bytes
MD5...: b5a2bab57981404e060648216b7caacd
SHA1..: 24282bad6ac22ec6c94226d996889b3c6e476358
SHA256: 19c4ec91003fff14926b4d8361fe05e849e84a0c84a5039fb2cf16a8bfb129a1
SHA512: 2be9023460c6fee0672c066da6072548afb299ad397c77bbff70ee6a7577fdf1
3dbb69e531cdcfd1ff3b5244471debbb1f7f9d95828dee4ab5cac8ccaf8b6734
ssdeep: 3072:Fvi4ICn/ofGEiUkWmvFGJzxLlLiq5r+2MQIkI43Z6mbbV01G71IdK9IKm:N
LIlGbUkWaFAzhB5r+sGiZ9PK07+dK94
PEiD..: -
-
Файл in.php получен 2009.01.27 19:47:31 (CET)
Текущий статус: закончено
Результат: 5/39 (12.83%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.73 2009.01.27 -
AhnLab-V3 5.0.0.2 2009.01.26 -
[B]AntiVir 7.9.0.60 2009.01.27 HTML/Crypted.Gen[/B]
Authentium 5.1.0.4 2009.01.26 -
[B]Avast 4.8.1281.0 2009.01.27 HTML:Iframe-inf[/B]
AVG 8.0.0.229 2009.01.27 -
BitDefender 7.2 2009.01.27 -
CAT-QuickHeal 10.00 2009.01.27 -
ClamAV 0.94.1 2009.01.27 -
Comodo 948 2009.01.27 -
DrWeb 4.44.0.09170 2009.01.27 -
eSafe 7.0.17.0 2009.01.27 -
eTrust-Vet 31.6.6329 2009.01.27 -
F-Prot 4.4.4.56 2009.01.26 -
F-Secure 8.0.14470.0 2009.01.27 -
Fortinet 3.117.0.0 2009.01.27 -
[B]GData 19 2009.01.27 HTML:Iframe-inf[/B]
Ikarus T3.1.1.45.0 2009.01.27 -
K7AntiVirus 7.10.607 2009.01.27 -
Kaspersky 7.0.0.125 2009.01.27 -
McAfee 5507 2009.01.26 -
McAfee+Artemis 5507 2009.01.26 -
Microsoft 1.4205 2009.01.27 -
NOD32 3804 2009.01.27 -
Norman 5.93.01 2009.01.27 -
nProtect 2009.1.8.0 2009.01.27 -
Panda 9.5.1.2 2009.01.27 -
PCTools 4.4.2.0 2009.01.27 -
Prevx1 V2 2009.01.27 -
Rising 21.13.42.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.27 Heuristic.Script.Crypted[/B]
Sophos 4.37.0 2009.01.27 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.27 -
TheHacker 6.3.1.5.229 2009.01.26 -
[B]TrendMicro 8.700.0.1004 2009.01.27 Mal_Hifrm[/B]
VBA32 3.12.8.11 2009.01.27 -
ViRobot 2009.1.23.1577 2009.01.26 -
VirusBuster 4.5.11.0 2009.01.27 -[/QUOTE]
Дополнительная информация
File size: 688 bytes
MD5...: ce5ffb0f7e75b8c95e4946e1c3e158a1
SHA1..: 4817bfaabe6257c5b52d167ab9fbdc91d40e0fb5
SHA256: 2ce9061a786ca298d981e379e8bf31f7963fac79c2a94038720d6d805572e2f7
SHA512: 99ca4098b21c01cdc669dda0f702726e3af1301444758c2392fc68d8b9721337
bd92562791a5ef75df09d822b0f3c0249d32d5c9938ec669efb993a0a62e45ba
ssdeep: 12:SumxKSAMGA7/N5DnMqIdzmx1jYxwGlQAMsMm16ByyVkJ1MIOne0Mnzc:+K5M1
/N5TMkLGl7Mo8yA6M5epzc
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
-
Файл quxnlq.exe получен 2009.01.28 15:29:42 (CET)
Текущий статус: закончено
Результат: 6/39 (15.38%)
[QUOTE]
a-squared 4.0.0.93 2009.01.28 -
AhnLab-V3 5.0.0.2 2009.01.28 -
