Исследование антивирусов 6

Printable View

Показывать 40 сообщений этой темы на одной странице

13.12.2007, 09:22
santy

File ntos.exe received on 12.13.2007 07:05:07 (CET)
Result: 8/32 (25%)
Antivirus Version Last Update Result
AhnLab-V3 - - -
[b]AntiVir - - TR/Crypt.XPACK.Gen[/b]
Authentium - - -
Avast - - -
[b]AVG - - Pakes_c.GD[/b]
[b]BitDefender - - Trojan.Spy.Agent.NLL[/b]
CAT-QuickHeal - - -
ClamAV - - -
[b]DrWeb - - Trojan.Proxy.2071[/b]
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
[b]Panda - - Trj/Wsnpoem.NI[/b]
Prevx1 - - -
Rising - - -
Sophos - - -
[b]Sunbelt - - VIPRE.Suspicious[/b]
Symantec - - -
TheHacker - - -
VBA32 - - -
[b]VirusBuster - - TrojanSpy.ZBot.Gen!Pac.3[/b]
[b]Webwasher-Gateway - - Trojan.Crypt.XPACK.Gen[/b]
Additional information
MD5: e46d907a7bc952e60910dec6c906d443
13.12.2007, 11:07
Shu_b

другой ntos.exe

[CODE]received on [B]12.11.2007 13:19:22[/B] (CET)
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
[B]Symantec - - Infostealer.Notos!gen[/B]
TheHacker - - -
VBA32 - - -
VirusBuster - - -
[B]Webwasher-Gateway - - Virus.Win32.FileInfector.gen [/B](suspicious)
Additional information
MD5: ec43197aed08fa5ade6f3853341a96fe[/CODE]
прошло два дня...[CODE]received on [B]12.13.2007 08:54:08[/B] (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.13.10 2007.12.12 -
[B]AntiVir 7.6.0.40 2007.12.13 TR/Rkit.WsnPoem[/B]
Authentium 4.93.8 2007.12.13 -
Avast 4.7.1098.0 2007.12.12 -
[B]AVG 7.5.0.503 2007.12.12 Pakes_c.FU[/B]
BitDefender 7.2 2007.12.13 -
[B]CAT-QuickHeal 9.00 2007.12.12 TrojanSpy.Zbot.ej[/B]
ClamAV 0.91.2 2007.12.12 -
DrWeb 4.44.0.09170 2007.12.12 -
eSafe 7.0.15.0 2007.12.12 -
eTrust-Vet 31.3.5373 2007.12.13 -
Ewido 4.0 2007.12.12 -
FileAdvisor 1 2007.12.13 -
[B]Fortinet 3.14.0.0 2007.12.13 Spy/Zbot[/B]
F-Prot 4.4.2.54 2007.12.12 -
[B]F-Secure 6.70.13030.0 2007.12.13 Trojan-Spy.Win32.Zbot.ej
Ikarus T3.1.1.12 2007.12.13 Trojan-Spy.Win32.Zbot.ej
Kaspersky 7.0.0.125 2007.12.13 Trojan-Spy.Win32.Zbot.ej[/B]
McAfee 5184 2007.12.12 -
Microsoft 1.3007 2007.12.13 -
NOD32v2 2720 2007.12.12 -
Norman 5.80.02 2007.12.12 -
[B]Panda 9.0.0.4 2007.12.12 Trj/Wsnpoem.NI[/B]
Prevx1 V2 2007.12.13 -
Rising 20.22.30.00 2007.12.13 -
Sophos 4.24.0 2007.12.13 -
Sunbelt 2.2.907.0 2007.12.13 -
[B]Symantec 10 2007.12.13 Infostealer.Notos!gen
TheHacker 6.2.9.157 2007.12.12 Trojan/Spy.Zbot.ej[/B]
VBA32 3.12.2.5 2007.12.10 -
VirusBuster 4.3.26:9 2007.12.12 -
[B]Webwasher-Gateway 6.6.2 2007.12.13 Trojan.Rkit.WsnPoem[/B]
Additional information
File size: 436224 bytes
MD5: ec43197aed08fa5ade6f3853341a96fe[/CODE]
14.12.2007, 13:53
Shu_b

эвона как бывает....

[CODE]File avz00004.dta received on [B]12.12.2007 15:43:24 [/B](CET)
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
[B]DrWeb - - Trojan.PWS.Mailspy.origin[/B]
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - -
Additional information
MD5: dbdc82a265e16e784d0a4e97ce515e01[/CODE]
прошло два дня...[CODE]File avz00004.dta received on [B]12.14.2007 07:27:01[/B] (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.14.10 2007.12.13 -
AntiVir 7.6.0.45 2007.12.13 -
Authentium 4.93.8 2007.12.13 -
Avast 4.7.1098.0 2007.12.13 -
AVG 7.5.0.503 2007.12.13 -
BitDefender 7.2 2007.12.14 -
CAT-QuickHeal 9.00 2007.12.13 -
ClamAV 0.91.2 2007.12.13 -
[B]DrWeb 4.44.0.09170 2007.12.13 Trojan.PWS.Mailspy.origin[/B]
eSafe 7.0.15.0 2007.12.13 -
eTrust-Vet 31.3.5374 2007.12.13 -
Ewido 4.0 2007.12.13 -
FileAdvisor 1 2007.12.14 -
Fortinet 3.14.0.0 2007.12.14 -
F-Prot 4.4.2.54 2007.12.13 -
F-Secure 6.70.13030.0 2007.12.14 -
Ikarus T3.1.1.15 2007.12.14 -
[B]Kaspersky 7.0.0.125 2007.12.14 Trojan-Proxy.Win32.Agent.ul[/B]
McAfee 5185 2007.12.13 -
Microsoft 1.3109 2007.12.14 -
NOD32v2 2722 2007.12.14 -
Norman 5.80.02 2007.12.13 -
Panda 9.0.0.4 2007.12.14 -
Prevx1 V2 2007.12.14 -
Rising 20.22.40.00 2007.12.14 -
Sophos 4.24.0 2007.12.14 -
Sunbelt 2.2.907.0 2007.12.14 -
Symantec 10 2007.12.14 -
TheHacker 6.2.9.159 2007.12.14 -
VBA32 3.12.2.5 2007.12.14 -
VirusBuster 4.3.26:9 2007.12.13 -
Webwasher-Gateway 6.6.2 2007.12.14 -
Additional information
File size: 241664 bytes
MD5: dbdc82a265e16e784d0a4e97ce515e01
SHA1: 9c990d0b3d3078fa4b40f8783ef431bad3429e54
PEiD: -[/CODE]

[size="1"][color="#666686"][B][I]Добавлено через 4 часа 21 минуту[/I][/B][/color][/size]

