Исследование антивирусов 4

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.09.2006, 10:58:53 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.09.2006 TR/Dldr.Horst.FU.1
Authentium 4.93.8 11.08.2006 no virus found
Avast 4.7.892.0 11.07.2006 no virus found
AVG 386 11.08.2006 Proxy.24.BU
BitDefender 7.2 11.09.2006 no virus found
CAT-QuickHeal 8.00 11.08.2006 Trojan.Horst.gen
ClamAV devel-20060426 11.09.2006 no virus found
DrWeb 4.33 11.09.2006 no virus found
eTrust-InoculateIT 23.73.50 11.09.2006 no virus found
eTrust-Vet 30.3.3184 11.09.2006 no virus found
Ewido 4.0 11.08.2006 no virus found
Fortinet 2.82.0.0 11.09.2006 no virus found
F-Prot 3.16f 11.08.2006 no virus found
F-Prot4 4.2.1.29 11.08.2006 no virus found
Ikarus 0.2.65.0 11.09.2006 no virus found
Kaspersky 4.0.2.24 11.09.2006 no virus found
McAfee 4891 11.08.2006 no virus found
Microsoft 1.1609 11.09.2006 no virus found
NOD32v2 1.1859 11.08.2006 no virus found
Norman 5.80.02 11.09.2006 no virus found
Panda 9.0.0.4 11.08.2006 Suspicious file
Sophos 4.11.0 11.07.2006 Mal/Behav-080
TheHacker 6.0.1.116 11.09.2006 Trojan/Horst.b2
UNA 1.83 11.09.2006 no virus found
VBA32 3.11.1 11.08.2006 no virus found
VirusBuster 4.3.15:9 11.08.2006 no virus found


Aditional Information
File size: 38591 bytes
MD5: 48b019996a8ea1f6ed7591c8eabe2c6f
SHA1: 85ea2b17d3a415c669d0d09177b6e1e89748885e
packers: UPX
ЛК: Trojan-Proxy.Win32.Horst

реальный паразитический вирус:

Complete scanning result of "Frozen_Throne.exe", received in VirusTotal at 11.10.2006, 07:14:50 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.09.2006 no virus found
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.09.2006 no virus found
BitDefender 7.2 11.10.2006 no virus found
CAT-QuickHeal 8.00 11.09.2006 no virus found
ClamAV devel-20060426 11.10.2006 no virus found
DrWeb 4.33 11.09.2006 no virus found
eTrust-InoculateIT 23.73.51 11.10.2006 no virus found
eTrust-Vet 30.3.3184 11.09.2006 no virus found
Ewido 4.0 11.09.2006 no virus found
Fortinet 2.82.0.0 11.10.2006 suspicious
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.09.2006 no virus found
Ikarus 0.2.65.0 11.09.2006 no virus found
Kaspersky 4.0.2.24 11.10.2006 no virus found
McAfee 4892 11.09.2006 no virus found
Microsoft 1.1609 11.10.2006 no virus found
NOD32v2 1860 11.09.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 11.09.2006 no virus found
Panda 9.0.0.4 11.09.2006 Suspicious file
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.09.2006 no virus found
VBA32 3.11.1 11.09.2006 no virus found
VirusBuster 4.3.15:9 11.09.2006 no virus found


Aditional Information
File size: 393216 bytes
MD5: e86576091ff40c2e2c03704f59fb368f
SHA1: b2ddbbfdbb07e3a35864b6bc919b8aa122a89692
packers: BINARYRES

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.10.2006, 09:34:55 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.10.2006 no virus found
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.09.2006 Downloader.Zlob.DP
BitDefender 7.2 11.10.2006 Trojan.Downloader.Zlob.BM
CAT-QuickHeal 8.00 11.10.2006 no virus found
ClamAV devel-20060426 11.10.2006 no virus found
DrWeb 4.33 11.10.2006 no virus found
eTrust-InoculateIT 23.73.51 11.10.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
Ewido 4.0 11.09.2006 no virus found
Fortinet 2.82.0.0 11.10.2006 suspicious
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.09.2006 no virus found
Ikarus 0.2.65.0 11.09.2006 no virus found
Kaspersky 4.0.2.24 11.10.2006 Trojan-Downloader.Win32.Zlob.avo
McAfee 4892 11.09.2006 no virus found
Microsoft 1.1609 11.10.2006 no virus found
NOD32v2 1860 11.09.2006 no virus found
Norman 5.80.02 11.09.2006 no virus found
Panda 9.0.0.4 11.09.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.09.2006 no virus found
VBA32 3.11.1 11.09.2006 no virus found
VirusBuster 4.3.15:9 11.09.2006 no virus found


Aditional Information
File size: 54142 bytes
MD5: 80cb1cf08d9347df839c2a081af9a52d
SHA1: e40e8ed3fe84eb4fbbe0242618310533fd45b7ee
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

То же, что и в предыдущем скане Al.G-n, но уже свежее.
AntiVir 7.2.0.39 11.10.2006 no virus found
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
[B]AVG 386 11.09.2006 Downloader.Zlob.DP[/B]
BitDefender 7.2 11.10.2006 no virus found
CAT-QuickHeal 8.00 11.10.2006 no virus found
ClamAV devel-20060426 11.10.2006 no virus found
DrWeb 4.33 11.10.2006 no virus found
eTrust-InoculateIT 23.73.51 11.10.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
Ewido 4.0 11.10.2006 no virus found
[B]Fortinet 2.82.0.0 11.10.2006 suspicious[/B]
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.09.2006 no virus found
Ikarus 0.2.65.0 11.09.2006 no virus found
Kaspersky 4.0.2.24 11.10.2006 no virus found
McAfee 4892 11.09.2006 no virus found
Microsoft 1.1609 11.10.2006 no virus found
NOD32v2 1861 11.10.2006 no virus found
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.09.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.09.2006 no virus found
VBA32 3.11.1 11.09.2006 no virus found
VirusBuster 4.3.15:9 11.09.2006 no virus found

из темы [url]http://virusinfo.info/showthread.php?p=83680[/url]
только два антивируса что-то видят:
Fortinet 2.82.0.0 11.11.2006 suspicious
VirusBuster 4.3.15:9 11.10.2006 Trojan.DL.Obfusc.Gen.4

у остальных "no virus found"

Complete scanning result of "bl4ck.com", received in VirusTotal at 11.11.2006, 13:37:36 (CET).

Antivirus Version Update Result
[b]AntiVir 7.2.0.39 11.10.2006 TR/Proxy.Xorpix.AR.3[/b]
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.10.2006 no virus found
BitDefender 7.2 11.11.2006 no virus found
CAT-QuickHeal 8.00 11.10.2006 no virus found
ClamAV devel-20060426 11.11.2006 no virus found
[b]DrWeb 4.33 11.11.2006 Trojan.MulDrop.4482[/b]
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
Ewido 4.0 11.10.2006 no virus found
Fortinet 2.82.0.0 11.11.2006 suspicious
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.10.2006 no virus found
Ikarus 0.2.65.0 11.10.2006 no virus found
Kaspersky 4.0.2.24 11.11.2006 no virus found
McAfee 4893 11.10.2006 no virus found
Microsoft 1.1609 11.11.2006 no virus found
[b]NOD32v2 1862 11.10.2006 a variant of Win32/Agent.OH[/b]
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.10.2006 no virus found
[b]Sophos 4.11.0 11.07.2006 Mal/Packer[/b]
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.10.2006 no virus found
[b]VBA32 3.11.1 11.10.2006 Trojan.MulDrop.4482[/b]
VirusBuster 4.3.15:9 11.10.2006 no virus found


Aditional Information
File size: 18432 bytes
MD5: c1d37d9be679709f8f3dd145293c95b3
SHA1: 1f329dc5c64c29dfbd47d6a850d8d11a69d2ace6


Sat, 11 Nov 2006 16:57:58 +0300 (MSK)

Дроппер Trojan-Proxy.Win32.Xorpix
дропнутый файл уже детектируется. дроппер добавим в очередное обновление баз.

