Исследование антивирусов 7

Printable View

Показывать 40 сообщений этой темы на одной странице

03.03.2009, 13:00
Black_N

Файл 3.exe получен 2009.03.03 10:38:25 (CET)
Текущий статус: закончено
[B]Результат: 2/39 (5.13%)[/B]
Цитата:
[QUOTE]a-squared 4.0.0.101 2009.03.03 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.98 2009.03.03 -
Authentium 5.1.0.4 2009.03.03 -
Avast 4.8.1335.0 2009.03.02 -
AVG 8.0.0.237 2009.03.03 -
BitDefender 7.2 2009.03.03 -
CAT-QuickHeal 10.00 2009.03.03 -
ClamAV 0.94.1 2009.03.03 -
Comodo 1017 2009.03.03 -
DrWeb 4.44.0.09170 2009.03.03 -
eSafe 7.0.17.0 2009.03.02 -
eTrust-Vet 31.6.6381 2009.03.03 -
F-Prot 4.4.4.56 2009.03.02 -
F-Secure 8.0.14470.0 2009.03.03 -
Fortinet 3.117.0.0 2009.03.03 -
GData 19 2009.03.03 -
Ikarus T3.1.1.45.0 2009.03.03 -
K7AntiVirus 7.10.654 2009.03.02 -
Kaspersky 7.0.0.125 2009.03.03 -
McAfee 5541 2009.03.02 -
McAfee+Artemis 5541 2009.03.02 -
Microsoft 1.4306 2009.03.03 -
NOD32 3902 2009.03.02 -
[B]Norman 6.00.06 2009.03.02 W32/Zlob.CYXP[/B]
nProtect 2009.1.8.0 2009.03.03 -
Panda 10.0.0.10 2009.03.02 -
PCTools 4.4.2.0 2009.03.02 -
Prevx1 V2 2009.03.03 -
Rising 21.19.11.00 2009.03.03 -
SecureWeb-Gateway 6.7.6 2009.03.03 -
Sophos 4.39.0 2009.03.03 -
[B]Sunbelt 3.2.1858.2 2009.03.02 <Encrypted Archive>[/B]
Symantec 10 2009.03.03 -
TheHacker 6.3.2.6.269 2009.03.02 -
TrendMicro 8.700.0.1004 2009.03.03 -
VBA32 3.12.10.1 2009.03.03 -
ViRobot 2009.3.3.1631 2009.03.03 -
VirusBuster 4.5.11.0 2009.03.02 -[/QUOTE]

Дополнительная информация
File size: 11735191 bytes
MD5...: 579ee530d8d6bd3cf7beb13aeec5fe30
SHA1..: 92bc0cc76e7c43a8a4afb1afd3bb6ccd8445c53c
SHA256: f46e372751155b25d15d89e6b9d8edfcb2cf864c2cee680a8ef27edc19db3d67
SHA512: e4186e5d3819ee1d1f8e1033737de778acff22443e2a1e9f20f38909edbd98d3
6d7bd98b18eea78a183e292b2fe147a36d1955d1cb47cb5c1dd4fc6b91eb8dae
ssdeep: 196608:FTLWeZd0IULK/TJFDFSSvQRPAdtPwmm1BPli4ahhjKlgX3TNAJeR:oeZd
0E/TJdF1oRPAdRmr/ahhjigX3yJK
PEiD..: Armadillo v1.71
TrID..: File type identification
Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x173a6
timedatestamp.....: 0x47d6fa36 (Tue Mar 11 21:31:34 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2e906 0x2f000 6.60 9ba09777227435273354d46c8470fbd3
.rdata 0x30000 0x842e 0x9000 4.58 ec25192b7421c9cc51f1a1283f96b143
.data 0x39000 0x9d08 0x6000 2.68 e4b5677a176f441e4836113962ecddba
.rsrc 0x43000 0x9998 0xa000 4.75 91c466c33a8b81107d6d20fbb56fd1da

( 8 imports )
> KERNEL32.dll: WritePrivateProfileStringA, GetProcessVersion, SizeofResource, GetCPInfo, GetOEMCP, RtlUnwind, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, GetTimeZoneInformation, GetSystemTime, GetLocalTime, HeapReAlloc, SetEnvironmentVariableA, SetCurrentDirectoryA, GetStartupInfoA, GetCommandLineA, GetACP, HeapSize, LCMapStringA, LCMapStringW, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, CompareStringA, CompareStringW, GetFileType, SetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, GlobalFlags, SetErrorMode, TlsGetValue, GetProfileStringA, LocalReAlloc, TlsSetValue, GlobalReAlloc, TlsFree, GlobalHandle, TlsAlloc, LocalAlloc, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, SetFileTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetFileTime, MulDiv, SetLastError, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, GlobalLock, GlobalAlloc, GlobalDeleteAtom, GetCurrentThread, GetCurrentThreadId, lstrcmpiA, LoadLibraryA, GetProcAddress, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, WriteFile, GetCurrentProcess, DuplicateHandle, lstrcmpA, FileTimeToSystemTime, MultiByteToWideChar, WideCharToMultiByte, InterlockedDecrement, CreateDirectoryA, MoveFileA, SetVolumeLabelA, GetDriveTypeA, GetCurrentDirectoryA, GetFileSize, GetDiskFreeSpaceA, FormatMessageA, LocalFree, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, lstrlenA, CreateProcessA, GetLastError, GetExitCodeProcess, GetTempPathA, GetModuleFileNameA, RemoveDirectoryA, SetFileAttributesA, DeleteFileA, InterlockedIncrement, FindNextFileA, CreateFileA, SetFilePointer, ReadFile, CloseHandle, GetFullPathNameA, lstrcpynA, GetVolumeInformationA, GetFileAttributesA, lstrcpyA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, HeapCreate
> USER32.dll: ScreenToClient, AdjustWindowRectEx, GetSysColor, MapWindowPoints, UpdateWindow, ClientToScreen, GetWindowDC, BeginPaint, EndPaint, TabbedTextOutA, DrawTextA, GrayStringA, LoadStringA, GetClassNameA, PtInRect, GetSysColorBrush, InflateRect, DestroyMenu, InvalidateRect, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, CreateWindowExA, GetClassLongA, SetPropA, GetPropA, CallWindowProcA, RemovePropA, DefWindowProcA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, CopyRect, GetDC, ReleaseDC, EndDialog, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetNextDlgTabItem, GetMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, GetCursorPos, SetWindowsHookExA, GetLastActivePopup, UnhookWindowsHookEx, GetParent, SetFocus, IsWindowEnabled, ShowWindow, SetWindowPos, SetWindowLongA, GetDlgCtrlID, GetWindowTextLengthA, GetWindowTextA, SetWindowTextA, GetWindowLongA, IsDialogMessageA, SendDlgItemMessageA, GetDlgItem, CharUpperA, IsWindow, PostQuitMessage, UnregisterClassA, HideCaret, ShowCaret, CharToOemBuffA, OemToCharBuffA, wsprintfA, MsgWaitForMultipleObjects, TranslateMessage, DispatchMessageA, MessageBoxA, GetTopWindow, RegisterWindowMessageA, GetCapture, EnableWindow, LoadCursorA, SetCursor, IsIconic, GetSystemMetrics, GetClientRect, DrawIcon, PostMessageA, LoadIconA, SendMessageA, PeekMessageA, IsWindowUnicode, CharNextA, DefDlgProcA, DrawFocusRect, ExcludeUpdateRgn, GetFocus
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, GetDeviceCaps, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegSetValueExA
> SHELL32.dll: SHFileOperationA
> COMCTL32.dll: -