t-15259
Вроде пара, а детектируются совсем не одинаково...
[CODE]File vp7vmcia.exe received on 12.14.2007 11:43:10 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.14.11 2007.12.14 -
AntiVir 7.6.0.45 2007.12.14 -
Authentium 4.93.8 2007.12.13 -
[B]Avast 4.7.1098.0 2007.12.13 Win32:Warezov-CLK
AVG 7.5.0.503 2007.12.13 I-Worm/Stration
BitDefender 7.2 2007.12.14 Win32.Warezov.ADV@mm
CAT-QuickHeal 9.00 2007.12.13 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.12.14 -
[B]DrWeb 4.44.0.09170 2007.12.14 Win32.HLLM.Limar
eSafe 7.0.15.0 2007.12.13 Suspicious File[/B]
eTrust-Vet 31.3.5375 2007.12.14 -
Ewido 4.0 2007.12.13 -
FileAdvisor 1 2007.12.14 -
Fortinet 3.14.0.0 2007.12.14 -
[B]F-Prot 4.4.2.54 2007.12.13 W32/Heuristic-162!Eldorado
F-Secure 6.70.13030.0 2007.12.14 W32/Viking.EQ
Ikarus T3.1.1.15 2007.12.14 Backdoor.Win32.Rbot.AJU
Kaspersky 7.0.0.125 2007.12.14 Email-Worm.Win32.Warezov.gen
McAfee 5185 2007.12.13 New Malware.n[/B]
Microsoft 1.3109 2007.12.14 -
[B]NOD32v2 2722 2007.12.14 a variant of Win32/Stration.ABD
Norman 5.80.02 2007.12.13 W32/Suspicious_U.gen
Panda 9.0.0.4 2007.12.14 W32/Spamta.ADQ.worm[/B]
Prevx1 V2 2007.12.14 -
[B]Rising 20.22.41.00 2007.12.14 Worm.Mail.Warezov.cj
Sophos 4.24.0 2007.12.14 Mal/EncPk-BW
Sunbelt 2.2.907.0 2007.12.14 VIPRE.Suspicious[/B]
Symantec 10 2007.12.14 -
[B]TheHacker 6.2.9.159 2007.12.14 W32/Behav-Heuristic-060[/B]
VBA32 3.12.2.5 2007.12.14 -
[B]VirusBuster 4.3.26:9 2007.12.13 Packed/Upack
Webwasher-Gateway 6.6.2 2007.12.14 Packer.UPACK[/B]
Additional information
File size: 93769 bytes
MD5: 34eff679d5d09d0e466dfb86d62f486f
SHA1: f1a3ebd40ae65a534ce9186b3490acedbe77fb18
PEiD: -
packers: PE_Patch, UPack[/CODE][CODE]File vp7vmcia.dll received on 12.14.2007 11:43:21 (CET)
Antivirus Version Last Update Result
[B]AhnLab-V3 2007.12.14.11 2007.12.14 Win32/Stration.worm.Gen[/B]
AntiVir 7.6.0.45 2007.12.14 -
[B]Authentium 4.93.8 2007.12.13 W32/Warezov.gen4
Avast 4.7.1098.0 2007.12.13 Win32:Warezov-CRX
AVG 7.5.0.503 2007.12.13 I-Worm/Stration
BitDefender 7.2 2007.12.14 Generic.Stration.BF196041[/B]
CAT-QuickHeal 9.00 2007.12.13 -
ClamAV 0.91.2 2007.12.14 -
[B]DrWeb 4.44.0.09170 2007.12.14 Win32.HLLM.Limar
eSafe 7.0.15.0 2007.12.13 Suspicious File[/B]
eTrust-Vet 31.3.5375 2007.12.14 -
Ewido 4.0 2007.12.13 -
FileAdvisor 1 2007.12.14 -
Fortinet 3.14.0.0 2007.12.14 -
[B]F-Prot 4.4.2.54 2007.12.13 W32/Warezov.gen4[/B]
F-Secure 6.70.13030.0 2007.12.14 -
Ikarus T3.1.1.15 2007.12.14 -
Kaspersky 7.0.0.125 2007.12.14 -
McAfee 5185 2007.12.13 -
[B]Microsoft 1.3109 2007.12.14 Trojan:Win32/Stration.F!dll[/B]
NOD32v2 2722 2007.12.14 -
Norman 5.80.02 2007.12.13 -
Panda 9.0.0.4 2007.12.14 -
Prevx1 V2 2007.12.14 -
Rising 20.22.41.00 2007.12.14 -
[B]Sophos 4.24.0 2007.12.14 W32/Strati-Gen[/B]
Sunbelt 2.2.907.0 2007.12.14 -
Symantec 10 2007.12.14 -
TheHacker 6.2.9.159 2007.12.14 -
VBA32 3.12.2.5 2007.12.14 -
VirusBuster 4.3.26:9 2007.12.13 -
Webwasher-Gateway 6.6.2 2007.12.14 -
Additional information
File size: 118784 bytes
MD5: c46a64349de797bd24a689ee0b774af6
SHA1: e2683a98a513aabc92bf5a4a294d4be40586109a
PEiD: -[/CODE]

t-15272[CODE]File avz00004__1_._ta received on 12.14.2007 14:28:19 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.14.11 2007.12.14 -
AntiVir 7.6.0.45 2007.12.14 -
Authentium 4.93.8 2007.12.13 -
Avast 4.7.1098.0 2007.12.13 -
AVG 7.5.0.503 2007.12.14 -
BitDefender 7.2 2007.12.14 -
CAT-QuickHeal 9.00 2007.12.13 -
ClamAV 0.91.2 2007.12.14 -
[B]DrWeb 4.44.0.09170 2007.12.14 Trojan.BhoSpy.origin
eSafe 7.0.15.0 2007.12.13 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5375 2007.12.14 -
Ewido 4.0 2007.12.14 -
FileAdvisor 1 2007.12.14 -
Fortinet 3.14.0.0 2007.12.14 -
F-Prot 4.4.2.54 2007.12.13 -
F-Secure 6.70.13030.0 2007.12.14 -
[B]Ikarus T3.1.1.15 2007.12.14 Trojan.Win32.BHO.d[/B]
Kaspersky 7.0.0.125 2007.12.14 -
McAfee 5185 2007.12.13 -
[B]Microsoft 1.3109 2007.12.14 Trojan:Win32/Adclicker.AO[/B]
NOD32v2 2723 2007.12.14 -
Norman 5.80.02 2007.12.13 -
Panda 9.0.0.4 2007.12.14 -
Prevx1 V2 2007.12.14 -
Rising 20.22.41.00 2007.12.14 -
Sophos 4.24.0 2007.12.14 -
Sunbelt 2.2.907.0 2007.12.14 -
[B]Symantec 10 2007.12.14 Trojan.Adclicker[/B]
TheHacker 6.2.9.159 2007.12.14 -
VBA32 3.12.2.5 2007.12.14 -
VirusBuster 4.3.26:9 2007.12.13 -
Webwasher-Gateway 6.0.1 2007.12.14 -
Additional information
File size: 25600 bytes
MD5: bc4efbf73eafc728fe58fc2636c5b87a
SHA1: bd9e8c3a1ef447aa38d16746c3b47f95c14de725
PEiD: -
packers: UPX[/CODE][CODE]File avz00005__1_._ta received on 12.14.2007 14:30:27 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.14.11 2007.12.14 -
AntiVir 7.6.0.45 2007.12.14 -
Authentium 4.93.8 2007.12.13 -
[B]Avast 4.7.1098.0 2007.12.13 Win32:Trojan-gen {Other}[/B]
AVG 7.5.0.503 2007.12.14 -
[B]BitDefender 7.2 2007.12.14 Trojan.Agent.AFJP[/B]
CAT-QuickHeal 9.00 2007.12.13 -
ClamAV 0.91.2 2007.12.14 -
[B]DrWeb 4.44.0.09170 2007.12.14 Trojan.Inject.363[/B]
eSafe 7.0.15.0 2007.12.13 -
eTrust-Vet 31.3.5375 2007.12.14 -
Ewido 4.0 2007.12.14 -
[B]FileAdvisor 1 2007.12.14 High threat detected[/B]
Fortinet 3.14.0.0 2007.12.14 -
F-Prot 4.4.2.54 2007.12.13 -
F-Secure 6.70.13030.0 2007.12.14 -
[B]Ikarus T3.1.1.15 2007.12.14 Virus.Win32.Trojan[/B]
Kaspersky 7.0.0.125 2007.12.14 -
McAfee 5185 2007.12.13 -
Microsoft 1.3109 2007.12.14 -
NOD32v2 2723 2007.12.14 -
Norman 5.80.02 2007.12.13 -
[B]Panda 9.0.0.4 2007.12.14 Trj/Inject.O[/B]
Prevx1 V2 2007.12.14 -
[B]Rising 20.22.41.00 2007.12.14 Trojan.Win32.Inject.dg[/B]
Sophos 4.24.0 2007.12.14 -
Sunbelt 2.2.907.0 2007.12.14 -
[B]Symantec 10 2007.12.14 Trojan.Farfli[/B]
TheHacker 6.2.9.159 2007.12.14 -
VBA32 3.12.2.5 2007.12.14 -
VirusBuster 4.3.26:9 2007.12.13 -
Webwasher-Gateway 6.0.1 2007.12.14 -
Additional information
File size: 3072 bytes
MD5: 8651fab023f6fbd1b02428ce2889e9e4[/CODE]
16.12.2007, 18:18
rubin