--
Regards, Aleks Gostev
Senior Virus analyst, Kaspersky Lab.
Malware Research and Analysis Group

Complete scanning result of "CGraph_Biz_-_download___1089", received in VirusTotal at 11.11.2006, 13:43:28 (CET).

Antivirus Version Update Result
[b]AntiVir 7.2.0.39 11.10.2006 HEUR/Exploit.HTML[/b]
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
[b]AVG 386 11.10.2006 Exploit[/b]
[b]BitDefender 7.2 11.11.2006 Generic.XPL.IESpoof.08380557[/b]
CAT-QuickHeal 8.00 11.10.2006 no virus found
[b]ClamAV devel-20060426 11.11.2006 Exploit.MS05-013[/b]
DrWeb 4.33 11.11.2006 no virus found
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
Ewido 4.0 11.10.2006 no virus found
Fortinet 2.82.0.0 11.11.2006 no virus found
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.10.2006 no virus found
Ikarus 0.2.65.0 11.10.2006 no virus found
Kaspersky 4.0.2.24 11.11.2006 no virus found
[b]McAfee 4893 11.10.2006 Exploit-IEPageSpoof[/b]
Microsoft 1.1609 11.11.2006 no virus found
NOD32v2 1862 11.10.2006 no virus found
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.10.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.10.2006 no virus found
VBA32 3.11.1 11.10.2006 no virus found
VirusBuster 4.3.15:9 11.10.2006 no virus found


Aditional Information
File size: 93223 bytes
MD5: 1da989e54688068c461dd81cdc2d2f17
SHA1: d77e011e3810a921146ef489380c7b6d01487bff

Complete scanning result of "info.html", received in VirusTotal at 11.11.2006, 14:56:42 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.10.2006 no virus found
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.10.2006 no virus found
BitDefender 7.2 11.11.2006 no virus found
CAT-QuickHeal 8.00 11.10.2006 no virus found
ClamAV devel-20060426 11.11.2006 no virus found
DrWeb 4.33 11.11.2006 no virus found
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
[b]eTrust-Vet 30.3.3186 11.10.2006 JS/SillyDlScript.CB[/b]
Ewido 4.0 11.11.2006 no virus found
Fortinet 2.82.0.0 11.11.2006 no virus found
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.10.2006 no virus found
Ikarus 0.2.65.0 11.10.2006 no virus found
Kaspersky 4.0.2.24 11.11.2006 no virus found
McAfee 4893 11.10.2006 no virus found
Microsoft 1.1609 11.11.2006 no virus found
NOD32v2 1862 11.10.2006 no virus found
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.10.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
[b]UNA 1.83 11.10.2006 TrojanDropper.VBS.Inor[/b]
VBA32 3.11.1 11.10.2006 no virus found
VirusBuster 4.3.15:9 11.10.2006 no virus found


Aditional Information
File size: 11291 bytes
MD5: aea0b475bccbb88d62da623c581e9ef4
SHA1: a1dc9e9fe17b610b9e68657ca06d53cb210152bd

Complete scanning result of "index.htm", received in VirusTotal at 11.11.2006, 15:11:09 (CET).

Antivirus Version Update Result
[b]AntiVir 7.2.0.39 11.10.2006 HEUR/Exploit.HTML[/b]
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
[b]AVG 386 11.10.2006 Exploit[/b]
[b]BitDefender 7.2 11.11.2006 Generic.XPL.IESpoof.37AD8470[/b]
CAT-QuickHeal 8.00 11.10.2006 no virus found
[b]ClamAV devel-20060426 11.11.2006 Exploit.MS05-013[/b]
DrWeb 4.33 11.11.2006 no virus found
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
[b]Ewido 4.0 11.11.2006 Downloader.Agent.ab[/b]
Fortinet 2.82.0.0 11.11.2006 no virus found
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.10.2006 no virus found
Ikarus 0.2.65.0 11.10.2006 no virus found
Kaspersky 4.0.2.24 11.11.2006 no virus found
[b]McAfee 4893 11.10.2006 Exploit-IEPageSpoof[/b]
Microsoft 1.1609 11.11.2006 no virus found
NOD32v2 1862 11.10.2006 no virus found
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.11.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.10.2006 no virus found
VBA32 3.11.1 11.10.2006 no virus found
VirusBuster 4.3.15:9 11.11.2006 no virus found


Aditional Information
File size: 35623 bytes
MD5: 6b0f43db6a6274e9a406686cc3de20ab
SHA1: 1062ba0dab7a137b243921d7ed2f3c7ffb1dc707

Complete scanning result of "index.php", received in VirusTotal at 11.11.2006, 15:22:00 (CET).

Antivirus Version Update Result
[b]AntiVir 7.2.0.39 11.10.2006 EXP/VML-Fill.A[/b]
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.10.2006 no virus found
BitDefender 7.2 11.11.2006 no virus found
CAT-QuickHeal 8.00 11.10.2006 no virus found
ClamAV devel-20060426 11.11.2006 no virus found
[b]DrWeb 4.33 11.11.2006 VBS.Psyme.262[/b]
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
Ewido 4.0 11.11.2006 no virus found
[b]Fortinet 2.82.0.0 11.11.2006 JS/WebAttacker!exploit[/b]
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.10.2006 no virus found
[b]Ikarus 0.2.65.0 11.10.2006 Exploit.HTML.Agent.c[/b]
[b]Kaspersky 4.0.2.24 11.11.2006 Exploit.HTML.Agent.c[/b]
[b]McAfee 4893 11.10.2006 JS/Downloader-AUD[/b]
Microsoft 1.1609 11.11.2006 no virus found
NOD32v2 1862 11.10.2006 no virus found
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.11.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.116 11.09.2006 no virus found
UNA 1.83 11.10.2006 no virus found
VBA32 3.11.1 11.10.2006 no virus found
VirusBuster 4.3.15:9 11.11.2006 no virus found


Aditional Information
File size: 18985 bytes
MD5: 771dd3eac00aaf7f25c2e721a6fc62d3
SHA1: d01a202541c133cd5925ef0c1219235824f8f04d

Complete scanning result of "output.exe", received in VirusTotal at 11.12.2006, 06:42:16 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.39 11.10.2006 no virus found
Authentium 4.93.8 11.10.2006 no virus found
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.11.2006 no virus found
BitDefender 7.2 11.12.2006 no virus found
CAT-QuickHeal 8.00 11.11.2006 no virus found
[B]ClamAV devel-20060426 11.11.2006 Trojan.Delf-293[/B]
DrWeb 4.33 11.11.2006 no virus found
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 no virus found
Ewido 4.0 11.11.2006 no virus found
Fortinet 2.82.0.0 11.12.2006 no virus found
F-Prot 3.16f 11.10.2006 no virus found
F-Prot4 4.2.1.29 11.10.2006 no virus found
Ikarus 0.2.65.0 11.10.2006 no virus found
Kaspersky 4.0.2.24 11.12.2006 no virus found
McAfee 4893 11.10.2006 no virus found
Microsoft 1.1609 11.12.2006 no virus found
[B]NOD32v2 1862 11.10.2006 a variant of Win32/TrojanDropper.Agent.ATA[/B]
Norman 5.80.02 11.10.2006 no virus found
Panda 9.0.0.4 11.11.2006 no virus found
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.117 11.12.2006 no virus found
UNA 1.83 11.10.2006 no virus found
VBA32 3.11.1 11.10.2006 no virus found
VirusBuster 4.3.15:9 11.11.2006 no virus found