( 0 exports )
packers (F-Prot): ZIP
06.03.2009, 02:14
Erekle

[QUOTE]Файл ConfDriver.exe получен 2009.03.06 00:09:46 (CET)
Результат: [B]17/39 [/B](43.59%)

a-squared 4.0.0.101 2009.03.05 -
[B]AhnLab-V3 5.0.0.2 2009.02.27 Win-Trojan/Buzus.29184.AK [/B]
AntiVir 7.9.0.100 2009.03.05 -
Authentium 5.1.0.4 2009.03.05 -
Avast 4.8.1335.0 2009.03.05 -
[B]AVG 8.0.0.237 2009.03.05 Generic12.ASUT
BitDefender 7.2 2009.03.05 Backdoor.Hamweq.B
CAT-QuickHeal 10.00 2009.03.05 Trojan.Buzus.afet [/B]
ClamAV 0.94.1 2009.03.05 -
[B]Comodo 1027 2009.03.05 Worm.Win32.AutoRun.~ZU
DrWeb 4.44.0.09170 2009.03.05 Trojan.Inject.5370
eSafe 7.0.17.0 2009.03.05 Suspicious File
eTrust-Vet 31.6.6384 2009.03.05 Win32/SillyAutorun.AJE [/B]
F-Prot 4.4.4.56 2009.03.05 -
[B]F-Secure 8.0.14470.0 2009.03.05 Worm.Win32.AutoRun.erh [/B]
Fortinet 3.117.0.0 2009.03.05 -
[B]GData 19 2009.03.05 Backdoor.Hamweq.B [/B]
Ikarus T3.1.1.45.0 2009.03.05 -
K7AntiVirus 7.10.659 2009.03.05 -
[B]Kaspersky 7.0.0.125 2009.03.05 Worm.Win32.AutoRun.erh [/B]
McAfee 5544 2009.03.05 -
McAfee+Artemis 5544 2009.03.05 -
[B]Microsoft 1.4405 2009.03.06 Worm:Win32/Hamweq.A
NOD32 3911 2009.03.05 Win32/AutoRun.KS [/B]
Norman 6.00.06 2009.03.05 -
nProtect 2009.1.8.0 2009.03.05 -
Panda 10.0.0.10 2009.03.05 -
PCTools 4.4.2.0 2009.03.05 -
[B]Prevx1 V2 2009.03.06 Medium Risk Malware [/B]
Rising 21.19.32.00 2009.03.05 -
SecureWeb-Gateway 6.7.6 2009.03.05 -
Sophos 4.39.0 2009.03.05 -
Sunbelt 3.2.1858.2 2009.03.05 -
Symantec 10 2009.03.06 -
TheHacker 6.3.2.7.272 2009.03.05 -
[B]TrendMicro 8.700.0.1004 2009.03.05 PAK_Generic.001
VBA32 3.12.10.1 2009.03.05 Trojan.Win32.Buzus.afet[/B]
ViRobot 2009.3.5.1635 2009.03.05 -
[B]VirusBuster 4.5.11.0 2009.03.05 Worm.AutoRun.FYJ[/B] [/QUOTE]
Дополнительная информация
File size: 29184 bytes
MD5...: 1a5f91554aad217185271b3414e10dcd
SHA1..: d6989ce427e0ff4e723cb11fa09f42147a2b347d
SHA256: 5febb6cef268db2c9c9ad227587f79dae1825a9d2db381afceb1ff98add214fe
___________________________

([B]eTrust[/B] - хорошо сказал :) )
06.03.2009, 13:47
vlad179

Файл avz00001.dta получен 2009.03.06 11:06:59 (CET)

Результат: 4/38 (10.53%)

[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.03.06 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.105 2009.03.06 -
Authentium 5.1.0.4 2009.03.06 -
Avast 4.8.1335.0 2009.03.05 -
AVG 8.0.0.237 2009.03.05 [B]Adload_r.HT[/B]
BitDefender 7.2 2009.03.06 -
CAT-QuickHeal 10.00 2009.03.06 -
ClamAV 0.94.1 2009.03.06 -
Comodo 1027 2009.03.05 -
DrWeb 4.44.0.09170 2009.03.06 -
eSafe 7.0.17.0 2009.03.05 -
eTrust-Vet 31.6.6384 2009.03.05 -
F-Prot 4.4.4.56 2009.03.05 [B]W32/Hexzone.B.gen!Eldorado[/B]
F-Secure 8.0.14470.0 2009.03.06 [B]Trojan-Downloader.Win32.Agent.bjtm[/B]
Fortinet 3.117.0.0 2009.03.06 -
GData 19 2009.03.06 -
Ikarus T3.1.1.45.0 2009.03.06 -
K7AntiVirus 7.10.659 2009.03.05 -
Kaspersky 7.0.0.125 2009.03.06 [B]Trojan-Downloader.Win32.Agent.bjtm[/B]
McAfee 5544 2009.03.05 -
McAfee+Artemis 5544 2009.03.05 -
Microsoft 1.4405 2009.03.06 -
NOD32 3912 2009.03.06 -
Norman 6.00.06 2009.03.05 -
nProtect 2009.1.8.0 2009.03.06 -
Panda 10.0.0.10 2009.03.05 -
PCTools 4.4.2.0 2009.03.05 -
Prevx1 V2 2009.03.06 -
Rising 21.19.42.00 2009.03.06 -
SecureWeb-Gateway 6.7.6 2009.03.06 -
Sophos 4.39.0 2009.03.06 -
Sunbelt 3.2.1858.2 2009.03.06 -
Symantec 10 2009.03.06 -
TheHacker 6.3.2.7.273 2009.03.06 -
TrendMicro 8.700.0.1004 2009.03.05 -
ViRobot 2009.3.6.1637 2009.03.06 -
VirusBuster 4.5.11.0 2009.03.05 - [/CODE]

Дополнительная информация
File size: 509952 bytes
MD5...: 46e1e2567163dca639a3eea51399423c
SHA1..: a8c1b02c5d373cbe33dc13519e4a68a1db1d7bb6
SHA256: 6e2135bdeaeeccb22b1cb7857362980e90f50e225dac599355e2f47557fce12e
SHA512: 4df4bf98b91ff024737143a08863144d588dbb0395c989ba07af24218d2f39eb
077f058691b23fb20931d9601e2ff61eb9b6a03d73d1493aef0b7a83a9d31957
ssdeep: 12288:XH7t3DuI5p1LTVS9c2UIm98ODaPQUPKj1BO5RQEDHM1dDG:Xbt3yKp1LTV
KcgfYPj1BAR57MXi
09.03.2009, 22:14
senyak

Файл ______________.exe получен 2009.03.09 20:13:40 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 15/39 (38.47%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.101 2009.03.09 Trojan-PWS.Win32.VKont!IK[/B]
AhnLab-V3 5.0.0.2 2009.02.27 -
[B]AntiVir 7.9.0.107 2009.03.09 TR/PSW.VKont.A[/B]
Authentium 5.1.0.4 2009.03.09 -
[B]Avast 4.8.1335.0 2009.03.09 Win32:Trojan-gen {Other}
AVG 8.0.0.237 2009.03.09 PSW.Generic6.BBIK
BitDefender 7.2 2009.03.09 Trojan.Generic.1406945
CAT-QuickHeal 10.00 2009.03.09 TrojanPSW.VKont.a[/B]
ClamAV 0.94.1 2009.03.09 -
[B]Comodo 1039 2009.03.09 TrojWare.Win32.PSW.VKont.~A
DrWeb 4.44.0.09170 2009.03.09 Trojan.PWS.Vkontakte.6[/B]
eSafe 7.0.17.0 2009.03.09 -
eTrust-Vet 31.6.6387 2009.03.09 -
F-Prot 4.4.4.56 2009.03.08 -
[B]F-Secure 8.0.14470.0 2009.03.09 Trojan-PSW.Win32.VKont.a[/B]
Fortinet 3.117.0.0 2009.03.09 -
[B]GData 19 2009.03.09 Trojan.Generic.1406945
Ikarus T3.1.1.45.0 2009.03.09 Trojan-PWS.Win32.VKont[/B]
K7AntiVirus 7.10.664 2009.03.09 -
[B]Kaspersky 7.0.0.125 2009.03.09 Trojan-PSW.Win32.VKont.a[/B]
McAfee 5548 2009.03.09 -
McAfee+Artemis 5548 2009.03.09 -
Microsoft 1.4405 2009.03.09 -
NOD32 3921 2009.03.09 -
Norman 6.00.06 2009.03.09 -
[B]nProtect 2009.1.8.0 2009.03.09 Trojan-PWS/W32.VKont.813568[/B]
Panda 10.0.0.10 2009.03.09 -
PCTools 4.4.2.0 2009.03.09 -
Prevx1 V2 2009.03.09 -
Rising 21.20.02.00 2009.03.09 -
[B]SecureWeb-Gateway 6.7.6 2009.03.09 Trojan.PSW.VKont.A[/B]
Sophos 4.39.0 2009.03.09 -
Sunbelt 3.2.1858.2 2009.03.08 -
Symantec 1.4.4.12 2009.03.09 -
TheHacker 6.3.3.0.277 2009.03.09 -
TrendMicro 8.700.0.1004 2009.03.09 -
[B]VBA32 3.12.10.1 2009.03.09 Trojan-PSW.Win32.VKont.a[/B]
ViRobot 2009.3.9.1641 2009.03.09 -
VirusBuster 4.5.11.0 2009.03.09 -[/QUOTE]
Дополнительная информация
File size: 813568 bytes
MD5...: 85740a68e38e51807b1fd4f9190378e3
SHA1..: 995f5fd65a8c9ac8be5aa324e9b35fc51f5f0591
SHA256: 062fc5d9ac296d44223a5ef1b39f2ba9c2f9c12511e84a993dbbf3e3fa7838eb
SHA512: 071696ae10178453a8825bc61e97cb7e617641238d1d39102012aaf4a7949c12
a7345277494a821cdcee05d77d29d2aa2e137e88cad2b5aed373f16899d6cddf
ssdeep: 12288:R/jDEG2cYpCXUm6AJGAh6QkkkmRKcjRula43e:pnSDCXOLik4K1p3
PEiD..: BobSoft Mini Delphi -> BoB / BobSoft
11.03.2009, 13:17
ISO