Файл avz00001.dta получен 2007.12.16 16:11:03 (CET)
[code]AhnLab-V3 2007.12.15.10 2007.12.14 -
AntiVir 7.6.0.45 2007.12.16 TR/Dldr.Delf.djm
Authentium 4.93.8 2007.12.16 -
Avast 4.7.1098.0 2007.12.16 -
AVG 7.5.0.503 2007.12.16 Downloader.Generic6.ZTJ
BitDefender 7.2 2007.12.16 -
CAT-QuickHeal 9.00 2007.12.15 -
ClamAV 0.91.2 2007.12.16 -
DrWeb 4.44.0.09170 2007.12.16 -
eSafe 7.0.15.0 2007.12.13 -
eTrust-Vet 31.3.5377 2007.12.15 -
Ewido 4.0 2007.12.16 -
FileAdvisor 1 2007.12.16 -
Fortinet 3.14.0.0 2007.12.16 -
F-Prot 4.4.2.54 2007.12.16 W32/Backdoor2.ATN
F-Secure 6.70.13030.0 2007.12.16 Trojan-Downloader.Win32.Delf.djm
Ikarus T3.1.1.15 2007.12.16 Trojan-Downloader.Win32.Delf.djm
Kaspersky 7.0.0.125 2007.12.16 Trojan-Downloader.Win32.Delf.djm
McAfee 5186 2007.12.14 -
Microsoft 1.3109 2007.12.16 Trojan:Win32/Delflob.D
NOD32v2 2723 2007.12.14 Win32/Adware.IeDefender
Norman 5.80.02 2007.12.13 -
Panda 9.0.0.4 2007.12.16 Adware/VideoDecoder
Prevx1 V2 2007.12.16 -
Rising 20.22.41.00 2007.12.14 -
Sophos 4.24.0 2007.12.15 Mal/Emogen-N
Sunbelt 2.2.907.0 2007.12.15 -
Symantec 10 2007.12.15 -
TheHacker 6.2.9.160 2007.12.14 -
VBA32 3.12.2.5 2007.12.15 -
VirusBuster 4.3.26:9 2007.12.16 -
Webwasher-Gateway 6.6.2 2007.12.16 -

Дополнительная информация
File size: 222208 bytes
MD5: c7c05b733e1db6c2ee9d847b7296a0ab
SHA1: 368759f675f0066375e4fd0b45309ddde8afabc4
PEiD: ASPack v2.12 -> Alexey Solodovnikov
packers: ASPack[/code]
17.12.2007, 10:43
Shu_b

t-15367[CODE]File svchost.exe received on 12.17.2007 06:13:11 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.17.10 2007.12.17 -
[B]AntiVir 7.6.0.45 2007.12.16 TR/Rootkit.Gen[/B]
Authentium 4.93.8 2007.12.16 -
Avast 4.7.1098.0 2007.12.16 -
AVG 7.5.0.503 2007.12.16 -
BitDefender 7.2 2007.12.17 -
CAT-QuickHeal 9.00 2007.12.15 -
ClamAV 0.91.2 2007.12.17 -
[B]DrWeb 4.44.0.09170 2007.12.16 BackDoor.PifPaf.origin[/B]
eSafe 7.0.15.0 2007.12.16 -
[B]eTrust-Vet 31.3.5377 2007.12.15 Win32/Unknown[/B]
Ewido 4.0 2007.12.16 -
FileAdvisor 1 2007.12.17 -
Fortinet 3.14.0.0 2007.12.17 -
F-Prot 4.4.2.54 2007.12.17 -
[B]F-Secure 6.70.13030.0 2007.12.17 Backdoor.Win32.IRCBot.avf[/B]
Ikarus T3.1.1.15 2007.12.17 -
[B]Kaspersky 7.0.0.125 2007.12.17 Backdoor.Win32.IRCBot.avf[/B]
McAfee 5186 2007.12.14 -
Microsoft 1.3109 2007.12.17 -
NOD32v2 2723 2007.12.14 -
Norman 5.80.02 2007.12.13 -
[B]Panda 9.0.0.4 2007.12.16 Suspicious file
Prevx1 V2 2007.12.17 Heuristic: Suspicious Self Modifying File
Rising 20.22.41.00 2007.12.14 Backdoor.Win32.IRCbot.anh
Sophos 4.24.0 2007.12.16 Mal/Behav-059[/B]
Sunbelt 2.2.907.0 2007.12.15 -
Symantec 10 2007.12.15 -
TheHacker 6.2.9.160 2007.12.14 -
VBA32 3.12.2.5 2007.12.15 -
VirusBuster 4.3.26:9 2007.12.16 -
[B]Webwasher-Gateway 6.6.2 2007.12.17 Trojan.Rootkit.Gen[/B]
Additional information
File size: 66560 bytes
MD5: 83ebab351e7a88e7b84863afc2b2e9fa[/CODE]

t-15357 кто знает руткита?[CODE]File vncbwxjt.dat received on 12.17.2007 08:21:30 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.17.10 2007.12.17 -
[B]AntiVir 7.6.0.45 2007.12.17 TR/Rootkit.Gen[/B]
Authentium 4.93.8 2007.12.16 -
Avast 4.7.1098.0 2007.12.16 -
AVG 7.5.0.503 2007.12.16 -
[B]BitDefender 7.2 2007.12.17 Trojan.Rootkit.Agent.NDW
CAT-QuickHeal 9.00 2007.12.15 Rootkit.Agent.ql[/B]
ClamAV 0.91.2 2007.12.17 -
[B]DrWeb 4.44.0.09170 2007.12.16 Trojan.NtRootKit.511[/B]
eSafe 7.0.15.0 2007.12.16 -
[B]eTrust-Vet 31.3.5377 2007.12.15 Win32/Kvol.Q[/B]
Ewido 4.0 2007.12.16 -
FileAdvisor 1 2007.12.17 -
Fortinet 3.14.0.0 2007.12.17 -
[B]F-Prot 4.4.2.54 2007.12.17 W32/Rootkit.AHL
F-Secure 6.70.13030.0 2007.12.17 Rootkit.Win32.Agent.ql
Ikarus T3.1.1.15 2007.12.17 Rootkit.Win32.Agent.ql
Kaspersky 7.0.0.125 2007.12.17 Rootkit.Win32.Agent.ql[/B]
McAfee 5186 2007.12.14 -
Microsoft 1.3109 2007.12.17 -
NOD32v2 2726 2007.12.17 -
Norman 5.80.02 2007.12.14 -
Panda 9.0.0.4 2007.12.16 -
[B]Prevx1 V2 2007.12.17 Win32.Rootkit.Gen[/B]
Rising 20.23.00.00 2007.12.17 -
Sophos 4.24.0 2007.12.16 -
Sunbelt 2.2.907.0 2007.12.15 -
Symantec 10 2007.12.17 -
TheHacker 6.2.9.160 2007.12.14 -
VBA32 3.12.2.5 2007.12.15 -
[B]VirusBuster 4.3.26:9 2007.12.16 Rootkit.Agent.XBM
Webwasher-Gateway 6.6.2 2007.12.17 Trojan.Rootkit.Gen[/B]
Additional information
File size: 19456 bytes
MD5: b0e801a834bd344fcb4c5f53fdf495a8
SHA1: ad7e31f0060490886ed0f2947080611c670c6764[/CODE]