Aditional Information
File size: 37376 bytes
MD5: 0aa668c2356abaa8c79e32726275034e
SHA1: d503d7f79197a3ea39111cb466e71eddba0f257e

из темы [url]http://virusinfo.info/showthread.php?t=6730[/url] :

Antivirus Version Update Result
AntiVir 7.2.0.39 11.12.2006 TR/Crypt.F.Gen
DrWeb 4.33 11.12.2006 Trojan.Spambot
Fortinet 2.82.0.0 11.12.2006 suspicious
Norman 5.80.02 11.10.2006 W32/W.C

Aditional Information
File size: 16324 bytes
MD5: 6e98cbf7f1aadf9415647589e3576db0
SHA1: 56a0b8eefeb70b33451287bf319451019f801391

у остальных антивирусов "no virus found".

кстати говоря, TR/Crypt.F.Gen это тоже "незачот", потому что так ругаются на все файлы, упакованные UPX 2.90

Complete scanning result of "_103_d0d70e9d2e", received in VirusTotal at 11.12.2006, 21:23:33 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.12.2006 TR/Crypt.F.Gen
Authentium 4.93.8 11.10.2006 W32/Tagen.A
Avast 4.7.892.0 11.09.2006 no virus found
AVG 386 11.11.2006 Downloader.Tibs
BitDefender 7.2 11.12.2006 no virus found
CAT-QuickHeal 8.00 11.11.2006 no virus found
ClamAV devel-20060426 11.11.2006 W32.Dref
DrWeb 4.33 11.12.2006 Win32.Dref
eTrust-InoculateIT 23.73.52 11.11.2006 no virus found
eTrust-Vet 30.3.3186 11.10.2006 Win32/Sinteri
Ewido 4.0 11.12.2006 no virus found
Fortinet 2.82.0.0 11.12.2006 suspicious
F-Prot 3.16f 11.10.2006 W32/Tagen.A
F-Prot4 4.2.1.29 11.10.2006 W32/Tagen.A
Ikarus 0.2.65.0 11.10.2006 no virus found
Kaspersky 4.0.2.24 11.12.2006 no virus found
McAfee 4893 11.10.2006 no virus found
Microsoft 1.1609 11.12.2006 Win32/Vxidl.gen!encrypted
NOD32v2 1862 11.10.2006 Win32/Nuwar.gen
Norman 5.80.02 11.10.2006 W32/Nuwar.gen1
Panda 9.0.0.4 11.12.2006 Suspicious file
Sophos 4.11.0 11.07.2006 no virus found
TheHacker 6.0.1.117 11.12.2006 no virus found
UNA 1.83 11.10.2006 no virus found
VBA32 3.11.1 11.10.2006 suspected of Worm.Nuwar.1 (paranoid heuristics)
VirusBuster 4.3.15:9 11.12.2006 Cryptor.Xorpack.A


Aditional Information
File size: 60489 bytes
MD5: 263385f9cbe99a5bcebf084cbd3e4171
SHA1: 2dc80259634f957798b55fad83223497d6516560

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.13.2006, 08:08:06 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.12.2006 Worm/Rbot.148480.13
Authentium 4.93.8 11.10.2006 W32/Sdbot.TAV
Avast 4.7.892.0 11.13.2006 Win32:Rbot-CDY
AVG 386 11.12.2006 IRC/BackDoor.SdBot2.CXL
BitDefender 7.2 11.13.2006 Backdoor.RBot.EPB
CAT-QuickHeal 8.00 11.11.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.12.2006 Trojan.Mybot-7408
DrWeb 4.33 11.13.2006 Win32.HLLW.MyBot.based
eTrust-InoculateIT 23.73.53 11.13.2006 no virus found
eTrust-Vet 30.3.3190 11.13.2006 no virus found
Ewido 4.0 11.12.2006 Backdoor.Rbot
Fortinet 2.82.0.0 11.13.2006 W32/RBot!tr.bdr
F-Prot 3.16f 11.10.2006 security risk named W32/Sdbot.TAV
F-Prot4 4.2.1.29 11.10.2006 W32/Sdbot.TAV
Ikarus 0.2.65.0 11.13.2006 no virus found
Kaspersky 4.0.2.24 11.13.2006 Backdoor.Win32.Rbot.gen
McAfee 4893 11.10.2006 W32/Sdbot.worm.gen.l
Microsoft 1.1609 11.13.2006 Backdoor:Win32/Rbot!9688
NOD32v2 1862 11.10.2006 Win32/Rbot
Norman 5.80.02 11.10.2006 W32/Spybot.APBX
Panda 9.0.0.4 11.12.2006 W32/Sdbot.HKC.worm
Sophos 4.11.0 11.07.2006 W32/Rbot-EEO
TheHacker 6.0.1.117 11.12.2006 Backdoor/Rbot.gen
UNA 1.83 11.10.2006 Backdoor.RBot.75AC
VBA32 3.11.1 11.13.2006 Backdoor.Win32.Rbot.gen
VirusBuster 4.3.15:9 11.12.2006 Worm.Rbot.FCV


Aditional Information
File size: 148480 bytes
MD5: 88961b3de28f88474d4f2bfeb9273bc8
SHA1: 35d94564bfb419b1d6223fe50689a76a5130c766
packers: PELOCK

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.14.2006, 07:46:51 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.13.2006 no virus found
Authentium 4.93.8 11.14.2006 no virus found
Avast 4.7.892.0 11.13.2006 no virus found
AVG 386 11.13.2006 Downloader.Zlob.DP
BitDefender 7.2 11.14.2006 Trojan.Downloader.Zlob.AZ
CAT-QuickHeal 8.00 11.13.2006 no virus found
ClamAV devel-20060426 11.13.2006 no virus found
DrWeb 4.33 11.13.2006 Trojan.Popuper
eTrust-InoculateIT 23.73.54 11.14.2006 no virus found
eTrust-Vet 30.3.3192 11.14.2006 no virus found
Ewido 4.0 11.13.2006 no virus found
Fortinet 2.82.0.0 11.14.2006 suspicious
F-Prot 3.16f 11.14.2006 no virus found
F-Prot4 4.2.1.29 11.14.2006 no virus found
Ikarus 0.2.65.0 11.13.2006 no virus found
Kaspersky 4.0.2.24 11.14.2006 no virus found
[B]McAfee 4894 11.13.2006 no virus found [/B]
Microsoft 1.1609 11.14.2006 TrojanDownloader:Win32/Zlob!E16C
[B]NOD32v2 1864 11.13.2006 no virus found [/B]
Norman 5.80.02 11.13.2006 W32/ZlobNS.gen15
[B]Panda 9.0.0.4 11.13.2006 no virus found [/B]
Sophos 4.11.0 11.13.2006 no virus found
TheHacker 6.0.1.117 11.12.2006 no virus found
UNA 1.83 11.13.2006 no virus found
VBA32 3.11.1 11.13.2006 no virus found
VirusBuster 4.3.15:9 11.13.2006 no virus found