File ximr.pif received on 03.11.2009 11:10:09 (CET)
Result: 6/39 (15.39%)

[code]Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.03.11 -
AhnLab-V3 5.0.0.2 2009.03.11 -
[B]AntiVir 7.9.0.109 2009.03.11 Worm/Autorun.esq[/B]
Authentium 5.1.0.4 2009.03.10 -
Avast 4.8.1335.0 2009.03.10 -
AVG 8.0.0.237 2009.03.10 -
BitDefender 7.2 2009.03.11 -
[B]CAT-QuickHeal 10.00 2009.03.11 Worm.AutoRun.upf[/B]
ClamAV 0.94.1 2009.03.11 -
[B]Comodo 1046 2009.03.10 Unclassified Malware[/B]
DrWeb 4.44.0.09170 2009.03.11 -
[B]eSafe 7.0.17.0 2009.03.11 Win32.Worm.AutoRun.u[/B]
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.10 -
F-Secure 8.0.14470.0 2009.03.11 -
Fortinet 3.117.0.0 2009.03.11 -
GData 19 2009.03.11 -
Ikarus T3.1.1.45.0 2009.03.11 -
K7AntiVirus 7.10.665 2009.03.10 -
Kaspersky 7.0.0.125 2009.03.11 -
McAfee 5549 2009.03.10 -
McAfee+Artemis 5549 2009.03.10 -
Microsoft 1.4405 2009.03.11 -
NOD32 3925 2009.03.11 -
Norman 6.00.06 2009.03.10 -
nProtect 2009.1.8.0 2009.03.11 -
Panda 10.0.0.10 2009.03.10 -
PCTools 4.4.2.0 2009.03.10 -
Prevx1 V2 2009.03.11 -
Rising 21.20.22.00 2009.03.11 -
[B]SecureWeb-Gateway 6.7.6 2009.03.11 Worm.Autorun.esq[/B]
Sophos 4.39.0 2009.03.11 -
Sunbelt 3.2.1858.2 2009.03.10 -
Symantec 1.4.4.12 2009.03.11 -
[B]TheHacker 6.3.3.0.278 2009.03.11 W32/AutoRun.esq[/B]
TrendMicro 8.700.0.1004 2009.03.11 -
VBA32 3.12.10.1 2009.03.11 -
ViRobot 2009.3.11.1645 2009.03.11 -
VirusBuster 4.5.11.0 2009.03.10 -[/code]
Additional information
File size: 97791 bytes
MD5...: df7ebd547e890c70d0e802454168b346
SHA1..: 4e6f4197ee2563ed06946c6016d4fac1082ed1fe
SHA256: dfa991a20f3c184292e2eb3500ebfa3466bcaa06ae0d84e8933df9f18c7302f1
SHA512: 182a46b08005b3a7ac4f9a1738d52ad6c667721472a86a989ff2c305c952d027
25cd75c39cc2e2f93c9aefb9709c3b7919a06bc3cec4b224179d5061bc1962f7
ssdeep: 1536:YEwOnbNQKLjWDyy1o5RepJUEbooPRrKKRSq6Hn:Y2NQKPWDyDRepJltZrpR
SfH
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
PEInfo: PE Structure information
11.03.2009, 16:21
GeorgeS

А график за февраль будет опубликован?
11.03.2009, 22:33
ike

Поддерживаю GeorgeS по данному вопросу. Каждый день захожу, смотрю не появился ли график за февраль.
11.03.2009, 23:12
IgorKr

Файл DrShark_cracked.exe получен 2009.03.11 14:31:44 (CET)
Текущий статус: закончено
Результат: 9/39 (23.08%)

[QUOTE]
a-squared - - -
AhnLab-V3 - - -
[B]AntiVir - - TR/Drop.RKit.CM[/B]
Authentium - - -
Avast - - -
[B]AVG - - Downloader.Generic_r.DA[/B]
BitDefender - - -
[B]CAT-QuickHeal - - (Suspicious) - DNAScan[/B]
ClamAV - - -
Comodo - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
[B]F-Prot - - W32/Bepiv.A.gen!Eldorado[/B]
F-Secure - - -
Fortinet - - -
GData - - -
Ikarus - - -
K7AntiVirus - - -
Kaspersky - - -
McAfee - - -
McAfee+Artemis - - -
[B]Microsoft - - Trojan:Win32/Tibs.IR[/B]
[B]NOD32 - - a variant of Win32/AdProt.AF[/B]
Norman - - -
nProtect - - -
[B]Panda - - Suspicious file[/B]
PCTools - - -
Prevx1 - - -
Rising - - -
[B]SecureWeb-Gateway - - Trojan.Drop.RKit.CM[/B]
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
TrendMicro - - -
[B]VBA32 - - BScope.Zhelatin.13[/B]
ViRobot - - -
VirusBuster - - -
[/QUOTE]

Дополнительная информация
MD5: 7b60db539c761b2babd2d15f2b49f525
SHA1: b3bc4af1e0b5cf052012d3b109b41f642721db3f
SHA256: 375072eab89a611d7f82be38d4ba7b2c7aa366cb5f7fcb5d155a1b3f4b36f1a4
SHA512: 212aa4fd7ebc996d09a8339f207af2b6665325ea91fb4b264cf887e14c9dc32460dce745dbb37a99b13a8ae20436a41c13abf1273db322b4aa1f1f729beb5afb

[size="1"][color="#666686"][B][I]Добавлено через 13 минут[/I][/B][/color][/size]

Файл mouth_drillers_keygen.exe получен 2009.03.11 00:40:20 (CET)
Текущий статус: закончено
Результат: 11/39 (28.21%)

[QUOTE]
[B]a-squared 4.0.0.101 2009.03.10 Trojan.Win32.Bepiv!IK[/B]
AhnLab-V3 5.0.0.2 2009.03.10 -
[B]AntiVir 7.9.0.107 2009.03.10 TR/Drop.RKit.CM[/B]
Authentium 5.1.0.4 2009.03.10 -
Avast 4.8.1335.0 2009.03.10 -
[B]AVG 8.0.0.237 2009.03.10 Downloader.Generic_r.DA[/B]
BitDefender 7.2 2009.03.11 -
[B]CAT-QuickHeal 10.00 2009.03.10 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.03.10 -
Comodo 1046 2009.03.10 -
DrWeb 4.44.0.09170 2009.03.11 -
eSafe 7.0.17.0 2009.03.09 -
eTrust-Vet 31.6.6388 2009.03.09 -
[B]F-Prot 4.4.4.56 2009.03.10 W32/Bepiv.A.gen!Eldorado[/B]
F-Secure 8.0.14470.0 2009.03.10 -
Fortinet 3.117.0.0 2009.03.10 -
GData 19 2009.03.10 -
[B]Ikarus T3.1.1.45.0 2009.03.10 Trojan.Win32.Bepiv[/B]
K7AntiVirus 7.10.665 2009.03.10 -
Kaspersky 7.0.0.125 2009.03.11 -
McAfee 5549 2009.03.10 -
McAfee+Artemis 5549 2009.03.10 -
[B]Microsoft 1.4405 2009.03.10 Trojan:Win32/Tibs.IR[/B]
[B]NOD32 3924 2009.03.10 a variant of Win32/AdProt.AF[/B]
Norman 6.00.06 2009.03.10 -
nProtect 2009.1.8.0 2009.03.10 -
[B]Panda 10.0.0.10 2009.03.10 Suspicious file[/B]
PCTools 4.4.2.0 2009.03.10 -
Prevx1 V2 2009.03.11 -
Rising 21.20.11.00 2009.03.10 -
[B]SecureWeb-Gateway 6.7.6 2009.03.10 Trojan.Drop.RKit.CM[/B]
Sophos 4.39.0 2009.03.10 -
Sunbelt 3.2.1858.2 2009.03.10 -
Symantec 1.4.4.12 2009.03.11 -
TheHacker 6.3.3.0.278 2009.03.10 -
TrendMicro 8.700.0.1004 2009.03.10 -
[B]VBA32 3.12.10.1 2009.03.10 BScope.Zhelatin.13[/B]
ViRobot 2009.3.10.1643 2009.03.10 -
VirusBuster 4.5.11.0 2009.03.10 -
[/QUOTE]