AntiVir 7.9.0.60 2009.01.28 -
Authentium 5.1.0.4 2009.01.27 -
Avast 4.8.1281.0 2009.01.27 -
AVG 8.0.0.229 2009.01.28 -
BitDefender 7.2 2009.01.28 -
CAT-QuickHeal 10.00 2009.01.28 -
ClamAV 0.94.1 2009.01.28 -
Comodo 951 2009.01.28 -
DrWeb 4.44.0.09170 2009.01.28 -
[B]eSafe 7.0.17.0 2009.01.28 Suspicious File[/B]
eTrust-Vet 31.6.6331 2009.01.28 -
F-Prot 4.4.4.56 2009.01.27 -
F-Secure 8.0.14470.0 2009.01.28 -
Fortinet 3.117.0.0 2009.01.28 -
GData 19 2009.01.28 -
Ikarus T3.1.1.45.0 2009.01.28 -
K7AntiVirus 7.10.607 2009.01.27 -
Kaspersky 7.0.0.125 2009.01.28 -
[B]McAfee 5508 2009.01.27 W32/Autorun.worm.zf.gen[/B]
[B]McAfee+Artemis 5508 2009.01.27 W32/Autorun.worm.zf.gen[/B]
Microsoft 1.4205 2009.01.28 -
[B]NOD32 3806 2009.01.28 Win32/Packed.Autoit.Gen[/B]
Norman 5.93.01 2009.01.27 -
nProtect 2009.1.8.0 2009.01.28 -
Panda 9.5.1.2 2009.01.28 -
PCTools 4.4.2.0 2009.01.28 -
Prevx1 V2 2009.01.28 -
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.28 -
[B]Sophos 4.37.0 2009.01.28 Sus/Behav-1011[/B]
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.28 -
TheHacker 6.3.1.5.229 2009.01.26 -
TrendMicro 8.700.0.1004 2009.01.28 -
[B]VBA32 3.12.8.11 2009.01.27 suspected of Autoit.Script.Trojan[/B]
ViRobot 2009.1.28.1579 2009.01.28 -
VirusBuster 4.5.11.0 2009.01.27 -
[/QUOTE]
Дополнительная информация
File size: 501424 bytes
MD5...: dcd0e884d36909288085ce5713c410fd
SHA1..: 6abccc198c5c356b1b8e7fa9329702ebff8d97df
SHA256: a1b0273e24ca316d14824e6dfe4a287962ac042e4a63ae5742a22a09672a7e5e
SHA512: e2f8e660cba9703bf5bf37983f3786b5e81187243dfb73db9b862ff877e1e48e
85944de877ae6dd87e8c2d1677c1d621bed53f39229d2c580bd3faba4b7bd014
ssdeep: 12288:knNhuBoY8SorxgmA+nlvVlOArQ4fbaue4pZ1Ib:kPatCg7EPgArxRN1E
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x95590
timedatestamp.....: 0x4850e379 (Thu Jun 12 08:51:05 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x5d000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x5e000 0x38000 0x37800 7.93 d154032dbbbf17f077b9dac50ab63eb4
.rsrc 0x96000 0x6000 0x5c00 4.96 d31158dea4acce887d13d324b967072d
( 13 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> ADVAPI32.dll: RegCloseKey
> COMCTL32.dll: ImageList_Create
> comdlg32.dll: GetSaveFileNameW
> GDI32.dll: LineTo
> MPR.dll: WNetUseConnectionW
> ole32.dll: CoInitialize
> OLEAUT32.dll: -
> SHELL32.dll: DragFinish
> USER32.dll: GetDC
> VERSION.dll: VerQueryValueW
> WINMM.dll: timeGetTime
> WSOCK32.dll: -
( 0 exports )
packers (F-Prot): UPX
packers (Kaspersky): PE_Patch.UPX, UPX
-