Aditional Information
File size: 53952 bytes
MD5: f4a38690c68f913ac16711d4fad40143
SHA1: 07b2f8671f081e360ee5d46e8ef2d6103f4e4046
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.14.2006, 13:18:01 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.14.2006 no virus found
Authentium 4.93.8 11.14.2006 no virus found
Avast 4.7.892.0 11.13.2006 no virus found
AVG 386 11.13.2006 Downloader.Zlob.DP
BitDefender 7.2 11.14.2006 no virus found
CAT-QuickHeal 8.00 11.13.2006 no virus found
ClamAV devel-20060426 11.14.2006 no virus found
DrWeb 4.33 11.14.2006 no virus found
eTrust-InoculateIT 23.73.54 11.14.2006 no virus found
eTrust-Vet 30.3.3192 11.14.2006 no virus found
Ewido 4.0 11.13.2006 no virus found
Fortinet 2.82.0.0 11.14.2006 suspicious
F-Prot 3.16f 11.14.2006 no virus found
F-Prot4 4.2.1.29 11.14.2006 no virus found
Ikarus 0.2.65.0 11.13.2006 no virus found
Kaspersky 4.0.2.24 11.14.2006 no virus found
McAfee 4894 11.13.2006 no virus found
Microsoft 1.1609 11.14.2006 no virus found
NOD32v2 1864 11.13.2006 no virus found
Norman 5.80.02 11.13.2006 W32/ZlobNS.gen15
Panda 9.0.0.4 11.13.2006 no virus found
Sophos 4.11.0 11.13.2006 no virus found
TheHacker 6.0.1.118 11.14.2006 no virus found
UNA 1.83 11.13.2006 no virus found
VBA32 3.11.1 11.13.2006 no virus found
VirusBuster 4.3.15:9 11.13.2006 no virus found


Aditional Information
File size: 54404 bytes
MD5: 64e28183471b0866f84b970f21150825
SHA1: defa6f53ce8f1c8415d3022b9f2fd1bb6f7b0648
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX
Берем здесь хттп://www.qualitycodec.com/index.php
2-раза в день обновлялось раньше

STATUS: FINISHEDComplete scanning result of "avz00003.dta", received in VirusTotal at 11.14.2006, 14:02:58 (CET).

Antivirus Version Update Result
[B]AntiVir 7.2.0.39 11.14.2006 HEUR/Malware[/B]
Authentium 4.93.8 11.14.2006 no virus found
Avast 4.7.892.0 11.13.2006 no virus found
AVG 386 11.13.2006 no virus found
BitDefender 7.2 11.14.2006 no virus found
CAT-QuickHeal 8.00 11.14.2006 no virus found
ClamAV devel-20060426 11.14.2006 no virus found
DrWeb 4.33 11.14.2006 no virus found
eTrust-InoculateIT 23.73.54 11.14.2006 no virus found
[B]eTrust-Vet 30.3.3192 11.14.2006 Win32/Goesna[/B]
Ewido 4.0 11.13.2006 no virus found
[B]Fortinet 2.82.0.0 11.14.2006 suspicious[/B]
F-Prot 3.16f 11.14.2006 no virus found
F-Prot4 4.2.1.29 11.14.2006 no virus found
Ikarus 0.2.65.0 11.13.2006 no virus found
Kaspersky 4.0.2.24 11.14.2006 no virus found
[B]McAfee 4894 11.13.2006 IEPatch [/B]
Microsoft 1.1609 11.14.2006 no virus found
NOD32v2 1864 11.13.2006 no virus found
Norman 5.80.02 11.14.2006 no virus found
Panda 9.0.0.4 11.13.2006 no virus found
Sophos 4.11.0 11.13.2006 no virus found
TheHacker 6.0.1.118 11.14.2006 no virus found
UNA 1.83 11.13.2006 no virus found
VBA32 3.11.1 11.13.2006 no virus found
VirusBuster 4.3.15:9 11.13.2006 no virus found

Aditional Information
File size: 93184 bytes
MD5: 8125c37f63328e6ff0cde293f71bfc41

[B]AntiVir 7.2.0.39 11.14.2006 TR/Crypt.F.Gen[/B]
Authentium 4.93.8 11.14.2006 no virus found
Avast 4.7.892.0 11.13.2006 no virus found
[B]AVG 386 11.13.2006 Win32/PEPatch [/B]
BitDefender 7.2 11.14.2006 no virus found
CAT-QuickHeal 8.00 11.14.2006 no virus found
ClamAV devel-20060426 11.14.2006 no virus found
[B]DrWeb 4.33 11.14.2006 Trojan.Spambot [/B]
eTrust-InoculateIT 23.73.54 11.14.2006 no virus found
eTrust-Vet 30.3.3192 11.14.2006 no virus found
Ewido 4.0 11.13.2006 no virus found
[B]Fortinet 2.82.0.0 11.14.2006 suspicious [/B]
F-Prot 3.16f 11.14.2006 no virus found
F-Prot4 4.2.1.29 11.14.2006 no virus found
Ikarus 0.2.65.0 11.13.2006 no virus found
Kaspersky 4.0.2.24 11.14.2006 no virus found
McAfee 4894 11.13.2006 no virus found
Microsoft 1.1609 11.14.2006 no virus found
NOD32v2 1864 11.13.2006 no virus found
[B]Norman 5.80.02 11.14.2006 W32/Nuwar.gen3[/B]
Panda 9.0.0.4 11.13.2006 no virus found
Sophos 4.11.0 11.13.2006 no virus found
TheHacker 6.0.1.118 11.14.2006 no virus found
UNA 1.83 11.13.2006 no virus found
VBA32 3.11.1 11.13.2006 no virus found
[B]VirusBuster 4.3.15:9 11.13.2006 Cryptor.Xorpack.C [/B]


Aditional Information
File size: 29022 bytes
MD5: f31c9a75ba9a57e24cf689d43e5ce386
SHA1: 6afe97e7a78bff7ef9f111a964a240932566de1a

STATUS: FINISHEDComplete scanning result of "avz00005.dta", received in VirusTotal at 11.14.2006, 14:11:56 (CET).

Antivirus Version Update Result
[B]AntiVir 7.2.0.39 11.14.2006 TR/Crypt.F.Gen [/B]
Authentium 4.93.8 11.14.2006 no virus found
Avast 4.7.892.0 11.13.2006 no virus found
[B]AVG 386 11.13.2006 Win32/PEPatch[/B]
BitDefender 7.2 11.14.2006 no virus found
CAT-QuickHeal 8.00 11.14.2006 no virus found
ClamAV devel-20060426 11.14.2006 no virus found
[B]DrWeb 4.33 11.14.2006 Trojan.Spambot[/B]
eTrust-InoculateIT 23.73.54 11.14.2006 no virus found
[B]eTrust-Vet 30.3.3192 11.14.2006 Win32/Sinteri!generic[/B]
Ewido 4.0 11.13.2006 no virus found
[B]Fortinet 2.82.0.0 11.14.2006 suspicious [/B]
F-Prot 3.16f 11.14.2006 no virus found
F-Prot4 4.2.1.29 11.14.2006 no virus found
Ikarus 0.2.65.0 11.13.2006 no virus found
Kaspersky 4.0.2.24 11.14.2006 no virus found
McAfee 4894 11.13.2006 no virus found
[B]Microsoft 1.1609 11.14.2006 Win32/Vxidl.gen!encrypted [/B]
[B]NOD32v2 1864 11.13.2006 probably a variant of Win32/Nuwar[/B]
[B]Norman 5.80.02 11.14.2006 W32/Nuwar.gen3 [/B]
Panda 9.0.0.4 11.13.2006 no virus found
Sophos 4.11.0 11.13.2006 no virus found
TheHacker 6.0.1.118 11.14.2006 no virus found
UNA 1.83 11.13.2006 no virus found
VBA32 3.11.1 11.13.2006 no virus found
[B]VirusBuster 4.3.15:9 11.13.2006 Cryptor.Xorpack.C [/B]