Tamano archivo: 423936 bytes
MD5...: 3d085efeb45e1235dd20f32fef05d9f5
SHA1..: fa10896649a0ec80b206b0fc63b5be17ee9ff868
SHA256: 4f89a1911484c61caf4af3412cbcf9abdb052a55bf8e3074124fadbb20bff7e6
SHA512: cbd6179648adc70143f34e08160a0d9cefb97bca9a9f77023175b8ba4d1bdff5
280fa19dd5d56c2d6e4f833347fa91b8c3131b29e5d5edabff2563ab9d225d98
ssdeep: 6144:yKkVQxrxKG9cUxMNuFFg0SRDA8k0PO5lTjJ8+nb/xznFl:BfxrxKG9cUxem
r2k0PKl3J8+bZzT
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x78516
timedatestamp.....: 0x49b35db2 (Sun Mar 08 05:54:58 2009)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x12192 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x14000 0xfa8c 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x24000 0x39a4 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x28000 0x3a480 0x2a000 4.11 2bee61ed43584c597a888b692b42b04a
.vmp0 0x63000 0x10944 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.vmp1 0x74000 0x3d074 0x3d200 7.95 057bdd7375ca355e49aad0d903075749
.reloc 0xb2000 0x98 0x200 1.91 7ce32232fd37f057468080eaef446b63

( 9 imports )
> KERNEL32.dll: GlobalLock
> USER32.dll: LoadCursorA
> ADVAPI32.dll: RegEnumKeyExA
> ole32.dll: CoTaskMemRealloc
> OLEAUT32.dll: -
> GDI32.dll: GetStockObject
> ntdll.dll: RtlFreeHeap
> KERNEL32.dll: LoadLibraryA, VirtualProtect, GetModuleFileNameA, ExitProcess
> USER32.dll: MessageBoxA

( 0 exports )
13.03.2009, 20:34
Rampant

File Putty.zip received on 03.13.2009 15:08:55 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 23/39 (58.98%)
[QUOTE][B]a-squared 4.0.0.101 2009.03.13 Backdoor.Win32.Bifrose!IK[/B]
AhnLab-V3 5.0.0.2 2009.03.13 -
[B]AntiVir 7.9.0.114 2009.03.13 BDS/Bifrose.abwo[/B]
[B]Authentium 5.1.0.4 2009.03.13 W32/Backdoor2.DEIA[/B]
Avast 4.8.1335.0 2009.03.12 -
AVG 8.0.0.237 2009.03.13 -
BitDefender 7.2 2009.03.13 -
[B]CAT-QuickHeal 10.00 2009.03.13 Backdoor.Bifrose.afuq[/B]
ClamAV 0.94.1 2009.03.13 -
[B]Comodo 1053 2009.03.13 Backdoor.Win32.Bifrose.~XH[/B]
DrWeb 4.44.0.09170 2009.03.13 -
[B]eSafe 7.0.17.0 2009.03.12 Suspicious File [/B]
eTrust-Vet 31.6.6388 2009.03.09 -
[B]F-Prot 4.4.4.56 2009.03.13 W32/Backdoor2.DEIA[/B]
[B]F-Secure 8.0.14470.0 2009.03.13 Backdoor.Win32.Bifrose.afuq[/B]
[B]Fortinet 3.117.0.0 2009.03.13 PossibleThreat[/B]
GData 19 2009.03.13 -
[B]Ikarus T3.1.1.45.0 2009.03.13 Backdoor.Win32.Bifrose[/B]
[B]K7AntiVirus 7.10.668 2009.03.12 Backdoor.Win32.Bifrose.afuq[/B]
[B]Kaspersky 7.0.0.125 2009.03.13 Backdoor.Win32.Bifrose.afuq[/B]
[B]McAfee 5551 2009.03.12 Backdoor-CEP[/B]
[B]McAfee+Artemis 5551 2009.03.12 Backdoor-CEP[/B]
[B]McAfee-GW-Edition 6.7.6 2009.03.13 Trojan.Backdoor.Bifrose.abwo[/B]
Microsoft 1.4405 2009.03.13 -
[B]NOD32 3934 2009.03.13 probably a variant of Win32/Bifrose[/B]
[B]Norman 6.00.06 2009.03.13 W32/Bifrose.AKOL[/B]
nProtect 2009.1.8.0 2009.03.13 -
[B]Panda 10.0.0.10 2009.03.13 Bck/Bifrose.AKL[/B]
PCTools 4.4.2.0 2009.03.13 -
Prevx1 V2 2009.03.13 -
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.13 -
[B]Sunbelt 3.2.1858.2 2009.03.13 Backdoor.Win32.Bifrose.afuq[/B]
[B]Symantec 1.4.4.12 2009.03.13 Backdoor.Bifrose[/B]
[B]TheHacker 6.3.3.0.281 2009.03.13 Backdoor/Bifrose.abwo[/B]
TrendMicro 8.700.0.1004 2009.03.13 -
[B]VBA32 3.12.10.1 2009.03.12 Backdoor.Win32.Bifrose.afuq[/B]
ViRobot 2009.3.13.1648 2009.03.13 -
[B]VirusBuster 4.6.5.0 2009.03.13 Backdoor.Bifrose.KRU[/B]
[/QUOTE]
File size: 217658 bytes
MD5...: dbe5288e7b022eddfcefa03bb16705ce
SHA1..: ee7fac7ae06f8a9b034c33dfae94bb99793c625e
SHA256: ae4ec7685d1471a9f905bb984c9c055c7845fee539ff1369af112a6c90f8967a
SHA512: 882b308a46b36b79cdfdda9d4e267946adfe91bf3dcbf6fd7279a6d7092c4819
448871475167d3d97969d84e79573366b67a61a9e5567222b50cfd9ec816082d
ssdeep: 6144:5fIcYuyczDuxxuoATKgC9u1CH2hulI6Z6VLW4nxFZ2zzV7r:xIcYuRDuxkF
TKteC2q8LWMv61
PEiD..: -
TrID..: File type identification
ZIP compressed archive (100.0%)

[size="1"][color="#666686"][B][I]Добавлено через 3 часа 6 минут[/I][/B][/color][/size]

File zar80.zip received on 03.13.2009 18:12:44 (CET)
Current status: Loading ... queued waiting scanning finished
Result: 19/39 (48.72%)
[QUOTE][B]a-squared 4.0.0.101 2009.03.13 Trojan.Win32.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.03.13 -
[B]AntiVir 7.9.0.114 2009.03.13 TR/AvKill.Y[/B]
Authentium 5.1.0.4 2009.03.13 -
[B]Avast 4.8.1335.0 2009.03.12 Win32:AVKill-425[/B]
AVG 8.0.0.237 2009.03.13 -
[B]BitDefender 7.2 2009.03.13 Trojan.Avkill.Y[/B]
CAT-QuickHeal 10.00 2009.03.13 -
ClamAV 0.94.1 2009.03.13 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.13 -
[B]eSafe 7.0.17.0 2009.03.12 Win32.TrojanHorse[/B]
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.13 -
F-Secure 8.0.14470.0 2009.03.13 -
[B]Fortinet 3.117.0.0 2009.03.13 PossibleThreat[/B]
[B]GData 19 2009.03.13 Trojan.Avkill.Y[/B]
[B]Ikarus T3.1.1.45.0 2009.03.13 Trojan.Win32.Agent[/B]
K7AntiVirus 7.10.668 2009.03.12 -
Kaspersky 7.0.0.125 2009.03.13 -
[B]McAfee 5551 2009.03.12 Generic StartPage[/B]
[B]McAfee+Artemis 5551 2009.03.12 Generic!Artemis[/B]
[B]McAfee-GW-Edition 6.7.6 2009.03.13 Trojan.AvKill.Y[/B]
[B]Microsoft 1.4405 2009.03.13 Trojan:Win32/Agent[/B]
[B]NOD32 3935 2009.03.13 probably a variant of Win32/StartPage[/B]
Norman 6.00.06 2009.03.13 -
nProtect 2009.1.8.0 2009.03.13 -
[B]Panda 10.0.0.10 2009.03.13 Adware/Startpage.CTK[/B]
PCTools 4.4.2.0 2009.03.13 -
[B]Prevx1 V2 2009.03.13 Medium Risk Malware[/B]
[B]Rising 21.20.42.00 2009.03.13 Backdoor.Win32.CAK.a[/B]
[B]Sophos 4.39.0 2009.03.13 Mal/Generic-A[/B]
Sunbelt 3.2.1858.2 2009.03.13 -
[B]Symantec 1.4.4.12 2009.03.13 Backdoor.Formador[/B]
TheHacker 6.3.3.0.281 2009.03.13 -
TrendMicro 8.700.0.1004 2009.03.13 -
[B]VBA32 3.12.10.1 2009.03.12 Trojan.Dater[/B]
ViRobot 2009.3.13.1648 2009.03.13 -
VirusBuster 4.6.5.0 2009.03.13 -
[/QUOTE]
File size: 2234580 bytes
MD5...: e1a120608f1737a2d9709caab14d9795
SHA1..: 3ae600e731fcf40aaedd0c552104cb39d6c5282c
SHA256: 270fece47b622b770dc74fd722af1a3ac3604795d3183ae850a410adabffa50e
SHA512: cffeb948a5677660d53b9409f6d59f9a5ba19234b14d266d656ad00f02b682d6
54cc10db2235a677579bc3acb85e0fb3a7d22548977465f53811c79277ffa117
ssdeep: 49152:G8P85o+2Hf23YbH4im7dGfcLcMWO0Hoh31nkVXZWk4ZSvTC:Ge3HQYjrm7
duc990HohlnkVXZWH7