свеженькое
Файл love.vbs получен 2009.01.29 06:43:44 (CET)
Текущий статус: закончено
Результат: 7/39 (17.95%)
[QUOTE]
a-squared 4.0.0.93 2009.01.29 -
AhnLab-V3 5.0.0.2 2009.01.29 -
AntiVir 7.9.0.60 2009.01.28 -
[B]Authentium 5.1.0.4 2009.01.28 Heuristic-31[/B]
Avast 4.8.1281.0 2009.01.28 -
AVG 8.0.0.229 2009.01.28 -
BitDefender 7.2 2009.01.29 -
CAT-QuickHeal 10.00 2009.01.29 -
ClamAV 0.94.1 2009.01.29 -
Comodo 951 2009.01.28 -
DrWeb 4.44.0.09170 2009.01.29 -
eSafe 7.0.17.0 2009.01.28 -
eTrust-Vet 31.6.6333 2009.01.29 -
[B]F-Prot 4.4.4.56 2009.01.28 Heuristic-31[/B]
[B]F-Secure 8.0.14470.0 2009.01.29 VBS/GenMail.A[/B]
Fortinet 3.117.0.0 2009.01.29 -
GData 19 2009.01.29 -
Ikarus T3.1.1.45.0 2009.01.29 -
K7AntiVirus 7.10.608 2009.01.28 -
Kaspersky 7.0.0.125 2009.01.29 -
McAfee 5509 2009.01.28 -
McAfee+Artemis 5509 2009.01.28 -
[B]Microsoft 1.4205 2009.01.28 Worm:VBS/MassMail.gen
NOD32 3809 2009.01.29 probably unknown SCRIPT
Norman 6.00.02 2009.01.28 VBS/GenMail.A[/B]
nProtect 2009.1.8.0 2009.01.28 -
Panda 9.5.1.2 2009.01.28 -
PCTools 4.4.2.0 2009.01.28 -
Prevx1 V2 2009.01.29 -
Rising 21.13.42.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.28 VBScript.Vulnerable.gen!High (suspicious)[/B]
Sophos 4.38.0 2009.01.29 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.29 -
TheHacker 6.3.1.5.231 2009.01.29 -
TrendMicro 8.700.0.1004 2009.01.29 -
VBA32 3.12.8.11 2009.01.29 -
ViRobot 2009.1.29.1580 2009.01.29 -
VirusBuster 4.5.11.0 2009.01.28 -
[/QUOTE]
[I]Дополнительная информация
File size: 506 bytes
MD5...: 3fb2ac62c5cfa24f3c0b887c32af1d20
SHA1..: 41ec916821796c9c36fa14d774276238aa9ea075
SHA256: d1f5829f92146e9d7f1d367b4d3663970a696b84b796f712c1bfd439c557bc5c
SHA512: 00238bc820e2725eee1a2e2af42816e32f386d9546000cfa795d8b4f3b02f1b2
e82f118ff2bda6b39551cfd345140fe23e8d3518b3ef0299312edd1c85235375
ssdeep: 12:/ycPdtJWQONslam6ufesRAyt6BmSv2T1rGqTF8hnMv:/yEJWQONslaFAesRAY
yxs1rGA8hnc
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
[/I]
-
Файл avz00001.dta получен 2009.01.29 07:43:43 (CET)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.93 2009.01.29 -
AhnLab-V3 5.0.0.2 2009.01.29 -
[B]AntiVir 7.9.0.60 2009.01.28 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2009.01.28 -
Avast 4.8.1281.0 2009.01.28 -
AVG 8.0.0.229 2009.01.28 -
BitDefender 7.2 2009.01.29 -
CAT-QuickHeal 10.00 2009.01.29 -
ClamAV 0.94.1 2009.01.29 -
Comodo 951 2009.01.28 -
[B]DrWeb 4.44.0.09170 2009.01.29 Trojan.PWS.Banker.origin[/B]
[B]eSafe 7.0.17.0 2009.01.28 Suspicious File[/B]