Aditional Information
File size: 54110 bytes
MD5: 190a1fa67d27925059c8046d5ab2b42c
SHA1: b8e4859b979d35fc76f91b1b9ac3799dad26ae9d

STATUS: FINISHEDComplete scanning result of "mobile.exe", received in VirusTotal at 11.15.2006, 18:20:02 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.15.2006 HEUR/Malware
Authentium 4.93.8 11.14.2006 no virus found
Avast 4.7.892.0 11.15.2006 no virus found
AVG 386 11.15.2006 no virus found
BitDefender 7.2 11.15.2006 BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal 8.00 11.15.2006 TrojanDownloader.Delf.awg
ClamAV devel-20060426 11.15.2006 no virus found
DrWeb 4.33 11.15.2006 Trojan.DownLoader.14869
eTrust-InoculateIT 23.73.56 11.15.2006 no virus found
eTrust-Vet 30.3.3194 11.15.2006 Win32/Areses.AG
Ewido 4.0 11.15.2006 no virus found
Fortinet 2.82.0.0 11.15.2006 suspicious
F-Prot 3.16f 11.15.2006 no virus found
F-Prot4 4.2.1.29 11.14.2006 no virus found
Ikarus 0.2.65.0 11.15.2006 Packer.byDwing
Kaspersky 4.0.2.24 11.15.2006 no virus found
McAfee 4895 11.14.2006 Downloader-AWA
Microsoft 1.1609 11.15.2006 no virus found
NOD32v2 1867 11.15.2006 a variant of Win32/TrojanDownloader.Delf.AJD
Norman 5.80.02 11.15.2006 W32/DLoader.AYFV
Panda 9.0.0.4 11.14.2006 Trj/Xorpix.S
Prevx1 V2 11.15.2006 no virus found
Sophos 4.11.0 11.15.2006 Mal/Packer
TheHacker 6.0.1.119 11.15.2006 no virus found
UNA 1.83 11.14.2006 no virus found
VBA32 3.11.1 11.15.2006 no virus found
VirusBuster 4.3.15:9 11.15.2006 no virus found


Aditional Information
File size: 10739

Всплывающее жлобство прцветает :)

Complete scanning result of "perfectcodec.589.exe", received in VirusTotal at 11.16.2006, 18:28:15 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.16.2006 no virus found
Authentium 4.93.8 11.16.2006 no virus found
Avast 4.7.892.0 11.15.2006 no virus found
AVG 386 11.16.2006 no virus found
BitDefender 7.2 11.16.2006 no virus found
CAT-QuickHeal 8.00 11.16.2006 no virus found
ClamAV devel-20060426 11.16.2006 no virus found
DrWeb 4.33 11.16.2006 Trojan.Popuper
eTrust-InoculateIT 23.73.57 11.16.2006 no virus found
eTrust-Vet 30.3.3195 11.16.2006 no virus found
Ewido 4.0 11.16.2006 no virus found
Fortinet 2.82.0.0 11.16.2006 suspicious
F-Prot 3.16f 11.16.2006 no virus found
F-Prot4 4.2.1.29 11.16.2006 no virus found
Ikarus 0.2.65.0 11.16.2006 no virus found
Kaspersky 4.0.2.24 11.16.2006 Trojan-Downloader.Win32.Zlob.axj
McAfee 4897 11.16.2006 no virus found
Microsoft 1.1609 11.16.2006 no virus found
NOD32v2 1868 11.15.2006 no virus found
Norman 5.80.02 11.16.2006 no virus found
Panda 9.0.0.4 11.16.2006 no virus found
Prevx1 V2 11.16.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.1.119 11.15.2006 no virus found
UNA 1.83 11.15.2006 no virus found
VBA32 3.11.1 11.16.2006 no virus found
VirusBuster 4.3.15:9 11.16.2006 no virus found

Aditional Information
File size: 55209 bytes
MD5: 8c565cb1bf137197fc346e2102de3f5b
SHA1: 205ddb439f07822123278521dc98281a3fae978e
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

Из [url]http://virusinfo.info/showthread.php?t=6792[/url]
Antivirus Version Update Result
AntiVir 7.2.0.39 11.16.2006 no virus found
Authentium 4.93.8 11.16.2006 no virus found
Avast 4.7.892.0 11.15.2006 Win32:Renos-U
AVG 386 11.16.2006 no virus found
BitDefender 7.2 11.16.2006 no virus found
CAT-QuickHeal 8.00 11.16.2006 no virus found
ClamAV devel-20060426 11.16.2006 no virus found
DrWeb 4.33 11.16.2006 BACKDOOR.Trojan
eTrust-InoculateIT 23.73.57 11.16.2006 no virus found
eTrust-Vet 30.3.3195 11.16.2006 no virus found
Ewido 4.0 11.16.2006 no virus found
Fortinet 2.82.0.0 11.16.2006 no virus found
F-Prot 3.16f 11.16.2006 no virus found
F-Prot4 4.2.1.29 11.16.2006 no virus found
Ikarus 0.2.65.0 11.16.2006 no virus found
Kaspersky 4.0.2.24 11.16.2006 no virus found
McAfee 4897 11.16.2006 no virus found
Microsoft 1.1609 11.16.2006 no virus found
NOD32v2 1868 11.15.2006 no virus found
Norman 5.80.02 11.16.2006 no virus found
Panda 9.0.0.4 11.16.2006 Adware/Adservice
Prevx1 V2 11.16.2006 Polynomial.Code.Exploit
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.120 11.16.2006 no virus found
UNA 1.83 11.16.2006 no virus found
VBA32 3.11.1 11.16.2006 no virus found
VirusBuster 4.3.15:9 11.16.2006 no virus found

File size: 59392 bytes
MD5: 6d163f82aefb0ca40cc8162ff13e32c8
SHA1: c9de6b6f56b6d86653e3b66a4787b168972283cd
packers: PECompact
packers: PECOMPACT
packers: PecBundle, PECompact

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.17.2006, 08:54:28 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.17.2006 HEUR/Crypted
Authentium 4.93.8 11.17.2006 could be a corrupted executable file
Avast 4.7.892.0 11.15.2006 no virus found
AVG 386 11.16.2006 no virus found
BitDefender 7.2 11.17.2006 no virus found
CAT-QuickHeal 8.00 11.16.2006 no virus found
ClamAV devel-20060426 11.16.2006 no virus found
DrWeb 4.33 11.16.2006 no virus found
eTrust-InoculateIT 23.73.58 11.17.2006 no virus found
eTrust-Vet 30.3.3197 11.17.2006 no virus found
Ewido 4.0 11.16.2006 no virus found
Fortinet 2.82.0.0 11.17.2006 suspicious
F-Prot 3.16f 11.16.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.16.2006 no virus found
Kaspersky 4.0.2.24 11.17.2006 no virus found
McAfee 4897 11.16.2006 no virus found
Microsoft 1.1609 11.17.2006 no virus found
NOD32v2 1869 11.16.2006 no virus found
Norman 5.80.02 11.16.2006 no virus found
Panda 9.0.0.4 11.16.2006 no virus found
Prevx1 V2 11.17.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.120 11.17.2006 no virus found
UNA 1.83 11.16.2006 no virus found
VBA32 3.11.1 11.16.2006 no virus found
VirusBuster 4.3.15:9 11.16.2006 no virus found