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 11 минут[/I][/B][/color][/size]

t-15251 Эвристик VBA радует, жаль что нечасто... [CODE]File avz00001.dta received on 12.17.2007 08:34:05 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.17.10 2007.12.17 -
AntiVir 7.6.0.45 2007.12.17 -
Authentium 4.93.8 2007.12.16 -
Avast 4.7.1098.0 2007.12.16 -
AVG 7.5.0.503 2007.12.16 -
BitDefender 7.2 2007.12.17 -
CAT-QuickHeal 9.00 2007.12.15 -
ClamAV 0.91.2 2007.12.17 -
DrWeb 4.44.0.09170 2007.12.16 -
eSafe 7.0.15.0 2007.12.16 -
eTrust-Vet 31.3.5377 2007.12.15 -
Ewido 4.0 2007.12.16 -
FileAdvisor 1 2007.12.17 -
Fortinet 3.14.0.0 2007.12.17 -
F-Prot 4.4.2.54 2007.12.17 -
[B]F-Secure 6.70.13030.0 2007.12.17 Trojan.Win32.Agent.dkf[/B]
Ikarus T3.1.1.15 2007.12.17 -
[B]Kaspersky 7.0.0.125 2007.12.17 Trojan.Win32.Agent.dkf[/B]
McAfee 5186 2007.12.14 -
Microsoft 1.3109 2007.12.17 -
NOD32v2 2726 2007.12.17 -
Norman 5.80.02 2007.12.14 -
Panda 9.0.0.4 2007.12.16 -
Prevx1 V2 2007.12.17 -
Rising 20.23.00.00 2007.12.17 -
Sophos 4.24.0 2007.12.16 -
Sunbelt 2.2.907.0 2007.12.15 -
Symantec 10 2007.12.17 -
TheHacker 6.2.9.160 2007.12.14 -
[B]VBA32 3.12.2.5 2007.12.15 suspected of Trojan-Downloader.PassAlert.2[/B]
VirusBuster 4.3.26:9 2007.12.16 -
Webwasher-Gateway 6.6.2 2007.12.17 -
Additional information
File size: 17920 bytes
MD5: 521a3ba1db0ee2caa04b85ea0ab27390[/CODE]

т-15300 [CODE]File avz00010.dta received on 12.17.2007 09:10:51 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.14.11 2007.12.14 -
[B]AntiVir 7.6.0.45 2007.12.17 TR/Dldr.Small.hdo.1[/B]
Authentium 4.93.8 2007.12.13 -
Avast 4.7.1098.0 2007.12.13 -
AVG 7.5.0.503 2007.12.13 -
BitDefender 7.2 2007.12.17 -
CAT-QuickHeal 9.00 2007.12.13 -
ClamAV 0.91.2 2007.12.14 -
DrWeb 4.44.0.09170 2007.12.14 -
eSafe 7.0.15.0 2007.12.13 -
[B]eTrust-Vet 31.3.5382 2007.12.17 Win32/Chepvil!generic[/B]
Ewido 4.0 2007.12.14 -
FileAdvisor 1 2007.12.17 -
Fortinet 3.14.0.0 2007.12.14 -
F-Prot 4.4.2.54 2007.12.13 -
[B]F-Secure 6.70.13030.0 2007.12.17 Trojan-Downloader.Win32.Small.hdo[/B]
Ikarus T3.1.1.15 2007.12.14 -
[B]Kaspersky 7.0.0.125 2007.12.17 Trojan-Downloader.Win32.Small.hdo[/B]
McAfee 5185 2007.12.13 -
Microsoft 1.3109 2007.12.14 -
NOD32v2 2726 2007.12.17 -
[B]Norman 5.80.02 2007.12.14 W32/Malware[/B]
Panda 9.0.0.4 2007.12.14 -
Prevx1 V2 2007.12.17 -
Rising 20.22.41.00 2007.12.14 -
Sophos 4.24.0 2007.12.17 -
Sunbelt 2.2.907.0 2007.12.14 -
Symantec 10 2007.12.17 -
TheHacker 6.2.9.159 2007.12.14 -
VBA32 3.12.2.5 2007.12.14 -
VirusBuster 4.3.26:9 2007.12.13 -
[B]Webwasher-Gateway 6.0.1 2007.12.17 Trojan.Dldr.Small.hdo.1[/B]
Additional information
File size: 8704 bytes
MD5: 6546cdedb878e65ff6274327d92309cd[/CODE]
18.12.2007, 15:08
rubin

Файл avz00001.dta получен 2007.12.18 12:43:29 (CET)
[code]AhnLab-V3 2007.12.18.11 2007.12.18 Win-Trojan/Agent.677888
AntiVir 7.6.0.45 2007.12.18 -
Authentium 4.93.8 2007.12.18 -
Avast 4.7.1098.0 2007.12.17 -
AVG 7.5.0.503 2007.12.17 -
BitDefender 7.2 2007.12.18 BehavesLike:Trojan.ShellStartup
CAT-QuickHeal 9.00 2007.12.17 -
ClamAV 0.91.2 2007.12.18 -
DrWeb 4.44.0.09170 2007.12.18 -
eSafe 7.0.15.0 2007.12.17 -
eTrust-Vet 31.3.5385 2007.12.18 -
Ewido 4.0 2007.12.18 -
FileAdvisor 1 2007.12.18 -
Fortinet 3.14.0.0 2007.12.18 -
F-Prot 4.4.2.54 2007.12.18 -
F-Secure 6.70.13030.0 2007.12.18 -
Ikarus T3.1.1.15 2007.12.18 BehavesLikeTrojan.ShellStartup
Kaspersky 7.0.0.125 2007.12.18 Trojan-Clicker.Win32.Agent.op
McAfee 5187 2007.12.17 -
Microsoft 1.3109 2007.12.18 -
NOD32v2 2729 2007.12.18 -
Norman 5.80.02 2007.12.17 -
Panda 9.0.0.4 2007.12.18 -
Prevx1 V2 2007.12.18 -
Rising 20.23.12.00 2007.12.18 -
Sophos 4.24.0 2007.12.18 -
Sunbelt 2.2.907.0 2007.12.18 -
Symantec 10 2007.12.18 -
TheHacker 6.2.9.162 2007.12.17 -
VBA32 3.12.2.5 2007.12.17 suspected of Embedded.Trojan.Win32.ViniX
VirusBuster 4.3.26:9 2007.12.17 -
Webwasher-Gateway 6.0.1 2007.12.18 -[/code]

Дополнительная информация
File size: 687616 bytes
MD5: 03c1bbbc57e9b85b448e36541cb9f46d
SHA1: 9d8206da74f1bde05946c7ee0a8c165df9b31eae
PEiD: Armadillo v1.71
18.12.2007, 18:06
Макcим

Файл avz00001.dta получен 2007.12.18 15:53:45 (CET)
[QUOTE]AhnLab-V3 2007.12.18.11 2007.12.18 -
AntiVir 7.6.0.45 2007.12.18 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2007.12.18 -
Avast 4.7.1098.0 2007.12.17 Win32:Kbot-D
AVG 7.5.0.503 2007.12.17 SHeur.SHY
BitDefender 7.2 2007.12.18 Trojan.AVKiller.AW
CAT-QuickHeal 9.00 2007.12.17 (Suspicious) - DNAScan
ClamAV 0.91.2 2007.12.18 -
DrWeb 4.44.0.09170 2007.12.18 Trojan.MulDrop.8347
eSafe 7.0.15.0 2007.12.17 Suspicious File
eTrust-Vet 31.3.5385 2007.12.18 -
Ewido 4.0 2007.12.18 -
FileAdvisor 1 2007.12.18 High threat detected
Fortinet 3.14.0.0 2007.12.18 -
F-Prot 4.4.2.54 2007.12.18 -
F-Secure 6.70.13030.0 2007.12.18 -
Ikarus T3.1.1.15 2007.12.18 Backdoor.Win32.Kbot.aq
Kaspersky 7.0.0.125 2007.12.18 -
McAfee 5187 2007.12.17 Tcad-Crypted
Microsoft 1.3109 2007.12.18 TrojanDownloader:Win32/Small.gen!AAM
NOD32v2 2730 2007.12.18 -
Norman 5.80.02 2007.12.17 -
Panda 9.0.0.4 2007.12.18 Suspicious file
Prevx1 V2 2007.12.18 -
Rising 20.23.12.00 2007.12.18 Trojan.Win32.Agent.yfx
Sophos 4.24.0 2007.12.18 Mal/Basine-C
Sunbelt 2.2.907.0 2007.12.18 -
Symantec 10 2007.12.18 Backdoor.Trojan
TheHacker 6.2.9.162 2007.12.17 -
VBA32 3.12.2.5 2007.12.17 Trojan.MulDrop.8347
VirusBuster 4.3.26:9 2007.12.17 Trojan.DR.Dirat.Gen
Webwasher-Gateway 6.6.2 2007.12.18 Trojan.Crypt.XPACK.Gen[/QUOTE]Дополнительная информация
File size: 12868 bytes
MD5: 9d537c85b5071a82695474ca45621822
SHA1: 9f6b2251125a4751f593ad693b564470839d48c5
PEiD: BlackEnergy DDoS Bot Crypter
Bit9 info: [url]http://fileadvisor.bit9.com/services/extinfo.aspx?md5=9d537c85b5071a82695474ca45621822[/url]
18.12.2007, 21:10
rubin