eTrust-Vet 31.6.6333 2009.01.29 -
F-Prot 4.4.4.56 2009.01.28 -
F-Secure 8.0.14470.0 2009.01.29 -
Fortinet 3.117.0.0 2009.01.29 -
GData 19 2009.01.29 -
Ikarus T3.1.1.45.0 2009.01.29 -
K7AntiVirus 7.10.608 2009.01.28 -
Kaspersky 7.0.0.125 2009.01.29 -
McAfee 5509 2009.01.28 -
McAfee+Artemis 5509 2009.01.28 -
Microsoft 1.4205 2009.01.28 -
NOD32 3809 2009.01.29 -
Norman 6.00.02 2009.01.28 -
nProtect 2009.1.8.0 2009.01.28 -
Panda 9.5.1.2 2009.01.28 -
PCTools 4.4.2.0 2009.01.28 -
[B]Prevx1 V2 2009.01.29 Fraudulent Security Program[/B]
Rising 21.13.42.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.28 Trojan.Dropper.Gen[/B]
Sophos 4.38.0 2009.01.29 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.29 -
TheHacker 6.3.1.5.231 2009.01.29 -
TrendMicro 8.700.0.1004 2009.01.29 -
VBA32 3.12.8.11 2009.01.29 -
ViRobot 2009.1.29.1580 2009.01.29 -
VirusBuster 4.5.11.0 2009.01.28 -
Дополнительная информация
File size: 317440 bytes
MD5...: 4a8453e3a123475ba81e8455be573880[/QUOTE]
-
из темы [url]http://virusinfo.info/showthread.php?t=38468[/url]
Файл с десктопа. Детект весьма странный.
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.93 2009.01.29 -
AhnLab-V3 5.0.0.2 2009.01.29 -
AntiVir 7.9.0.60 2009.01.29 -
Authentium 5.1.0.4 2009.01.28 -
Avast 4.8.1281.0 2009.01.28 -
AVG 8.0.0.229 2009.01.29 -
BitDefender 7.2 2009.01.29 -
[B]CAT-QuickHeal 10.00 2009.01.29 (Suspicious) - DNAScan [/B]
ClamAV 0.94.1 2009.01.29 -
Comodo 952 2009.01.29 -
DrWeb 4.44.0.09170 2009.01.29 -
[B]eSafe 7.0.17.0 2009.01.29 Win32.TrojanFakeAle [/B]
eTrust-Vet 31.6.6334 2009.01.29 -
F-Prot 4.4.4.56 2009.01.28 -
F-Secure 8.0.14470.0 2009.01.29 -
Fortinet 3.117.0.0 2009.01.29 -
GData 19 2009.01.29 -
Ikarus T3.1.1.45.0 2009.01.29 -
K7AntiVirus 7.10.609 2009.01.29 -
Kaspersky 7.0.0.125 2009.01.29 -
McAfee 5509 2009.01.28 -
McAfee+Artemis 5509 2009.01.28 -
Microsoft 1.4205 2009.01.29 -
[B]NOD32 3811 2009.01.29 a variant of Win32/Kryptik.GA [/B]
Norman 6.00.02 2009.01.29 -
nProtect 2009.1.8.0 2009.01.29 -
Panda 9.5.1.2 2009.01.29 -
PCTools 4.4.2.0 2009.01.29 -
Prevx1 V2 2009.01.29 -
[B]Rising 21.13.42.00 2009.01.23 Trojan.Clicker.Win32.Undef.gj
SecureWeb-Gateway 6.7.6 2009.01.29 Ad-Spyware.LooksLike.Dm
Sophos 4.38.0 2009.01.29 Troj/FakeAle-LE [/B]
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.29 -
TheHacker 6.3.1.5.232 2009.01.29 -
TrendMicro 8.700.0.1004 2009.01.29 -
VBA32 3.12.8.11 2009.01.29 -
ViRobot 2009.1.29.1580 2009.01.29 -
VirusBuster 4.5.11.0 2009.01.28 -
[/CODE]
-
[B]a-squared 4.0.0.93 2009.01.31 Downloader.Delphi!IK[/B]