Aditional Information
File size: 52326 bytes
MD5: a1c101b839a837a310dc2d3720a0e9b7
SHA1: f896f4bc24595442b960eef91ec86bedfd97636d


STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.19.2006, 11:27:03 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.17.2006 HEUR/Crypted
Authentium 4.93.8 11.17.2006 could be a corrupted executable file
Avast 4.7.892.0 11.18.2006 no virus found
AVG 386 11.18.2006 no virus found
BitDefender 7.2 11.19.2006 no virus found
CAT-QuickHeal 8.00 11.18.2006 no virus found
ClamAV devel-20060426 11.18.2006 no virus found
DrWeb 4.33 11.18.2006 Trojan.PWS.Wmsender
eSafe 7.0.14.0 11.19.2006 no virus found
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3197 11.17.2006 no virus found
Ewido 4.0 11.18.2006 no virus found
Fortinet 2.82.0.0 11.19.2006 suspicious
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.17.2006 no virus found
Kaspersky 4.0.2.24 11.19.2006 no virus found
McAfee 4899 11.18.2006 no virus found
Microsoft 1.1609 11.19.2006 no virus found
NOD32v2 1870 11.17.2006 no virus found
Norman 5.80.02 11.17.2006 no virus found
Panda 9.0.0.4 11.18.2006 no virus found
Prevx1 V2 11.19.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.17.2006 no virus found
VBA32 3.11.1 11.19.2006 Trojan.PWS.Wmsender
VirusBuster 4.3.15:9 11.18.2006 no virus found


Aditional Information
File size: 52326 bytes
MD5: a1c101b839a837a310dc2d3720a0e9b7
SHA1: f896f4bc24595442b960eef91ec86bedfd97636d

Только что, пришла ссылка на зараженный файл через ICQ-спам :
Complete scanning result of "[b]SexcBertkovoi.exe[/b]", received in VirusTotal at 11.18.2006, 13:07:19 (CET).

[i]Antivirus Version Update Result[/i]
AntiVir 7.2.0.39 11.17.2006 HEUR/Crypted
Authentium 4.93.8 11.17.2006 could be a corrupted executable file
[COLOR="#ff0000"]Avast 4.7.892.0 11.15.2006 no virus found
AVG 386 11.17.2006 no virus found
BitDefender 7.2 11.18.2006 no virus found
CAT-QuickHeal 8.00 11.17.2006 no virus found
ClamAV devel-20060426 11.18.2006 no virus found[/COLOR]
DrWeb 4.33 11.18.2006 Trojan.PWS.Wmsender
[COLOR="#ff0000"]eSafe 7.0.14.0 11.16.2006 no virus found
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3197 11.17.2006 no virus found
Ewido 4.0 11.17.2006 no virus found[/COLOR]
Fortinet 2.82.0.0 11.18.2006 suspicious
[COLOR="#ff0000"]F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.17.2006 no virus found
Kaspersky 4.0.2.24 11.18.2006 no virus found
McAfee 4899 11.18.2006 no virus found
Microsoft 1.1609 11.18.2006 no virus found
NOD32v2 1870 11.17.2006 no virus found
Norman 5.80.02 11.17.2006 no virus found
Panda 9.0.0.4 11.17.2006 no virus found
Prevx1 V2 11.18.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.17.2006 no virus found
VBA32 3.11.1 11.17.2006 no virus found
VirusBuster 4.3.15:9 11.17.2006 no virus found [/COLOR]

Aditional Information
File size: 52326 bytes
MD5: a1c101b839a837a310dc2d3720a0e9b7
SHA1: f896f4bc24595442b960eef91ec86bedfd97636d

Complete scanning result of "doser.exe", received in VirusTotal at 11.18.2006, 17:22:50 (CET).


Antivirus Version Update Result

[B]AntiVir 7.2.0.39 11.17.2006 HEUR/Crypted[/B]
Authentium 4.93.8 11.17.2006 could be a corrupted executable file
Avast 4.7.892.0 11.15.2006 no virus found
AVG 386 11.17.2006 no virus found
BitDefender 7.2 11.18.2006 no virus found
CAT-QuickHeal 8.00 11.18.2006 no virus found
ClamAV devel-20060426 11.18.2006 no virus found
DrWeb 4.33 11.18.2006 no virus found
[B]eSafe 7.0.14.0 11.16.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3197 11.17.2006 no virus found
Ewido 4.0 11.18.2006 no virus found
Fortinet 2.82.0.0 11.18.2006 suspicious
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.17.2006 no virus found
[B]Kaspersky 4.0.2.24 11.18.2006 Trojan-PSW.Win32.LdPinch.bad[/B]
McAfee 4899 11.18.2006 no virus found
Microsoft 1.1609 11.18.2006 no virus found
NOD32v2 1870 11.17.2006 no virus found
Norman 5.80.02 11.17.2006 no virus found
[B]Panda 9.0.0.4 11.18.2006 Suspicious file[/B]
Prevx1 V2 11.18.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.17.2006 no virus found
VBA32 3.11.1 11.17.2006 no virus found
VirusBuster 4.3.15:9 11.18.2006 no virus found

Aditional Information
File size: 14894 bytes
MD5: b7ba61bb48c021e6ede7595a94cda912
SHA1: e971563c00daebc13e16d8b304b582aba711bab3
packers: UPX

Complete scanning result of "__1092", received in VirusTotal at 11.19.2006, 13:11:11 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.17.2006 no virus found
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.18.2006 no virus found
AVG 386 11.18.2006 no virus found
BitDefender 7.2 11.19.2006 Adware.Wildtangent.B
CAT-QuickHeal 8.00 11.18.2006 no virus found
ClamAV devel-20060426 11.18.2006 no virus found
DrWeb 4.33 11.19.2006 no virus found
eSafe 7.0.14.0 11.19.2006 no virus found
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3197 11.17.2006 no virus found
Ewido 4.0 11.18.2006 no virus found
Fortinet 2.82.0.0 11.19.2006 no virus found
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.17.2006 no virus found
Kaspersky 4.0.2.24 11.19.2006 no virus found
McAfee 4899 11.18.2006 no virus found
Microsoft 1.1609 11.19.2006 no virus found
NOD32v2 1870 11.17.2006 no virus found
Norman 5.80.02 11.17.2006 W32/WildTangent.B
Panda 9.0.0.4 11.18.2006 no virus found
Prevx1 V2 11.19.2006 AdWare.WildTangent.b
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 Adware/WildTangent.b
UNA 1.83 11.17.2006 Adware.WildTangent.3896
VBA32 3.11.1 11.19.2006 no virus found
VirusBuster 4.3.15:9 11.18.2006 no virus found


Aditional Information
File size: 36864 bytes
MD5: 41a3d940798bdaf5d05208ee0006672b
SHA1: d8fc82499651dcb2fc5c12bf9ec94afe431650b0

Complete scanning result of "sex.exe", received in VirusTotal at 11.20.2006, 17:59:15 (CET).