\com\lsass.exe
Файл avz00002.dta получен 2007.12.18 18:09:58 (CET)
[code]AhnLab-V3 2007.12.19.10 2007.12.18 -
AntiVir 7.6.0.45 2007.12.18 TR/Agent.dzc.1
Authentium 4.93.8 2007.12.18 -
Avast 4.7.1098.0 2007.12.17 -
AVG 7.5.0.503 2007.12.17 Downloader.Agent.14.R
BitDefender 7.2 2007.12.18 Trojan.Pinx.A
CAT-QuickHeal 9.00 2007.12.18 -
ClamAV 0.91.2 2007.12.18 -
DrWeb 4.44.0.09170 2007.12.18 -
eSafe 7.0.15.0 2007.12.18 -
eTrust-Vet 31.3.5385 2007.12.18 -
Ewido 4.0 2007.12.18 -
FileAdvisor 1 2007.12.18 -
Fortinet 3.14.0.0 2007.12.18 -
F-Prot 4.4.2.54 2007.12.18 W32/BadBHO.A.gen!Eldorado
F-Secure 6.70.13030.0 2007.12.18 -
Ikarus T3.1.1.15 2007.12.18 -
Kaspersky 7.0.0.125 2007.12.18 -
McAfee 5187 2007.12.17 W32/Fujacks
Microsoft 1.3109 2007.12.18 -
NOD32v2 2730 2007.12.18 -
Norman 5.80.02 2007.12.18 -
Panda 9.0.0.4 2007.12.18 Adware/BaiduBar
Prevx1 V2 2007.12.18 Heuristic: Suspicious File With Bad Child Associations
Rising 20.23.12.00 2007.12.18 Worm.Win32.DiskGen.ay
Sophos 4.24.0 2007.12.18 Mal/Packer
Sunbelt 2.2.907.0 2007.12.18 -
Symantec 10 2007.12.18 W32.Pagipef.I
TheHacker 6.2.9.163 2007.12.18 -
VBA32 3.12.2.5 2007.12.17 -
VirusBuster 4.3.26:9 2007.12.18 Packed/FSG
Webwasher-Gateway 6.6.2 2007.12.18 Trojan.Agent.dzc.1[/code]
Дополнительная информация
File size: 102400 bytes
MD5: 6d8280c2b3a8265efe330a50c7db8312
SHA1: c3e2a50cac6b58a7666c934420a381083a2ea899
PEiD: Armadillo v1.71
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=18F14A9000FC2FAB902901F2CF2EBE000ABE57DC[/url]
19.12.2007, 06:41
santy

File _msntsrv.exe_ received on 12.18.2007 22:24:34 (CET)
Result: 2/32 (6.25%)
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
[b]eSafe - - Suspicious File[/b]
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
[b]NOD32v2 - - a variant of Win32/Injector.F[/b]
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - -
Additional information
MD5: 0c31e0783fda89f9f5daff4861fc1f86
19.12.2007, 21:15
rubin

t=15470
айл avz00002.dta получен 2007.12.19 19:07:31 (CET)
[code]AhnLab-V3 2007.12.20.10 2007.12.19 -
AntiVir 7.6.0.45 2007.12.19 -
Authentium 4.93.8 2007.12.19 -
Avast 4.7.1098.0 2007.12.18 -
AVG 7.5.0.503 2007.12.19 -
BitDefender 7.2 2007.12.19 -
CAT-QuickHeal 9.00 2007.12.19 -
ClamAV 0.91.2 2007.12.19 -
DrWeb 4.44.0.09170 2007.12.19 -
eSafe 7.0.15.0 2007.12.19 -
eTrust-Vet 31.3.5386 2007.12.18 -
Ewido 4.0 2007.12.19 -
FileAdvisor 1 2007.12.19 -
Fortinet 3.14.0.0 2007.12.19 -
F-Prot 4.4.2.54 2007.12.18 -
F-Secure 6.70.13030.0 2007.12.19 -
Ikarus T3.1.1.15 2007.12.19 -
[b]Kaspersky 7.0.0.125 2007.12.19 SpamTool.Win32.Agent.ee[/b]
McAfee 5189 2007.12.19 -
Microsoft 1.3109 2007.12.19 -
NOD32v2 2734 2007.12.19 -
Norman 5.80.02 2007.12.19 -
Panda 9.0.0.4 2007.12.18 -
[b]Prevx1 V2 2007.12.19 SystemPoser:Trojan-a[/b]
Rising 20.23.22.00 2007.12.19 -
Sophos 4.24.0 2007.12.19 -
Sunbelt 2.2.907.0 2007.12.19 -
Symantec 10 2007.12.19 -
TheHacker 6.2.9.165 2007.12.19 -
VBA32 3.12.2.5 2007.12.19 -
VirusBuster 4.3.26:9 2007.12.19 -
Webwasher-Gateway 6.6.2 2007.12.19 -[/code]
Дополнительная информация
File size: 33280 bytes
MD5: 182d10f02592b398575cb25bccc8ad8b
SHA1: e9eabd6d65b65a72056fdf9bd287333c17bd0495
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=0B11785700275687820A007150F3520000CD71DE[/url]
19.12.2007, 21:58
XL

Файл ndisrd.sys получен 2007.12.19 19:45:21

[CODE]AhnLab-V3 2007.12.20.10 2007.12.19 -
[B]AntiVir 7.6.0.45 2007.12.19 TR/Dldr.Small.AQI.3[/B]
Authentium 4.93.8 2007.12.19 -
Avast 4.7.1098.0 2007.12.18 -
[B]AVG 7.5.0.503 2007.12.19 Generic5.LQN
BitDefender 7.2 2007.12.19 Trojan.Generic.61039[/B]
CAT-QuickHeal 9.00 2007.12.19 -
ClamAV 0.91.2 2007.12.19 -
DrWeb 4.44.0.09170 2007.12.19 -
eSafe 7.0.15.0 2007.12.19 -
eTrust-Vet 31.3.5387 2007.12.19 -
[B]Ewido 4.0 2007.12.19 Downloader.Small
FileAdvisor 1 2007.12.19 High threat detected
Fortinet 3.14.0.0 2007.12.19 W32/Small.AQI!tr
F-Prot 4.4.2.54 2007.12.18 W32/DownloaderX.UDM
F-Secure 6.70.13030.0 2007.12.19 W32/Smalltroj.LRX[/B]
Ikarus T3.1.1.15 2007.12.19 -
Kaspersky 7.0.0.125 2007.12.19 -
McAfee 5189 2007.12.19 -
[B]Microsoft 1.3109 2007.12.19 TrojanDownloader:Win32/Small[/B]
NOD32v2 2734 2007.12.19 -
[B]Norman 5.80.02 2007.12.19 W32/Smalltroj.LRX[/B]
Panda 9.0.0.4 2007.12.18 -
Prevx1 V2 2007.12.19 -
Rising 20.23.22.00 2007.12.19 -
Sophos 4.24.0 2007.12.19 -
Sunbelt 2.2.907.0 2007.12.19 -
Symantec 10 2007.12.19 -
TheHacker 6.2.9.165 2007.12.19 -
VBA32 3.12.2.5 2007.12.19 -
VirusBuster 4.3.26:9 2007.12.19 -
[B]Webwasher-Gateway 6.6.2 2007.12.19 Trojan.Dldr.Small.AQI.3[/B]

File size: 15338 bytes
MD5: 62d4ef02daab1e5a32a2dee911bbb8a2[/CODE]
22.12.2007, 12:38
Макcим