AhnLab-V3 5.0.0.2 2009.01.31 -
[B]AntiVir 7.9.0.60 2009.01.30 DR/Delphi.Gen[/B]
Authentium 5.1.0.4 2009.01.31 -
Avast 4.8.1281.0 2009.01.30 -
[B]AVG 8.0.0.229 2009.01.30 Win32/Heur
BitDefender 7.2 2009.01.31 Gen:Trojan.Heur.Dropper.2[/B]
CAT-QuickHeal 10.00 2009.01.31 -
ClamAV 0.94.1 2009.01.31 -
Comodo 955 2009.01.31 -
DrWeb 4.44.0.09170 2009.01.31 -
eSafe 7.0.17.0 2009.01.29 -
eTrust-Vet 31.6.6335 2009.01.29 -
F-Prot 4.4.4.56 2009.01.31 -
F-Secure 8.0.14470.0 2009.01.31 -
Fortinet 3.117.0.0 2009.01.31 -
[B]GData 19 2009.01.31 Gen:Trojan.Heur.Dropper.2
Ikarus T3.1.1.45.0 2009.01.31 Downloader.Delphi[/B]
K7AntiVirus 7.10.612 2009.01.31 -
Kaspersky 7.0.0.125 2009.01.31 -
[B]McAfee 5512 2009.01.31 New Malware.bx[/B]
[B]McAfee+Artemis 5512 2009.01.31 New Malware.bx
Microsoft 1.4306 2009.01.31 TrojanDropper:Win32/Delf.CI[/B]
NOD32 3815 2009.01.31 -
Norman 6.00.02 2009.01.31 -
nProtect 2009.1.8.0 2009.01.30 -
Panda 9.5.1.2 2009.01.31 -
PCTools 4.4.2.0 2009.01.31 -
Prevx1 V2 2009.01.31 -
Rising 21.13.42.00 2009.01.23 -
[B]SecureWeb-Gateway 6.7.6 2009.01.30 Trojan.Dropper.Delphi.Gen
Sophos 4.38.0 2009.01.31 Sus/Dropper-R[/B]
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.31 -
TheHacker 6.3.1.5.241 2009.01.31 -
[B]TrendMicro 8.700.0.1004 2009.01.30 PAK_Generic.001
VBA32 3.12.8.12 2009.01.30 Backdoor.Win32.UltimateDefender.nf[/B]
ViRobot 2009.1.31.1583 2009.01.31 -
VirusBuster 4.5.11.0 2009.01.31 -
Дополнительная информация
File size: 144398 bytes
MD5...: 0a44662b643f0119508bdd68893c2971
SHA1..: d84f79a6028434adb7d2063f7756309229e9c4d2
SHA256: ca7a9b12b4d0b38a3598d23799257c8ab3fc4bac3fff8a7bf7d311481e22e678
SHA512: 971dc0af8e4c7e0299fe5c37455d37721e96f9b28eb16a147ffc2123003dfcbf
0a3a7ba66e3da7363e6adeba8a74d6ae312ece216bd47490c9c3786607f9e47c
ssdeep: 3072:GyfJ9kGj2OGxbodTxyZdW/YrSmnM0KKH0zv:GyfJSG95d1wGIMS+v
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2b000
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x4000 0x3b1b 6.53 f7f6bdc124092be88cde3b74f5cd6f79
DATA 0x5000 0x1000 0xbc 4.23 71120066cc96af28429e3d91dadd84d9
BSS 0x6000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x7000 0x1000 0x5d9 4.32 ed346d7d259470b93b4f6229afa802ff
.tls 0x8000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x9000 0x2000 0x13 2.46 231ec597a238bf6a2b7189bb5ece7901
.rsrc 0xb000 0x1e5ec 0x1e600 7.81 47d7e28603a24c21c27321ebe8241704
WCALab 0x2a000 0x1000 0x40 4.40 1fc047478ccb43109160076f79c2a7e0
.Sunzer 0x2b000 0x200 0x200 6.70 a95ad18642ed68535afde26bea1db5a8