Antivirus Version Update Result

[B]AntiVir 7.2.0.39 11.20.2006 HEUR/Crypted
Authentium 4.93.8 11.17.2006 W32/Warezov.gen4[/B]
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
[B]BitDefender 7.2 11.20.2006 DeepScan:Generic.Malware.FYd!lg.610B4ED7[/B]
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 no virus found
[B]eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
[B]Fortinet 2.82.0.0 11.20.2006 suspicious[/B]
[B]F-Prot 3.16f 11.17.2006 W32/Warezov.gen4
F-Prot4 4.2.1.29 11.17.2006 W32/Warezov.gen4[/B]
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
[B]Microsoft 1.1609 11.20.2006 Win32/Ldpinch[/B]
NOD32v2 1873 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 no virus found
[B]Panda 9.0.0.4 11.20.2006 Suspicious file[/B]
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.17.2006 no virus found
[B]VBA32 3.11.1 11.20.2006 MalwareScope.Trojan-PSW.LdPinch.1[/B]
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 24064 bytes
MD5: ab72575342931915ce244f68ba72633d
SHA1: 43194ec5528e6f5f530cbee6b6b5c1e2e3489559
packers: UPX
packers: UPX
packers: UPX
packers: UPX

ITW, изловлен моим автоматическим анализатором сегодня.
AntiVir 7.2.0.39 11.20.2006 TR/Spy.Goldun.NA
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 Trojan.Spy.Goldun.NA
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 Trojan.PWS.GoldSpy
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 Logger.Goldun.hp
Fortinet 2.82.0.0 11.20.2006 suspicious
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 probably a variant of Win32/Spy.Goldun.HP
Norman 5.80.02 11.20.2006 Suspicious_F.gen
Panda 9.0.0.4 11.20.2006 Trj/Goldun.MN
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 suspected of Embedded.Trojan.PWS.GoldSpy
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 29559 bytes
MD5: 4698f8bd9ed2aae437ed66f8598b2261
SHA1: d76968f8d9e9a8a9b8d24149e5001add86f39cc8
packers: FSG, PECRYPT

ITW, изловлен моим автоматическим анализатором сегодня

AntiVir 7.2.0.39 11.20.2006 TR/Agent.8827
Authentium 4.93.8 11.17.2006 W32/Dropper.gen1
Avast 4.7.892.0 11.20.2006 Win32:Haxdoor-HC
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 Generic.Malware.SFYdld.FE2794A3
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.20.2006 Trojan.Rootkit-6
DrWeb 4.33 11.20.2006 no virus found
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 Win32/ProcHide!generic
Ewido 4.0 11.20.2006 Logger.Goldun.gu
Fortinet 2.82.0.0 11.20.2006 Haxdor.X!tr
F-Prot 3.16f 11.17.2006 W32/Dropper.gen1
F-Prot4 4.2.1.29 11.17.2006 W32/Dropper.gen1
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 Trojan:Win32/HideDrv.gen!sys
NOD32v2 1873 11.20.2006 a variant of Win32/Spy.Goldun.GU
Norman 5.80.02 11.20.2006 Suspicious_F.gen
Panda 9.0.0.4 11.20.2006 Bck/Haxdoor.NQ
Prevx1 V2 11.20.2006 Covert.Code
Sophos 4.11.0 11.16.2006 Troj/Haxdor-Fam
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 suspected of Embedded.Backdoor.Win32.Haxdoor.kx
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 8827 bytes
MD5: 95281eb0779dd64b0005258432623d5f
SHA1: 1385ebf84f0828712e6f2aeaee608894899726f5
packers: FSG
packers: FSG
packers: FSG

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 DR/Delphi.Gen
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 no virus found
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 Trojan.DownLoader.14908
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 suspicious
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 Suspicious_F.gen
Panda 9.0.0.4 11.20.2006 Suspicious file
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Packer
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 Trojan.DownLoader.14908
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 12405 bytes
MD5: 79a1e1b4c4626977ec406e30a1d45931
SHA1: 7f131495c549c40d056c76c24c24a1833e142fce

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Dldr.UltCleaner
Authentium 4.93.8 11.17.2006 Possibly a new variant of W32/Behavior:SelfStarterInternetTrojan!Maximus
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 no virus found
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 no virus found
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 suspicious
F-Prot 3.16f 11.17.2006 Possibly a new variant of W32/Behavior:SelfStarterInternetTrojan!Maximus
F-Prot4 4.2.1.29 11.17.2006 W32/Behavior:SelfStarterInternetTrojan!Maximus
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 no virus found
Panda 9.0.0.4 11.20.2006 Suspicious file
Prevx1 V2 11.20.2006 Spyware.UltimateDefender
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 no virus found
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 38912 bytes
MD5: a0b6c66ac7e1f1cafbe16163b94d78a7
SHA1: 5229d73f6ea6d0d22a4e12ab8ed7df7d09e6391d
packers: UPX
packers: UPX
packers: UPX

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 HEUR/Malware
Authentium 4.93.8 11.17.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 no virus found
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 Trojan.Winclean
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 PossibleThreat!015314
F-Prot 3.16f 11.17.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus
F-Prot4 4.2.1.29 11.17.2006 W32/CrazyCrunch-based!Maximus
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 no virus found
Panda 9.0.0.4 11.20.2006 Trj/Cimuz.BM
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 no virus found
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 53248 bytes
MD5: f09c44eaece6747644b5295347d244ba
SHA1: 7e526dab23f5efbc5d12d7647f20f54536bd40b8

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 no virus found
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 Proxy.25.P
BitDefender 7.2 11.20.2006 no virus found
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 no virus found
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 no virus found
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 no virus found
Panda 9.0.0.4 11.20.2006 Suspicious file
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Behav-080
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 no virus found
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 38912 bytes
MD5: abb6837abe0384231990c32a229f2593
SHA1: c79a1282a55f5fac3b741162e8b93058c8c52cc3
packers: UPX

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Crypt.F.Gen
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 Win32/PEPatch
BitDefender 7.2 11.20.2006 no virus found
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 Trojan.Spambot-16
DrWeb 4.33 11.20.2006 Win32.Dref
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 Win32/Sinteri!downloader
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 suspicious
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 Win32/Vxidl.gen!encrypted
NOD32v2 1873 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 no virus found
Panda 9.0.0.4 11.20.2006 no virus found
Prevx1 V2 11.20.2006 Dropper.Payload
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 MalwareScope.Worm.Nuwar-Glowa.1
VirusBuster 4.3.15:9 11.20.2006 Cryptor.Xorpack.D

Aditional Information
File size: 6010 bytes
MD5: 712563c248819624a1400c0916adaf63
SHA1: 3b20d31b47f74607e72830d2db513029830463ad

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Spy.Goldun.NA
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 Trojan.Spy.Goldun.NA
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 Trojan.PWS.GoldSpy
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 Logger.Goldun.hp
Fortinet 2.82.0.0 11.20.2006 suspicious
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 probably a variant of Win32/Spy.Goldun.HP
Norman 5.80.02 11.20.2006 Suspicious_F.gen
Panda 9.0.0.4 11.20.2006 Trj/Goldun.MN
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 suspected of Embedded.Trojan.PWS.GoldSpy
VirusBuster 4.3.15:9 11.20.2006 no virus found