Файл avz00005.dta получен 2007.12.22 10:30:48 (CET)
[QUOTE]AhnLab-V3 2007.12.22.10 2007.12.21 [B][B]Win-Trojan/Conhook.121876.D
AntiVir 7.6.0.46 2007.12.21 TR/Dldr.ConHook.Gen[/B][/B]
Authentium 4.93.8 2007.12.21 -
[B]Avast 4.7.1098.0 2007.12.21 Win32:Adware-gen
AVG 7.5.0.503 2007.12.21 Adware Generic2.WJX
BitDefender 7.2 2007.12.22 Trojan.Conhook.Y
CAT-QuickHeal 9.00 2007.12.22 AdWare.BHO.nv (Not a Virus)
ClamAV 0.91.2 2007.12.22 Adware.BHO-181
DrWeb 4.44.0.09170 2007.12.21 Adware.Crew
eSafe 7.0.15.0 2007.12.20 Suspicious File[/B]
eTrust-Vet 31.3.5395 2007.12.21 -
Ewido 4.0 2007.12.21 -
FileAdvisor 1 2007.12.22 -
Fortinet 3.14.0.0 2007.12.22 -
[B]F-Prot 4.4.2.54 2007.12.21 W32/Heuristic-162!Eldorado[/B]
F-Secure 6.70.13030.0 2007.12.21 -
[B]Ikarus T3.1.1.15 2007.12.22 Trojan.Conhook.Y[/B]
Kaspersky 7.0.0.125 2007.12.22 -
McAfee 5191 2007.12.21 -
[B]Microsoft 1.3109 2007.12.22 VirTool:Win32/Obfuscator.Q
NOD32v2 2740 2007.12.21 Win32/Adware.BHO.V[/B]
Norman 5.80.02 2007.12.21 -
[B]Panda 9.0.0.4 2007.12.22 Suspicious file
Prevx1 V2 2007.12.22 Generic.Malware[/B]
Rising 20.23.51.00 2007.12.22 -
[B]Sophos 4.24.0 2007.12.22 Mal/BHO-C[/B]
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.22 -
TheHacker 6.2.9.167 2007.12.21 -
VBA32 3.12.2.5 2007.12.21 -
VirusBuster 4.3.26:9 2007.12.21 -
[B]Webwasher-Gateway 6.6.2 2007.12.22 Trojan.Dldr.ConHook.Gen[/B][/QUOTE]Дополнительная информация
File size: 121876 bytes
MD5: a4693d78511723681930fb2fc144e1b6
SHA1: de04b3a37b95f3a16f556b74124c521856a8d563
PEiD: -
packers: Morphine
packers: Morphine
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=68EC51D314B80545DCD30124EBFEEF006D771E7E[/url]
24.12.2007, 12:14
Shu_b

t-15578
[CODE]File jkklm.dll received on 12.24.2007 10:05:58 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.24.10 2007.12.24 -
[B]AntiVir 7.6.0.46 2007.12.24 TR/Agent.316512[/B]
Authentium 4.93.8 2007.12.23 -
Avast 4.7.1098.0 2007.12.23 -
[B]AVG 7.5.0.516 2007.12.23 BHO.CTB
BitDefender 7.2 2007.12.24 Trojan.Vundo.DRM[/B]
CAT-QuickHeal 9.00 2007.12.22 -
ClamAV 0.91.2 2007.12.24 -
DrWeb 4.44.0.09170 2007.12.24 -
eSafe 7.0.15.0 2007.12.23 -
eTrust-Vet 31.3.5400 2007.12.24 -
Ewido 4.0 2007.12.23 -
FileAdvisor 1 2007.12.24 -
Fortinet 3.14.0.0 2007.12.24 -
[B]F-Prot 4.4.2.54 2007.12.23 W32/Virtumonde.G.gen!Eldorado
F-Secure 6.70.13030.0 2007.12.24 Vundo.gen49
Ikarus T3.1.1.15 2007.12.24 Trojan.Vundo.DRM[/B]
Kaspersky 7.0.0.125 2007.12.24 -
McAfee 5191 2007.12.21 -
[B]Microsoft 1.3109 2007.12.24 Trojan:Win32/Vundo.gen!A
[/B]NOD32v2 2744 2007.12.23 -
[B]Norman 5.80.02 2007.12.21 Vundo.gen49
Panda 9.0.0.4 2007.12.23 Spyware/Vundo
Prevx1 V2 2007.12.24 Rogue Antispyware:All Strains-All Variants
[/B]Rising 20.24.00.00 2007.12.24 -
Sophos 4.24.0 2007.12.24 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.24 -
TheHacker 6.2.9.168 2007.12.22 -
VBA32 3.12.2.5 2007.12.22 -
[B]VirusBuster 4.3.26:9 2007.12.23 Adware.Vundo.V.Gen
Webwasher-Gateway 6.6.2 2007.12.24 Trojan.Agent.316512
[/B]Additional information
File size: 316512 bytes
MD5: 03cb87e667cd31645b6f4256c4c6cbaa[/CODE][CODE]File eotfkuyf.dll received on 12.24.2007 10:05:44 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.24.10 2007.12.24 -
[B]AntiVir 7.6.0.46 2007.12.24 TR/Vundo.Gen
[/B]Authentium 4.93.8 2007.12.23 -
Avast 4.7.1098.0 2007.12.23 -
[B]AVG 7.5.0.516 2007.12.23 Obfustat.ADEL
[/B]BitDefender 7.2 2007.12.24 -
CAT-QuickHeal 9.00 2007.12.22 -
ClamAV 0.91.2 2007.12.24 -
[B]DrWeb 4.44.0.09170 2007.12.24 Trojan.Virtumod.251
eSafe 7.0.15.0 2007.12.23 Suspicious File
eTrust-Vet 31.3.5400 2007.12.24 Win32/Vundo.IX
[/B]Ewido 4.0 2007.12.23 -
FileAdvisor 1 2007.12.24 -
Fortinet 3.14.0.0 2007.12.24 -
[B]F-Prot 4.4.2.54 2007.12.23 W32/Virtumonde.G.gen!Eldorado
[/B]F-Secure 6.70.13030.0 2007.12.24 -
Ikarus T3.1.1.15 2007.12.24 -
Kaspersky 7.0.0.125 2007.12.24 -
McAfee 5191 2007.12.21 -
[B]Microsoft 1.3109 2007.12.24 Trojan:Win32/Vundo.gen!A
[/B]NOD32v2 2744 2007.12.23 -
Norman 5.80.02 2007.12.21 -
[B]Panda 9.0.0.4 2007.12.23 Spyware/Virtumonde
[/B]Prevx1 V2 2007.12.24 -
Rising 20.24.00.00 2007.12.24 -
[B]Sophos 4.24.0 2007.12.24 Troj/Virtum-Gen
[/B]Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.24 -
[B]TheHacker 6.2.9.168 2007.12.22 Adware/SecToolBar.y
[/B]VBA32 3.12.2.5 2007.12.22 -
[B]VirusBuster 4.3.26:9 2007.12.23 Adware.Vundo.V.Gen
Webwasher-Gateway 6.6.2 2007.12.24 Trojan.Vundo.Gen
[/B]Additional information
File size: 165472 bytes
MD5: 0e0691c9faf2a69a96d44ac24bb281c3[/CODE]
24.12.2007, 17:15
vlad179