PEiD..: -
TrID..: File type identification
ZIP compressed archive (100.0%)
PEInfo: -
packers (Kaspersky): Armadillo, WScript
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=221491A80896B6071B0119D37DDB5A005C35FA30' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=221491A80896B6071B0119D37DDB5A005C35FA30</a>
packers (F-Prot): ZIP, Unicode
13.03.2009, 23:11
IgorKr

Файл crack__2009__DrShark_.exe получен 2009.03.13 20:56:53 (CET)
Текущий статус: закончено
Результат: 4/39 (10.26%)

[QUOTE]
a-squared 4.0.0.101 2009.03.13 -
AhnLab-V3 5.0.0.2 2009.03.13 -
AntiVir 7.9.0.114 2009.03.13 -
Authentium 5.1.0.4 2009.03.13 -
Avast 4.8.1335.0 2009.03.12 -
[B]AVG 8.0.0.237 2009.03.13 SHeur2.VMT[/B]
BitDefender 7.2 2009.03.13 -
CAT-QuickHeal 10.00 2009.03.13 -
ClamAV 0.94.1 2009.03.13 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.13 -
eSafe 7.0.17.0 2009.03.12 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.13 -
F-Secure 8.0.14470.0 2009.03.13 -
Fortinet 3.117.0.0 2009.03.13 -
GData 19 2009.03.13 -
Ikarus T3.1.1.45.0 2009.03.13 -
K7AntiVirus 7.10.668 2009.03.12 -
Kaspersky 7.0.0.125 2009.03.13 -
McAfee 5552 2009.03.13 -
McAfee+Artemis 5552 2009.03.13 -
McAfee-GW-Edition 6.7.6 2009.03.13 -
[B]Microsoft 1.4405 2009.03.13 Trojan:Win32/FakeXPA[/B]
NOD32 3935 2009.03.13 -
Norman 6.00.06 2009.03.13 -
nProtect 2009.1.8.0 2009.03.13 -
Panda 10.0.0.10 2009.03.13 -
PCTools 4.4.2.0 2009.03.13 -
[B]Prevx1 V2 2009.03.13 High Risk Cloaked Malware[/B]
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.13 -
Sunbelt 3.2.1858.2 2009.03.13 -
Symantec 1.4.4.12 2009.03.13 -
TheHacker 6.3.3.0.281 2009.03.13 -
TrendMicro 8.700.0.1004 2009.03.13 -
VBA32 3.12.10.1 2009.03.12 -
ViRobot 2009.3.13.1648 2009.03.13 -
[B]VirusBuster 4.6.5.0 2009.03.13 Trojan.Fraudpack.Gen[/B]
[/QUOTE]

Дополнительная информация
File size: 1574912 bytes
MD5...: 7368a35455b8df682be1bd6c928bf48f
SHA1..: f3f2ea8ca366d5bbf8052d2d5d483b8605ce1928
SHA256: d9c46f5f8f4c5e9406caf41cccf8358ceac58ab59f35bc3f7099e531d90d3f60
SHA512: 492152ed9099ad766bacef7cc499175b4b0e60f680583c33d11ed808bb9a6289
adfb57d3ca75ca10de28c9928cc500943b8d31f9200f533dde12555200d3445b
ssdeep: 24576:95oKLBZpodfxzOWNAhsTjFf7+j62IVPPT5A5khFNVVhBXQsyIBo/XM/Kgu
4zG:96KlAdfVQG/V+ORPPFUkNVl5E8/KH
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d3c
timedatestamp.....: 0x3e800062 (Tue Mar 25 07:08:18 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8f74 0x9000 6.62 912623f777d72e09b3e33e3eb3b92ecc
.data 0xa000 0x1bec 0x400 4.25 b67e6b028734fe3692a3080d8ebfe3b1
.rsrc 0xc000 0x176eb4 0x177000 7.98 786e08e1e3a8cd10c31f94c7de1ffa9b

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, GetModuleFileNameA, lstrlenA, GetSystemDirectoryA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, lstrcatA, lstrcpyA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, GlobalFree, GlobalUnlock, GlobalLock, GetProcAddress, FreeResource, LockResource, LoadResource, SizeofResource, FindResourceA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, GlobalAlloc
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=2192E52A0B541BD1F001039F54E7B4000423A3DF' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=2192E52A0B541BD1F001039F54E7B4000423A3DF</a>
packers (F-Prot): CAB

[size="1"][color="#666686"][B][I]Добавлено через 14 минут[/I][/B][/color][/size]

Файл setup.exe получен 2009.03.13 21:04:12 (CET)
Текущий статус: закончено
Результат: 2/39 (5.13%)

[QUOTE]
a-squared 4.0.0.101 2009.03.13 -
AhnLab-V3 5.0.0.2 2009.03.13 -
AntiVir 7.9.0.114 2009.03.13 -
Authentium 5.1.0.4 2009.03.13 -
Avast 4.8.1335.0 2009.03.13 -
AVG 8.0.0.237 2009.03.13 -
BitDefender 7.2 2009.03.13 -
CAT-QuickHeal 10.00 2009.03.13 -
ClamAV 0.94.1 2009.03.13 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.13 -
eSafe 7.0.17.0 2009.03.12 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.13 -
F-Secure 8.0.14470.0 2009.03.13 -
Fortinet 3.117.0.0 2009.03.13 -
GData 19 2009.03.13 -
Ikarus T3.1.1.45.0 2009.03.13 -
K7AntiVirus 7.10.668 2009.03.12 -
Kaspersky 7.0.0.125 2009.03.13 -
McAfee 5552 2009.03.13 -
McAfee+Artemis 5552 2009.03.13 -
[B]McAfee-GW-Edition 6.7.6 2009.03.13 Trojan.Dldr.Agent.xyt[/B]
Microsoft 1.4405 2009.03.13 -
NOD32 3935 2009.03.13 -
Norman 6.00.06 2009.03.13 -
nProtect 2009.1.8.0 2009.03.13 -
[B]Panda 10.0.0.10 2009.03.13 Suspicious file[/B]
PCTools 4.4.2.0 2009.03.13 -
Prevx1 V2 2009.03.13 -
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.13 -
Sunbelt 3.2.1858.2 2009.03.13 -
Symantec 1.4.4.12 2009.03.13 -
TheHacker 6.3.3.0.281 2009.03.13 -
TrendMicro 8.700.0.1004 2009.03.13 -
VBA32 3.12.10.1 2009.03.12 -
ViRobot 2009.3.13.1648 2009.03.13 -
VirusBuster 4.6.5.0 2009.03.13 -
[/QUOTE]

Дополнительная информация
File size: 566784 bytes
MD5...: 3405f8153c3703fd5fe0f114182fb786
SHA1..: d84d93c5f10e36fa1fc92a9da4e404bf2c8bd9bd
SHA256: c74c967fc49bc52827256076443794e69c92c94ca56681655458b9f2e28547dc
SHA512: 6c79fbcf5cc7d658614f9dacfafecd61b8f6d450f1c6f343a655b85b08046e1c
9169940ade3141cd11ab27f470b9994b5093a2f1690305e8a2e4abc798b13cb9
ssdeep: 12288:9rQgZtTZtiRTmAndgcPxAR+Wnutrno5Hg/7SvTT3it:9CRTmqJ6R+WK2gu
rT3it
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d3c
timedatestamp.....: 0x3e800062 (Tue Mar 25 07:08:18 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8f74 0x9000 6.62 912623f777d72e09b3e33e3eb3b92ecc
.data 0xa000 0x1bec 0x400 4.25 b67e6b028734fe3692a3080d8ebfe3b1
.rsrc 0xc000 0x80d34 0x80e00 7.89 3e3af9bf02f5254927dd49dd93f800ba

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, GetModuleFileNameA, lstrlenA, GetSystemDirectoryA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, lstrcatA, lstrcpyA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, GlobalFree, GlobalUnlock, GlobalLock, GetProcAddress, FreeResource, LockResource, LoadResource, SizeofResource, FindResourceA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, GlobalAlloc
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
packers (F-Prot): CAB

[size="1"][color="#666686"][B][I]Добавлено через 4 минуты[/I][/B][/color][/size]

Файл DrShark_Genuine_Licence.exe получен 2009.03.13 21:07:16 (CET)
Текущий статус: закончено
Результат: 2/39 (5.13%)