( 7 imports )
> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetTickCount, QueryPerformanceCounter, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
> user32.dll: GetKeyboardType, MessageBoxA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SysFreeString, SysReAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
> kernel32.dll: WriteFile, VirtualFree, VirtualAlloc, SizeofResource, SetFilePointer, SetEndOfFile, ReadFile, LockResource, LoadResource, GetTempPathA, FreeResource, FindResourceA, DeleteFileA, CreateFileA, CopyFileA, CloseHandle
> shell32.dll: ShellExecuteA
( 0 exports )
-
даунлодер
Файл kexek__1_.exe получен 2009.02.03 05:18:10 (CET)
Текущий статус: закончено
Результат: 9/39 (23.08%)
[QUOTE]
Антивирус Версия Обновление Результат
a-squared 4.0.0.93 2009.02.03 -
AhnLab-V3 5.0.0.2 2009.02.03 -
[B]AntiVir 7.9.0.71 2009.02.02 TR/Hijacker.Gen[/B]
Authentium 5.1.0.4 2009.02.02 -
Avast 4.8.1281.0 2009.02.03 -
AVG 8.0.0.229 2009.02.02 -
[B]BitDefender 7.2 2009.02.03 BehavesLike:Win32.ExplorerHijack[/B]
CAT-QuickHeal 10.00 2009.02.02 -
ClamAV 0.94.1 2009.02.03 -
Comodo 959 2009.02.02 -
DrWeb 4.44.0.09170 2009.02.03 -
eSafe 7.0.17.0 2009.02.01 -
eTrust-Vet 31.6.6338 2009.02.03 -
F-Prot 4.4.4.56 2009.02.02 -
[B]F-Secure 8.0.14470.0 2009.02.03 W32/Malware[/B]
Fortinet 3.117.0.0 2009.02.02 -
[B]GData 19 2009.02.03 BehavesLike:Win32.ExplorerHijack[/B]
Ikarus T3.1.1.45.0 2009.02.02 -
K7AntiVirus 7.10.615 2009.02.02 -
[B]Kaspersky 7.0.0.125 2009.02.03 Heur.Trojan.Generic[/B]
McAfee 5514 2009.02.02 -
McAfee+Artemis 5514 2009.02.02 -
Microsoft 1.4306 2009.02.03 -
NOD32 3820 2009.02.03 -
[B]Norman 6.00.02 2009.02.02 W32/Malware[/B]
[B]nProtect 2009.1.8.0 2009.02.03 BehavesLike:Win32.ExplorerHijack[/B]
Panda 9.5.1.2 2009.02.02 -
PCTools 4.4.2.0 2009.02.02 -
Prevx1 V2 2009.02.03 -
Rising 21.14.61.00 2009.02.01 -
[B]SecureWeb-Gateway 6.7.6 2009.02.03 Trojan.Hijacker.Gen[/B]
[B]Sophos 4.38.0 2009.02.03 Mal/Emogen-Y[/B]
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.02.03 -
TheHacker 6.3.1.5.245 2009.02.03 -
TrendMicro 8.700.0.1004 2009.02.03 -
VBA32 3.12.8.12 2009.02.01 -
ViRobot 2009.2.3.1586 2009.02.03 -
VirusBuster 4.5.11.0 2009.02.02 -
[/QUOTE]
Дополнительная информация
File size: 20480 bytes
MD5...: 1b3db5bcea84a7cdd0c7e8a7a4a38e1e
SHA1..: bb4d92f9e60c17ce092e7cbf053c7f5fabfc3aa5
SHA256: 182df22543c7b3c5daf181747b4070ecd787a31126333df8113ae92b99ded605
SHA512: 69543af1499e39eeb25d98033097f0444b3529d1bd7b8962fd4992479d150a77
bee71e88131e1a635abc256504a3ece639b0c06a06eab860d7429e5015de5236