Файл avz00001.dta получен 2007.12.24 12:00:39 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.12.24.10 2007.12.24 -
AntiVir 7.6.0.46 2007.12.24 [B]DR/Delphi.Gen[/B]
Authentium 4.93.8 2007.12.23 -
Avast 4.7.1098.0 2007.12.24 -
AVG 7.5.0.516 2007.12.23 [B]Agent.MCC[/B]
BitDefender 7.2 2007.12.24 [B]Trojan.PSW.LdPinch.AKX[/B]
CAT-QuickHeal 9.00 2007.12.22 -
ClamAV 0.91.2 2007.12.24 -
DrWeb 4.44.0.09170 2007.12.24 -
eSafe 7.0.15.0 2007.12.23 -
eTrust-Vet 31.3.5400 2007.12.24 -
Ewido 4.0 2007.12.24 -
FileAdvisor 1 2007.12.24 -
Fortinet 3.14.0.0 2007.12.24 [B]W32/Dropper.DMW!tr[/B]
F-Prot 4.4.2.54 2007.12.23 -
F-Secure 6.70.13030.0 2007.12.24 [B]Trojan.Win32.Agent.dmw[/B]
Ikarus T3.1.1.15 2007.12.24 [B]Virus.Win32.Zapchast.DA[/B]
Kaspersky 7.0.0.125 2007.12.24 [B]Trojan.Win32.Agent.dmw[/B]
McAfee 5191 2007.12.21 -
Microsoft 1.3109 2007.12.24 [B]VirTool:Win32/DelfInject.gen!AA[/B]
NOD32v2 2745 2007.12.24 -
Norman 5.80.02 2007.12.24 [B]LdPinch.STT[/B]
Panda 9.0.0.4 2007.12.23 -
Prevx1 V2 2007.12.24 -
Rising 20.24.01.00 2007.12.24 [B]Trojan.DL.Win32.Agent.bxw[/B]
Sophos 4.24.0 2007.12.24 [B]Mal/Dropper-T[/B]
Sunbelt 2.2.907.0 2007.12.21 -
TheHacker 6.2.9.168 2007.12.22 [B]Trojan/Agent.dmw[/B]
VBA32 3.12.2.5 2007.12.22 -
VirusBuster 4.3.26:9 2007.12.23 -
Webwasher-Gateway 6.6.2 2007.12.24 [B]Trojan.Dropper.Delphi.Gen[/B]

Дополнительная информация
File size: 42496 bytes
MD5: e52ef0b4afca6e89c1bb2abdeb59543c
SHA1: dc1bd5e85c38918777f928ac398642dee3d997bb
PEiD: -
24.12.2007, 22:03
strawser

File Keylog.zip received on 12.03.2007 14:14:43 (CET)
Current status: finished
Result: 26/32 (81.25%)
Version Last Update Result
AhnLab-V3 - - -
[B]AntiVir - - TR/SPY.KeyLogger.LF
Authentium - - W32/Trojan.OGD
Avast - - Win32:Keylogger-DO
AVG - - PSW.Generic2.LFE
BitDefender - - Trojan.Spy.Keylogger.LF[/B]
CAT-QuickHeal - -
ClamAV - - -
DrWeb - - -
[B]eSafe - - Win32.Trojan
eTrust-Vet - - Win32/VMalum.ANED
Ewido - - Logger.KeyLogger.lf
FileAdvisor - - High threat detected
Fortinet - - Spy/KeyLogger
F-Prot - - W32/Trojan.OGD
F-Secure - - Trojan-Spy.Win32.KeyLogger.lf
Ikarus - - Trojan-Spy.Win32.KeyLogger.lf
Kaspersky - - Trojan-Spy.Win32.KeyLogger.lf
McAfee - - Generic.do[/B]
Microsoft - - -
[B]NOD32v2 - - Win32/Spy.KeyLogger.LF
Norman - - W32/Keylog.BAM
Panda - - Trj/Keylog.LH[/B]
Prevx1 - - -
[B]Rising - - Trojan.Spy.KeyLogger.agx
Sophos - - Mal/Generic-A
Sunbelt - - Trojan-Spy.Win32.KeyLogger.lf
Symantec - - Infostealer
TheHacker - - Trojan/Spy.KeyLogger.lf
VBA32 - - Trojan-Spy.Win32.KeyLogger.lf
VirusBuster - - TrojanSpy.KeyLogger.JX
Webwasher-Gateway - - Trojan.SPY.KeyLogger.LF[/B]

Additional information
MD5: 8935a514da0aac5d8828c4afa37a6c08

File Trojan_Spy_Banker_qez.rar received on 12.24.2007 15:38:13 (CET)
Current status: finished
Result: 6/32 (18.75%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
[B]CAT-QuickHeal - - TrojanSpy.Banker.gez[/B]
ClamAV - - -
[B]DrWeb - - Adware.MoneyGainer[/B]
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
[B]F-Prot - - W32/Banker.BBZT[/B]
F-Secure - - -
[B]Ikarus - - Trojan-Spy.Win32.Banker.gez[/B]
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
[B]Prevx1 - - Heuristic: Suspicious File With Bad Child Associations[/B]
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
[B]VBA32 - - Trojan-Spy.Win32.Banker.gez[/B]
VirusBuster - - -
Webwasher-Gateway - - -
Additional information
MD5: b6aaf0e414282bd28a625f09e88d0e8c

[B]Mcafee ???[/B]

Trojan_program_Rootkit.Win32.Agen received on 12.24.2007 15:43:58 (CET)
Current status: finished
Result: 24/32 (75%)
Antivirus Version Last Update Result
AhnLab-V3 - - -
[B]AntiVir - - TR/Crypt.XDR.Gen[/B]
Authentium - - -
[B]Avast - - Win32:Trojan-gen {UPX}
AVG - - Dropper.Agent.9.Q
BitDefender - - Trojan.Srizbi.T
CAT-QuickHeal - - Rootkit.Agent.ld[/B]
ClamAV - - -
[B]DrWeb - - Trojan.NtRootKit.493
eSafe - - Rootkit.Win32.Agent.[/B]
eTrust-Vet - - -
[B]Ewido - - Rootkit.Agent.ld[/B]
FileAdvisor - - -
[B]Fortinet - - W32/Agent.LD!tr.rkit
F-Prot - - W32/Rootkit.AGQ
F-Secure - - Rootkit.Win32.Agent.ld
Ikarus - - Trojan.Srizbi.T
Kaspersky - - Rootkit.Win32.Agent.ld[/B]
McAfee - - -
[B]Microsoft - - Trojan:Win32/Agent
NOD32v2 - - probably a variant of Win32/Rootkit[/B]
Norman - - -
[B]Panda - - Trj/Downloader.MDW
Prevx1 - - Generic.Malware
Rising - - RootKit.Win32.Agent.ld
Sophos - - Mal/Generic-A
Sunbelt - - Trojan.Srizbi.T
Symantec - - Trojan.Srizbi
TheHacker - - Trojan/Agent.ld
VBA32 - - Rootkit.Win32.Agent.ld[/B]
VirusBuster - - -
[B]Webwasher-Gateway - - Trojan.Crypt.XDR.Gen[/B]
Additional information
MD5: 04d5a112d079eee44f7df7f3557a7c3f
25.12.2007, 01:26
drongo

[code]Файл avz00001.dta получен 2007.12.24 23:19:03 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2007.12.25.10 2007.12.24 -
[B]AntiVir 7.6.0.46 2007.12.24 TR/Hijacker.Gen[/B]
Authentium 4.93.8 2007.12.23 -
[B]Avast 4.7.1098.0 2007.12.24 Win32:Small-IKB
AVG 7.5.0.516 2007.12.24 Downloader.Small.60.AO[/B]
BitDefender 7.2 2007.12.24 -
CAT-QuickHeal 9.00 2007.12.24 -
ClamAV 0.91.2 2007.12.24 -
DrWeb 4.44.0.09170 2007.12.24 -
[B]eSafe 7.0.15.0 2007.12.24 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5400 2007.12.24 -
Ewido 4.0 2007.12.24 -
FileAdvisor 1 2007.12.24 -
Fortinet 3.14.0.0 2007.12.24 -
F-Prot 4.4.2.54 2007.12.23 -
F-Secure 6.70.13030.0 2007.12.24 -
[B]Ikarus T3.1.1.15 2007.12.24 Virus.Win32.Small.IKB[/B]
Kaspersky 7.0.0.125 2007.12.24 -
McAfee 5192 2007.12.24 -
[B]Microsoft 1.3109 2007.12.24 VirTool:Win32/Obfuscator!Mal[/B]
NOD32v2 2745 2007.12.24 -
Norman 5.80.02 2007.12.24 -
Panda 9.0.0.4 2007.12.24 -
Prevx1 V2 2007.12.24 -
Rising 20.24.02.00 2007.12.24 -
Sophos 4.24.0 2007.12.24 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.24 -
TheHacker 6.2.9.168 2007.12.22 -
VBA32 3.12.2.5 2007.12.24 -
VirusBuster 4.3.26:9 2007.12.24 -
[B]Webwasher-Gateway 6.6.2 2007.12.24 Trojan.Hijacker.Gen[/B]
Дополнительная информация
File size: 8192 bytes
MD5: 71629f64d4a92d29d4e5932e17931a05
SHA1: 55d4c70ec497b15a7c49257a4f82d032b7b47938
PEiD: -
packers: UPX
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX[/code]
25.12.2007, 08:26
Shu_b