[QUOTE]
a-squared 4.0.0.101 2009.03.13 -
AhnLab-V3 5.0.0.2 2009.03.13 -
AntiVir 7.9.0.114 2009.03.13 -
Authentium 5.1.0.4 2009.03.13 -
Avast 4.8.1335.0 2009.03.13 -
AVG 8.0.0.237 2009.03.13 -
BitDefender 7.2 2009.03.13 -
CAT-QuickHeal 10.00 2009.03.13 -
ClamAV 0.94.1 2009.03.13 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.13 -
eSafe 7.0.17.0 2009.03.12 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.13 -
F-Secure 8.0.14470.0 2009.03.13 -
Fortinet 3.117.0.0 2009.03.13 -
GData 19 2009.03.13 -
Ikarus T3.1.1.45.0 2009.03.13 -
K7AntiVirus 7.10.668 2009.03.12 -
Kaspersky 7.0.0.125 2009.03.13 -
McAfee 5552 2009.03.13 -
McAfee+Artemis 5552 2009.03.13 -
McAfee-GW-Edition 6.7.6 2009.03.13 -
[B]Microsoft 1.4405 2009.03.13 Trojan:Win32/Vundo[/B]
NOD32 3935 2009.03.13 -
Norman 6.00.06 2009.03.13 -
nProtect 2009.1.8.0 2009.03.13 -
Panda 10.0.0.10 2009.03.13 -
PCTools 4.4.2.0 2009.03.13 -
[B]Prevx1 V2 2009.03.13 High Risk Worm[/B]
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.13 -
Sunbelt 3.2.1858.2 2009.03.13 -
Symantec 1.4.4.12 2009.03.13 -
TheHacker 6.3.3.0.281 2009.03.13 -
TrendMicro 8.700.0.1004 2009.03.13 -
VBA32 3.12.10.1 2009.03.12 -
ViRobot 2009.3.13.1648 2009.03.13 -
VirusBuster 4.6.5.0 2009.03.13 -
[/QUOTE]

Дополнительная информация
File size: 1672704 bytes
MD5...: 6c105d240371a1ea5d36f755e1aff12a
SHA1..: e97e50e9d266d4de297ede4cc09a443813f18d5d
SHA256: 33fd00af172d3042be85e65eebf3d1d8155eb1eaf860523c43a9928647c4d26b
SHA512: a47186e2d2a46611d859851998c9949c4f9ff404013460be0655d8c80018fcd6
d6ca9ddbea1381f7e431a3c548d178f721ac280c5293420a0d210c3769a15c00
ssdeep: 49152:XbfNT8+u/TN1CQ08cTJ8IR42YU/ZuYZHFJCu5HZLE:Xbfppc28C742YmIE
Y
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d3c
timedatestamp.....: 0x3e800062 (Tue Mar 25 07:08:18 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8f74 0x9000 6.62 912623f777d72e09b3e33e3eb3b92ecc
.data 0xa000 0x1bec 0x400 4.25 b67e6b028734fe3692a3080d8ebfe3b1
.rsrc 0xc000 0x18edf8 0x18ee00 7.99 f42b03ac3ca5c83e9ef260eb47be032e

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, GetModuleFileNameA, lstrlenA, GetSystemDirectoryA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, lstrcatA, lstrcpyA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, GlobalFree, GlobalUnlock, GlobalLock, GetProcAddress, FreeResource, LockResource, LoadResource, SizeofResource, FindResourceA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, GlobalAlloc
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
packers (F-Prot): CAB
17.03.2009, 00:48
IgorKr

Файл __2008___DrShark_.exe получен 2009.03.16 22:27:07 (CET)
Текущий статус: закончено
Результат: 2/39 (5.13%)

[QUOTE]
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
[B]McAfee-GW-Edition 6.7.6 2009.03.16 Trojan.Dldr.Agent.xyt[/B]
Microsoft 1.4405 2009.03.16 -
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
[B]Panda 10.0.0.10 2009.03.16 Suspicious file[/B]
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.16 -
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
[/QUOTE]

Дополнительная информация
File size: 566784 bytes
MD5...: aab7c653e1fba61444586e0852542b1a
SHA1..: 6199f548571059a9cef109ec5cf60077c9257e9b
SHA256: 46cb057568bb775e396f8da92462b3d8a767a638afccaf5d3a01fd011c66e33a
SHA512: dc140248202164d22ffb01268c4625827a668ec2c4ff41c39a47b5b0bb0c5efd
1f8b0e72f1aa0079ee09f665a9ea2b1474e521eef3d46561546a523e8c2bbbea
ssdeep: 12288:Dr+gZtTZtARTmAndgcPxAR+Wnutrno5Hg/7SvT:DeRTmqJ6R+WK2gur
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d3c
timedatestamp.....: 0x3e800062 (Tue Mar 25 07:08:18 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8f74 0x9000 6.62 912623f777d72e09b3e33e3eb3b92ecc
.data 0xa000 0x1bec 0x400 4.25 b67e6b028734fe3692a3080d8ebfe3b1
.rsrc 0xc000 0x80d34 0x80e00 7.89 afdf07fc94a111c9a955e17d487dc861

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, GetModuleFileNameA, lstrlenA, GetSystemDirectoryA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, lstrcatA, lstrcpyA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, GlobalFree, GlobalUnlock, GlobalLock, GetProcAddress, FreeResource, LockResource, LoadResource, SizeofResource, FindResourceA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, GlobalAlloc
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
packers (F-Prot): CAB

[size="1"][color="#666686"][B][I]Добавлено через 5 минут[/I][/B][/color][/size]

Файл ScreenSavers_DrShark_.exe получен 2009.03.16 22:33:16 (CET)
Текущий статус: закончено
Результат: 16/38 (42.11%)

[QUOTE]
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
[B]Avast 4.8.1335.0 2009.03.16 Win32:Trojan-gen {Other}
AVG 8.0.0.237 2009.03.16 Downloader.Generic8.YCV
BitDefender 7.2 2009.03.16 MemScan:Trojan.Generic.1465213[/B]
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
[B]DrWeb 4.44.0.09170 2009.03.16 Trojan.Fakealert.4044[/B]
[B]eSafe 7.0.17.0 2009.03.15 Suspicious File[/B]
eTrust-Vet 31.6.6388 2009.03.09 -
[B]F-Prot 4.4.4.56 2009.03.16 W32/Backdoor2.DXLN[/B]
[B]F-Secure 8.0.14470.0 2009.03.16 Trojan-Downloader.Win32.Agent.bkdn[/B]
Fortinet 3.117.0.0 2009.03.16 -
[B]GData 19 2009.03.16 MemScan:Trojan.Generic.1465213[/B]
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
[B]Kaspersky 7.0.0.125 2009.03.16 Trojan-Downloader.Win32.Agent.bkdn[/B]
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
[B]McAfee-GW-Edition 6.7.6 2009.03.16 Trojan.Downloader.Gen[/B]
[B]Microsoft 1.4405 2009.03.16 TrojanDownloader:Win32/Matcash.L[/B]
[B]NOD32 3938 2009.03.16 a variant of Win32/TrojanDownloader.Agent.OUB[/B]
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
[B]Panda 10.0.0.10 2009.03.16 Generic Trojan[/B]
PCTools 4.4.2.0 2009.03.16 -
[B]Prevx1 V2 2009.03.16 Medium Risk Malware[/B]
[B]Rising 21.21.02.00 2009.03.16 Trojan.Win32.Nodef.fxa[/B]
[B]Sophos 4.39.0 2009.03.16 Mal/EncPk-HJ[/B]
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
[/QUOTE]

Дополнительная информация
File size: 1435136 bytes
MD5...: 5faec4b43d7aa5a72a001c0a64859779
SHA1..: 91ef6d83f894bde1312de147e7fa6b68da9d2b61
SHA256: 842858a38b7d3e54f1a45b3a9559cefb93c5c5473b069a31be23deaaf48afbc7
SHA512: 04f6ab696ee0f4b5d95ef82c34a28f70018817f46e24f1e2e2ebf5d984964598
92e2524f1c06e0738fddfe538280d064173015769a2a44d2eb4d804e934644f1
ssdeep: 24576:6yoDHoBlcCfUwwPgdwrI80POSzRlJ7UIe+p0JvT6zD+VjVa53h6R:6jDHo
Blcq/wPZ8/bJ75uT6z6ih6
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d3c
timedatestamp.....: 0x3e800062 (Tue Mar 25 07:08:18 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8f74 0x9000 6.62 912623f777d72e09b3e33e3eb3b92ecc
.data 0xa000 0x1bec 0x400 4.25 b67e6b028734fe3692a3080d8ebfe3b1
.rsrc 0xc000 0x154c38 0x154e00 7.97 42fb972561cb463a3103f935f376ab48

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, GetModuleFileNameA, lstrlenA, GetSystemDirectoryA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, lstrcatA, lstrcpyA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, GlobalFree, GlobalUnlock, GlobalLock, GetProcAddress, FreeResource, LockResource, LoadResource, SizeofResource, FindResourceA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, GlobalAlloc
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=E6D7359B50835C05900000A2247B7B009C91D684' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=E6D7359B50835C05900000A2247B7B009C91D684</a>
packers (Kaspersky): PE_Patch.UPX, UPX, Edit
packers (F-Prot): CAB, RAR