Aditional Information
File size: 29559 bytes
MD5: 4698f8bd9ed2aae437ed66f8598b2261
SHA1: d76968f8d9e9a8a9b8d24149e5001add86f39cc8
packers: FSG, PECRYPT

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Dldr.Lineage.DN
Authentium 4.93.8 11.17.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 BehavesLike:Win32.AV-Killer
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 Trojan.PWS.Lineage
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 Win32/Lineage!generic
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 Lineage!tr.pws
F-Prot 3.16f 11.17.2006 no virus found
F-Prot4 4.2.1.29 11.17.2006 no virus found
Ikarus 0.2.65.0 11.20.2006 Backdoor.Win32.HacDef.084
Kaspersky 4.0.2.24 11.20.2006 Trojan-PSW.Win32.Delf.sv
McAfee 4900 11.20.2006 PWS-Lineage.dll
Microsoft 1.1609 11.20.2006 no virus found
NOD32v2 1873 11.20.2006 probably a variant of Win32/PSW.Lineage.DN
Norman 5.80.02 11.20.2006 W32/Lineage.ANTG
Panda 9.0.0.4 11.20.2006 Suspicious file
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.18.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 suspected of Trojan-PSW.Lineage.1
VirusBuster 4.3.15:9 11.20.2006 no virus found


Aditional Information
File size: 79360 bytes
MD5: 696183e1d1c6fa494bd69477c090d7db
SHA1: 23f6e4d437d9525e7c8939603de08947775a8452

Complete scanning result of "sex.exe", received in VirusTotal at 11.20.2006, 22:04:47 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.20.2006 HEUR/Crypted
Authentium 4.93.8 11.20.2006 W32/Warezov.gen4
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.20.2006 DeepScan:Generic.Malware.FYd!lg.610B4ED7
CAT-QuickHeal 8.00 11.20.2006 no virus found
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.20.2006 no virus found
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3203 11.20.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.20.2006 suspicious
F-Prot 3.16f 11.20.2006 W32/Warezov.gen4
F-Prot4 4.2.1.29 11.20.2006 W32/Warezov.gen4
Ikarus 0.2.65.0 11.20.2006 no virus found
Kaspersky 4.0.2.24 11.20.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1804 11.20.2006 Win32/Ldpinch
NOD32v2 1874 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 no virus found
Panda 9.0.0.4 11.20.2006 Suspicious file
Prevx1 V2 11.20.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.20.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.20.2006 MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster 4.3.15:9 11.20.2006 no virus found


Aditional Information
File size: 24064 bytes
MD5: ab72575342931915ce244f68ba72633d
SHA1: 43194ec5528e6f5f530cbee6b6b5c1e2e3489559
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "avz00001.dta", received in VirusTotal at 11.21.2006, 08:16:56 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.20.2006 no virus found
Authentium 4.93.8 11.20.2006 could be a corrupted executable file
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 BackDoor.Generic3.SWE
BitDefender 7.2 11.21.2006 no virus found
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.20.2006 no virus found
DrWeb 4.33 11.21.2006 no virus found
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.62 11.21.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.20.2006 no virus found
Fortinet 2.82.0.0 11.21.2006 no virus found
F-Prot 3.16f 11.20.2006 no virus found
F-Prot4 4.2.1.29 11.20.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.21.2006 no virus found
McAfee 4900 11.20.2006 no virus found
Microsoft 1.1804 11.21.2006 no virus found
NOD32v2 1874 11.20.2006 no virus found
Norman 5.80.02 11.20.2006 W32/Smalldoor.KVE
Panda 9.0.0.4 11.20.2006 Suspicious file
Prevx1 V2 11.21.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.20.2006 no virus found
VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.20.2006 no virus found

Aditional Information
File size: 108179 bytes
MD5: 61f2864c04b1da1d4c44f467b0012739
SHA1: e7509421353bcfe25f62a445ebca6d0fb6828270

Complete scanning result of "[b]Photo_dcs_11.09.06.exe[/b]", received in VirusTotal at 11.21.2006, 18:05:15 (CET).

[i]Antivirus Version Update Result[/i]
AntiVir 7.2.0.44 11.21.2006 HEUR/Crypted
Authentium 4.93.8 11.20.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
[COLOR="#ff0000"]Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found[/COLOR]
BitDefender 7.2 11.21.2006 DeepScan:Generic.Malware.FYd!lg.43A0FC84
CAT-QuickHeal 8.00 11.21.2006 (Suspicious) - DNAScan
[COLOR="#ff0000"]ClamAV devel-20060426 11.21.2006 no virus found[/COLOR]
DrWeb 4.33 11.21.2006 Trojan.PWS.LDPinch.1306
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
[COLOR="#ff0000"]eTrust-InoculateIT 23.73.62 11.21.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.21.2006 no virus found[/COLOR]
F-Prot 3.16f 11.20.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4 4.2.1.29 11.20.2006 W32/HLLI-MewOrleans-based!Maximus
[COLOR="#ff0000"]Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.21.2006 no virus found
McAfee 4901 11.21.2006 no virus found[/COLOR]
Microsoft 1.1804 11.21.2006 Win32/Ldpinch
[COLOR="#ff0000"]NOD32v2 1876 11.21.2006 no virus found[/COLOR]
Norman 5.80.02 11.21.2006 W32/Suspicious_M.gen
Panda 9.0.0.4 11.21.2006 Suspicious file
[COLOR="#ff0000"]Prevx1 V2 11.21.2006 no virus found[/COLOR]
Sophos 4.11.0 11.16.2006 Mal/Packer
[COLOR="#ff0000"]TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.20.2006 no virus found[/COLOR]
VBA32 3.11.1 11.21.2006 MalwareScope.Trojan-PSW.LdPinch.2
[COLOR="#ff0000"]VirusBuster 4.3.15:9 11.21.2006 no virus found[/COLOR]

Aditional Information
File size: 29703 bytes
MD5: 1d10a9ff177a9e8ab6fe6a785455192b
SHA1: f916aeeb0ef15870e302ba49525f66a2631ac3e7
packers: MEW
packers: MEW

Complete scanning result of "doser.exe", received in VirusTotal at 11.22.2006, 05:32:09 (CET).


Antivirus Version Update Result

[B]AntiVir 7.2.0.44 11.21.2006 HEUR/Crypted[/B]
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
[B]BitDefender 7.2 11.22.2006 DeepScan:Generic.Malware.FPYVdlPkg.67E21543[/B]
[B]CAT-QuickHeal 8.00 11.21.2006 (Suspicious) - DNAScan[/B]
ClamAV devel-20060426 11.21.2006 no virus found
[B]DrWeb 4.33 11.21.2006 BACKDOOR.PWS.Trojan
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
[B]Fortinet 2.82.0.0 11.22.2006 suspicious[/B]
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
[B]Kaspersky 4.0.2.24 11.22.2006 Trojan-PSW.Win32.LdPinch.bdm[/B]
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
[B]NOD32v2 1876 11.21.2006 a variant of Win32/PSW.LdPinch.RG[/B]
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
[B]VBA32 3.11.1 11.21.2006 MalwareScope.Trojan-PSW.LdPinch.1[/B]
VirusBuster 4.3.15:9 11.21.2006 no virus found

Aditional Information
File size: 19211 bytes
MD5: 564cf13006ea7c2c0d32783dfd701fd3
SHA1: daaa77f466496bb39b3a68682a4f998fd9512e35
packers: YZPACK