t=15629[CODE]File cssrss.exe received on 12.25.2007 06:20:01 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.25.10 2007.12.24 -
[b]AntiVir 7.6.0.46 2007.12.24 TR/Crypt.XPACK.Gen[/b]
Authentium 4.93.8 2007.12.24 -
Avast 4.7.1098.0 2007.12.24 -
AVG 7.5.0.516 2007.12.24 -
BitDefender 7.2 2007.12.25 -
CAT-QuickHeal 9.00 2007.12.25 -
ClamAV 0.91.2 2007.12.25 -
DrWeb 4.44.0.09170 2007.12.24 -
eSafe 7.0.15.0 2007.12.24 -
eTrust-Vet 31.3.5400 2007.12.24 -
Ewido 4.0 2007.12.24 -
FileAdvisor 1 2007.12.25 -
Fortinet 3.14.0.0 2007.12.25 -
F-Prot 4.4.2.54 2007.12.24 -
F-Secure 6.70.13030.0 2007.12.24 -
Ikarus T3.1.1.15 2007.12.25 -
Kaspersky 7.0.0.125 2007.12.25 -
McAfee 5192 2007.12.24 -
Microsoft 1.3109 2007.12.25 -
NOD32v2 2746 2007.12.25 -
Norman 5.80.02 2007.12.24 -
Panda 9.0.0.4 2007.12.24 -
Prevx1 V2 2007.12.25 -
Rising 20.24.02.00 2007.12.24 -
Sophos 4.24.0 2007.12.24 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.25 -
TheHacker 6.2.9.168 2007.12.22 -
VBA32 3.12.2.5 2007.12.24 -
VirusBuster 4.3.26:9 2007.12.24 -
[b]Webwasher-Gateway 6.6.2 2007.12.25 Trojan.Crypt.XPACK.Gen[/b]
Additional information
File size: 35840 bytes
MD5: 1c1e3c1e4109f5f9e15d147c91326c13[/CODE]
25.12.2007, 12:53
Shu_b

[QUOTE=strawser;164091]File askBarSetup.zip received on 12.05.2007 08:34:36 (CET)[/QUOTE]

сегодня 25.12, а не 5.12... :-(

[size="1"][color="#666686"][B][I]Добавлено через 1 час 36 минут[/I][/B][/color][/size]

t-15645[CODE]File user32.dat received on 12.25.2007 10:46:25 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.25.10 2007.12.24 -
AntiVir 7.6.0.46 2007.12.24 -
Authentium 4.93.8 2007.12.24 -
[B]Avast 4.7.1098.0 2007.12.24 Win32:Tibs-ADO[/B]
AVG 7.5.0.516 2007.12.24 -
BitDefender 7.2 2007.12.25 -
CAT-QuickHeal 9.00 2007.12.25 -
ClamAV 0.91.2 2007.12.25 -
DrWeb 4.44.0.09170 2007.12.25 -
[B]eSafe 7.0.15.0 2007.12.24 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5400 2007.12.24 -
Ewido 4.0 2007.12.24 -
FileAdvisor 1 2007.12.25 -
Fortinet 3.14.0.0 2007.12.25 -
F-Prot 4.4.2.54 2007.12.24 -
F-Secure 6.70.13030.0 2007.12.24 -
[B]Ikarus T3.1.1.15 2007.12.25 Virus.Win32.Tibs.ADO
Kaspersky 7.0.0.125 2007.12.25 Trojan-Clicker.Win32.Agent.ph[/B]
McAfee 5192 2007.12.24 -
Microsoft 1.3109 2007.12.25 -
NOD32v2 2746 2007.12.25 -
Norman 5.80.02 2007.12.24 -
Panda 9.0.0.4 2007.12.24 -
[B]Prevx1 V2 2007.12.25 Heuristic: Suspicious File With Bad Parent Associations[/B]
Rising 20.24.11.00 2007.12.25 -
Sophos 4.24.0 2007.12.25 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.25 -
TheHacker 6.2.9.168 2007.12.22 -
VBA32 3.12.2.5 2007.12.24 -
VirusBuster 4.3.26:9 2007.12.24 -
[B]Webwasher-Gateway 6.6.2 2007.12.25 Win32.UPXpacked.gen (suspicious)[/B]
Additional information
File size: 6144 bytes
MD5: b7d2d09d310a8c86ff706b5b9b84593d
SHA1: 50c91dadee58fd8c7a7c7013e2178bb55dbeb0b0
PEiD: -
packers: UPX[/CODE]
25.12.2007, 13:11
strawser

[QUOTE=Shu_b;164093]сегодня 25.12, а не 5.12... :-( [/QUOTE]

Да,прошу прощения. Скопировал старый лог. Вот новый.Dr web уже знает этого зверя, а F-pot почему-то уже нет.

File askBarSetup.zip received on 12.25.2007 11:05:11 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.12.25.10 2007.12.24 -
AntiVir 7.6.0.46 2007.12.24 -
Authentium 4.93.8 2007.12.25 -
Avast 4.7.1098.0 2007.12.24 -
AVG 7.5.0.516 2007.12.24 -
BitDefender 7.2 2007.12.25 -
CAT-QuickHeal 9.00 2007.12.25 -
ClamAV 0.91.2 2007.12.25 -
[B]DrWeb 4.44.0.09170 2007.12.25 Adware.Msearch[/B]
eSafe 7.0.15.0 2007.12.24 -
eTrust-Vet 31.3.5400 2007.12.24 -
Ewido 4.0 2007.12.24 -
FileAdvisor 1 2007.12.25 -
Fortinet 3.14.0.0 2007.12.25 -
F-Prot 4.4.2.54 2007.12.24 -
F-Secure 6.70.13030.0 2007.12.24 -
Ikarus T3.1.1.15 2007.12.25 -
Kaspersky 7.0.0.125 2007.12.25 -
McAfee 5192 2007.12.24 -
Microsoft 1.3109 2007.12.25 -
[B]NOD32v2 2746 2007.12.25 a variant of Win32/AdInstaller[/B]
Norman 5.80.02 2007.12.24 -
Panda 9.0.0.4 2007.12.24 -
[B]Prevx1 V2 2007.12.25 Heuristic: Suspicious Hijacker[/B]
Rising 20.24.11.00 2007.12.25 -
Sophos 4.24.0 2007.12.25 -
Sunbelt 2.2.907.0 2007.12.21 -
Symantec 10 2007.12.25 -
TheHacker 6.2.9.168 2007.12.22 -
[B]VBA32 3.12.2.5 2007.12.24 suspected of Trojan-Dropper.Delf.36 (paranoid heuristics)[/B]
VirusBuster 4.3.26:9 2007.12.24 -
Webwasher-Gateway 6.6.2 2007.12.25 -
Additional information
File size: 517576 bytes
MD5: 170996a490c22b2c1c77b89067280d9e
SHA1: a59d0e8b21b186a7f7c2f727456484a61be873ac
PEiD: -
25.12.2007, 15:55
Shu_b

[QUOTE=strawser;164119]Вот новый.Dr web уже знает этого зверя {cut}[/QUOTE]

Это неизвестно, на вирустотале только недавно "отремонтировали" Drweb чтоб он adware показывал.

ps. если не трудно, зашлите по ссылке (в zip'e, с паролем virus) - [url]http://virusinfo.info/upload_virus.php?tid=12941[/url]

Показывать 40 сообщений этой темы на одной странице