ssdeep: 384:rEuUMAr6N08l/ij7m+1Ir9EIBJPVIl6f/iGVAL/gseoJkw4KizbgIyj:rE9M
VNhl/ija+1I557qcnf6/gs7Fu
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information
-
Вложений: 1
-
Файл opendoor.exe получен 2009.02.05 11:02:26 (CET)
Текущий статус: закончено
Результат: 15/39 (38.47%)
[QUOTE]
Антивирус Версия Обновление Результат
a-squared 4.0.0.93 2009.02.05 -
AhnLab-V3 5.0.0.2 2009.02.05 -
[B]AntiVir 7.9.0.74 2009.02.05 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.0.4 2009.02.04 -
[B]Avast 4.8.1281.0 2009.02.04 Win32:IRCBot-AHP[/B]
[B]AVG 8.0.0.229 2009.02.04 Win32/CryptExe
BitDefender 7.2 2009.02.05 DeepScan:Generic.Malware.SFP!]g.70407C30[/B]
[B]CAT-QuickHeal 10.00 2009.02.05 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.02.05 -
Comodo 964 2009.02.04 -
DrWeb 4.44.0.09170 2009.02.05 -
eSafe 7.0.17.0 2009.02.04 -
eTrust-Vet 31.6.6343 2009.02.05 -
F-Prot 4.4.4.56 2009.02.04 -
F-Secure 8.0.14470.0 2009.02.05 -
Fortinet 3.117.0.0 2009.02.05 -
[B]GData 19 2009.02.05 DeepScan:Generic.Malware.SFP!g.70407C30[/B]
Ikarus T3.1.1.45.0 2009.02.05 -
K7AntiVirus 7.10.618 2009.02.04 -
[B]Kaspersky 7.0.0.125 2009.02.05 Heur.Invader
McAfee 5516 2009.02.04 New Malware
McAfee+Artemis 5516 2009.02.04 New Malware[/B]
Microsoft 1.4306 2009.02.05 -
NOD32 3828 2009.02.05 -
Norman 6.00.02 2009.02.04 -
nProtect 2009.1.8.0 2009.02.05 -
Panda 9.5.1.2 2009.02.04 -
[B]PCTools 4.4.2.0 2009.02.05 Packed/Execryptor[/B]
Prevx1 V2 2009.02.05 -
Rising 21.15.20.00 2009.02.04 -
[B]SecureWeb-Gateway 6.7.6 2009.02.05 Trojan.Crypt.XPACK.Gen[/B]
Sophos 4.38.0 2009.02.05 -
[B]Sunbelt 3.2.1835.2 2009.01.16 Trojan.Win32.Packed.gen (v)
Symantec 10 2009.02.04 Backdoor.IRC.Bot[/B]
TheHacker 6.3.1.5.247 2009.02.05 -
TrendMicro 8.700.0.1004 2009.02.05 -
[B]VBA32 3.12.8.12 2009.02.04 suspected of Embedded.Rootkit.Win32.Agent.adg[/B]
ViRobot 2009.2.5.1591 2009.02.05 -
[B]VirusBuster 4.5.11.0 2009.02.04 Packed/Execryptor[/B]
[/QUOTE]
Дополнительная информация
File size: 264809 bytes
MD5...: aa477b7ead71870d05f24ff402236181
SHA1..: 775434f81642842f028cf6302ce4f0e821bdb868
SHA256: 3ff5e0f892747b66eede74bb32e53e37cdb88a47e3dafacf1e4a7237a9439674
SHA512: 360d1c28ec7e2fa9c0ab202549e34fb0e8c7d465f555520a6438412ebfd5b7c3
e602d35a70b2096f7f54333f7edfeabd4f39c41b9a431e9838546244506c5b71
ssdeep: 6144:qAWvJasnJtNTR3Rp5RbCoC3igwmfDeZJz8kOXVN2mHNmd:qXMevJpXCoDkf
DeZOtemtC
PEiD..: EXECryptor 2.2.4 -> Strongbit/SoftComplete Development (h1)
Page generated in 0.00663 seconds with 10 queries