[size="1"][color="#666686"][B][I]Добавлено через 11 минут[/I][/B][/color][/size]

Файл _ver_5.00.0__10.02.2009___DrShark получен 2009.03.16 22:46:02 (CET)
Текущий статус: закончено
Результат: 2/39 (5.13%)

[QUOTE]
a-squared 4.0.0.101 2009.03.16 -
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.16 -
Authentium 5.1.0.4 2009.03.16 -
Avast 4.8.1335.0 2009.03.16 -
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.16 -
CAT-QuickHeal 10.00 2009.03.16 -
ClamAV 0.94.1 2009.03.16 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.16 -
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
F-Secure 8.0.14470.0 2009.03.16 -
Fortinet 3.117.0.0 2009.03.16 -
GData 19 2009.03.16 -
Ikarus T3.1.1.45.0 2009.03.16 -
K7AntiVirus 7.10.673 2009.03.16 -
Kaspersky 7.0.0.125 2009.03.16 -
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
McAfee-GW-Edition 6.7.6 2009.03.16 -
[B]Microsoft 1.4405 2009.03.16 Trojan:Win32/Vundo[/B]
NOD32 3938 2009.03.16 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.16 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
[B]Prevx1 V2 2009.03.16 High Risk Worm[/B]
Rising 21.21.02.00 2009.03.16 -
Sophos 4.39.0 2009.03.16 -
Sunbelt 3.2.1858.2 2009.03.15 -
Symantec 1.4.4.12 2009.03.16 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.16 -
VBA32 3.12.10.1 2009.03.16 -
ViRobot 2009.3.16.1650 2009.03.16 -
VirusBuster 4.6.5.0 2009.03.16 -
[/QUOTE]

Дополнительная информация
File size: 2033664 bytes
MD5...: 91cf31d90d899030daf81729cf5b4a94
SHA1..: e3758b60a2cfc3ade6109ea72058a9d89d61763d
SHA256: 6ac9627a497b70c1ac9f544b82a5384106d1e28bda6bc50d32c4fef2bce7a575
SHA512: 2d50a37a0c596a27634f54f0aa8e2815f320702323e8184854938589cab6493b
360210a97d2c8c25a6fc87fc9b6f4e2e16723f8f8245e185cc880ce4cd13cd29
ssdeep: 49152:Q3tCX51cJFzPELRzEDS0iv9fFWkdIekgJ8EM7:Q3tSIFbyRaMwkdIouE
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d3c
timedatestamp.....: 0x3e800062 (Tue Mar 25 07:08:18 2003)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8f74 0x9000 6.62 912623f777d72e09b3e33e3eb3b92ecc
.data 0xa000 0x1bec 0x400 4.25 b67e6b028734fe3692a3080d8ebfe3b1
.rsrc 0xc000 0x1e6ec4 0x1e7000 7.99 daa581e9aec8b8636492f29e94dadccd

( 6 imports )
> ADVAPI32.dll: FreeSid, AllocateAndInitializeSid, EqualSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> KERNEL32.dll: LocalFree, LocalAlloc, GetLastError, GetCurrentProcess, GetModuleFileNameA, lstrlenA, GetSystemDirectoryA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, lstrcatA, lstrcpyA, _lclose, _llseek, _lopen, WritePrivateProfileStringA, GetWindowsDirectoryA, CreateDirectoryA, GetFileAttributesA, ExpandEnvironmentStringsA, IsDBCSLeadByte, GetShortPathNameA, GetPrivateProfileStringA, GetPrivateProfileIntA, lstrcmpiA, GlobalFree, GlobalUnlock, GlobalLock, GetProcAddress, FreeResource, LockResource, LoadResource, SizeofResource, FindResourceA, CloseHandle, WriteFile, SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, SetCurrentDirectoryA, GetTempFileNameA, ExitProcess, CreateFileA, LoadLibraryExA, lstrcpynA, GetVolumeInformationA, FormatMessageA, GetCurrentDirectoryA, GetVersionExA, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, GetSystemInfo, CreateMutexA, SetEvent, CreateEventA, CreateThread, ResetEvent, TerminateThread, GetDriveTypeA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, SetUnhandledExceptionFilter, ReadFile, LoadLibraryA, GetDiskFreeSpaceA, MulDiv, EnumResourceLanguagesA, FreeLibrary, GlobalAlloc
> GDI32.dll: GetDeviceCaps
> USER32.dll: ExitWindowsEx, wsprintfA, CharNextA, CharUpperA, CharPrevA, SetWindowLongA, GetWindowLongA, CallWindowProcA, DispatchMessageA, MsgWaitForMultipleObjects, PeekMessageA, SendMessageA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, SendDlgItemMessageA, GetDlgItem, SetForegroundWindow, SetWindowTextA, MessageBoxA, DialogBoxIndirectParamA, ShowWindow, EnableWindow, GetDlgItemTextA, EndDialog, GetDesktopWindow, MessageBeep, SetDlgItemTextA, LoadStringA, GetSystemMetrics
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA

( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=3190B3A700D2FFF4704F012DDDE82A0032D1F3A5' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=3190B3A700D2FFF4704F012DDDE82A0032D1F3A5</a>
packers (F-Prot): CAB
17.03.2009, 11:55
Hanson

Файл avz00001.dta (twex.exe) получен 2009.03.17 09:31:37 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 10/39 (25.65%)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.03.17 -
AhnLab-V3 5.0.0.2 2009.03.16 -
[B]AntiVir 7.9.0.116 2009.03.17 TR/Dropper.Gen[/B]
Authentium 5.1.0.4 2009.03.17 -
[B]Avast 4.8.1335.0 2009.03.16 Win32:Rootkit-gen[/B]
AVG 8.0.0.237 2009.03.16 -
BitDefender 7.2 2009.03.17 -
[B]CAT-QuickHeal 10.00 2009.03.17 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.03.17 -
Comodo 1060 2009.03.16 -
[B]DrWeb 4.44.0.09170 2009.03.17 Trojan.PWS.Panda.106[/B]
eSafe 7.0.17.0 2009.03.15 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.16 -
[B]F-Secure 8.0.14470.0 2009.03.17 Trojan-Spy.Win32.Zbot.pox[/B]
Fortinet 3.117.0.0 2009.03.17 -
[B]GData 19 2009.03.17 Win32:Rootkit-gen[/B]
Ikarus T3.1.1.45.0 2009.03.17 -
K7AntiVirus 7.10.673 2009.03.16 -
[B]Kaspersky 7.0.0.125 2009.03.17 Trojan-Spy.Win32.Zbot.pox[/B]
McAfee 5555 2009.03.16 -
McAfee+Artemis 5555 2009.03.16 -
[B]McAfee-GW-Edition 6.7.6 2009.03.17 Trojan.Dropper.Gen
Microsoft 1.4405 2009.03.17 PWS:Win32/Zbot.gen!R[/B]
NOD32 3941 2009.03.17 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.17 -
Panda 10.0.0.10 2009.03.16 -
PCTools 4.4.2.0 2009.03.16 -
Prevx1 V2 2009.03.17 -
Rising 21.21.11.00 2009.03.17 -
Sophos 4.39.0 2009.03.17 -
Sunbelt 3.2.1858.2 2009.03.17 -
Symantec 1.4.4.12 2009.03.17 -
TheHacker 6.3.3.0.283 2009.03.16 -
TrendMicro 8.700.0.1004 2009.03.17 -
[B]VBA32 3.12.10.1 2009.03.16 Trojan-Spy.Win32.Zbot[/B]
ViRobot 2009.3.17.1651 2009.03.17 -
VirusBuster 4.6.5.0 2009.03.16 -[/CODE]

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

Файл avz00002.dta (uvsync.sys)получен 2009.03.17 09:32:35 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 16/39 (41.03%)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.101 2009.03.17 Backdoor.Win32.Haxdoor!IK[/B]
AhnLab-V3 5.0.0.2 2009.03.16 -
AntiVir 7.9.0.116 2009.03.17 -
Authentium 5.1.0.4 2009.03.17 -
Avast 4.8.1335.0 2009.03.16 -
[B]AVG 8.0.0.237 2009.03.16 PSW.Generic7.LS
BitDefender 7.2 2009.03.17 Trojan.Spy.Goldun.NCN[/B]
CAT-QuickHeal 10.00 2009.03.17 -
ClamAV 0.94.1 2009.03.17 -
Comodo 1060 2009.03.16 -
DrWeb 4.44.0.09170 2009.03.17 -
eSafe 7.0.17.0 2009.03.15 -
[B]eTrust-Vet 31.6.6388 2009.03.09 Win32/ProcHide!generic[/B]
F-Prot 4.4.4.56 2009.03.16 -
[B]F-Secure 8.0.14470.0 2009.03.17 Trojan-Spy.Win32.Goldun.bwi[/B]
Fortinet 3.117.0.0 2009.03.17 -
[B]GData 19 2009.03.17 Trojan.Spy.Goldun.NCN
Ikarus T3.1.1.45.0 2009.03.17 Backdoor.Win32.Haxdoor[/B]
K7AntiVirus 7.10.673 2009.03.16 -
[B]Kaspersky 7.0.0.125 2009.03.17 Trojan-Spy.Win32.Goldun.bwi[/B]
McAfee 5555 2009.03.16 -
[B]McAfee+Artemis 5555 2009.03.16 Generic!Artemis[/B]
McAfee-GW-Edition 6.7.6 2009.03.17 -
[B]Microsoft 1.4405 2009.03.17 Backdoor:Win32/Haxdoor[/B]
NOD32 3941 2009.03.17 -
Norman 6.00.06 2009.03.16 -
nProtect 2009.1.8.0 2009.03.17 -
Panda 10.0.0.10 2009.03.16 Trj/CI.A
PCTools 4.4.2.0 2009.03.16 -
[B]Prevx1 V2 2009.03.17 Medium Risk Malware
Rising 21.21.11.00 2009.03.17 RootKit.Win32.Agent.epu[/B]
Sophos 4.39.0 2009.03.17 -
[B]Sunbelt 3.2.1858.2 2009.03.17 Goldun.Fam[/B]
Symantec 1.4.4.12 2009.03.17 -
[B]TheHacker 6.3.3.0.283 2009.03.16 Trojan/Spy.Goldun.bwi[/B]
TrendMicro 8.700.0.1004 2009.03.17 -
[B]VBA32 3.12.10.1 2009.03.16 suspected of Rootkit.Agent.10 (paranoid heuristics)[/B]
ViRobot 2009.3.17.1651 2009.03.17 -
VirusBuster 4.6.5.0 2009.03.16 -[/CODE]
19.03.2009, 12:09
Surfer

Файл contact.exe получен 2009.03.19 10:06:14 (CET)
Результат: 5/39 (12.83%)

[CODE]a-squared 4.0.0.101 2009.03.19 -
AhnLab-V3 5.0.0.2 2009.03.19 -
AntiVir 7.9.0.120 2009.03.18 -
Authentium 5.1.2.4 2009.03.18 -
Avast 4.8.1335.0 2009.03.18 -
AVG 8.5.0.283 2009.03.19 -
BitDefender 7.2 2009.03.19 -
CAT-QuickHeal 10.00 2009.03.19 -
ClamAV 0.94.1 2009.03.19 -
Comodo 1066 2009.03.18 -
DrWeb 4.44.0.09170 2009.03.19 -
eSafe 7.0.17.0 2009.03.18 -
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.18 -
F-Secure 8.0.14470.0 2009.03.19 -
Fortinet 3.117.0.0 2009.03.19 -
GData 19 2009.03.19 -
Ikarus T3.1.1.48.0 2009.03.19 -
K7AntiVirus 7.10.674 2009.03.17 -
Kaspersky 7.0.0.125 2009.03.19 -
McAfee 5557 2009.03.18 -
McAfee+Artemis 5557 2009.03.18 -
[B]McAfee-GW-Edition 6.7.6 2009.03.18 Worm.LooksLike.Rbot
Microsoft 1.4502 2009.03.19 Trojan:Win32/Waledac.gen!A[/B]
NOD32 3947 2009.03.19 -
[B]Norman 6.00.06 2009.03.18 Waledac.AJ[/B]
nProtect 2009.1.8.0 2009.03.19 -
Panda 10.0.0.10 2009.03.18 -
PCTools 4.4.2.0 2009.03.18 -
[B]Prevx1 V2 2009.03.19 High Risk Cloaked Malware[/B]
Rising 21.21.31.00 2009.03.19 -
Sophos 4.39.0 2009.03.19 -
Sunbelt 3.2.1858.2 2009.03.19 -
Symantec 1.4.4.12 2009.03.19 -
TheHacker 6.3.3.0.285 2009.03.19 -
TrendMicro 8.700.0.1004 2009.03.19 -
[B]VBA32 3.12.10.1 2009.03.18 suspected of Malware-Cryptor.Win32.General.4[/B]
ViRobot 2009.3.19.1655 2009.03.19 -
VirusBuster 4.6.5.0 2009.03.18 -[/CODE]

[url]http://www.virustotal.com/ru/analisis/073479b85b16779376e2e0036e71f71b[/url]
19.03.2009, 23:42
senyak

Файл ygv.exe получен 2009.03.19 21:35:32 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 8/38 (21.06%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.03.19 -
AhnLab-V3 5.0.0.2 2009.03.19 -
[B]AntiVir 7.9.0.120 2009.03.19 TR/Crypt.XPACK.Gen[/B]
Authentium 5.1.2.4 2009.03.19 -
Avast 4.8.1335.0 2009.03.19 -
AVG 8.5.0.283 2009.03.19 -
BitDefender 7.2 2009.03.19 -
[B]CAT-QuickHeal 10.00 2009.03.19 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.03.19 -
Comodo 1066 2009.03.18 -
DrWeb 4.44.0.09170 2009.03.19 -
[B]eSafe 7.0.17.0 2009.03.19 Suspicious File[/B]
eTrust-Vet 31.6.6388 2009.03.09 -
F-Prot 4.4.4.56 2009.03.19 -
Fortinet 3.117.0.0 2009.03.19 -
GData 19 2009.03.19 -
Ikarus T3.1.1.48.0 2009.03.19 -
K7AntiVirus 7.10.676 2009.03.19 -
Kaspersky 7.0.0.125 2009.03.19 -
McAfee 5558 2009.03.19 -
[B]McAfee+Artemis 5558 2009.03.19 Generic!Artemis
McAfee-GW-Edition 6.7.6 2009.03.19 Trojan.Crypt.XPACK.Gen
Microsoft 1.4502 2009.03.19 VirTool:Win32/Obfuscator.EO[/B]
NOD32 3948 2009.03.19 -
Norman 6.00.06 2009.03.19 -
nProtect 2009.1.8.0 2009.03.19 -[B]
Panda 10.0.0.10 2009.03.19 Suspicious file[/B]
PCTools 4.4.2.0 2009.03.19 -
Prevx1 V2 2009.03.19 -
Rising 21.21.32.00 2009.03.19 -
[B]Sophos 4.39.0 2009.03.19 Mal/Basine-C[/B]
Sunbelt 3.2.1858.2 2009.03.19 -
Symantec 1.4.4.12 2009.03.19 -
TheHacker 6.3.3.0.286 2009.03.19 -
TrendMicro 8.700.0.1004 2009.03.19 -
VBA32 3.12.10.1 2009.03.18 -
ViRobot 2009.3.19.1656 2009.03.19 -
VirusBuster 4.6.5.0 2009.03.19 -[/QUOTE]
Дополнительная информация
File size: 24064 bytes
MD5...: ae0cc33da9fa4e39f02f278ce70b0533
SHA1..: ae53e2ca0c1df0106b7138a22e1d3a3a158a9ae0
SHA256: 3436e7c3052bef71146e9e68cc8479a46669c7b9d24e6e42a6a6e7910c161ece
SHA512: 8d1e3739d65a3a6d18b485eb4a0125316a1635ff49a6169cf1146fd66052f8ae
a98a124e859b63a32af9b8238cc9802dea969d0985c0dfeea2ea702ba52f1f45
ssdeep: 384:2lIZq4A+4UMa9UVxVYCUP3Dq89HPsr8vh9tAwotXuPdI9Pw+nXGN:2lsafaa
VwTPT39HPsgp9tSteK9tnXY
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
23.03.2009, 08:35
ZhIV

Файл eawnxi.exe получен 2009.03.23 06:18:40 (CET)[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.03.23 -
AhnLab-V3 5.0.0.2 2009.03.22 -
[B]AntiVir 7.9.0.120 2009.03.22 Worm/Autorun.esq[/B]
Authentium 5.1.2.4 2009.03.23 -
Avast 4.8.1335.0 2009.03.23 -
AVG 8.5.0.283 2009.03.22 -
BitDefender 7.2 2009.03.23 -
CAT-QuickHeal 10.00 2009.03.23 -
ClamAV 0.94.1 2009.03.23 -
[B]Comodo 1080 2009.03.22 Unclassified Malware[/B]
DrWeb 4.44.0.09170 2009.03.23 -
[B]eSafe 7.0.17.0 2009.03.19 Win32.Worm.AutoRun.u[/B]
eTrust-Vet 31.6.6409 2009.03.20 -
F-Prot 4.4.4.56 2009.03.23 -
F-Secure 8.0.14470.0 2009.03.23 -
Fortinet 3.117.0.0 2009.03.22 -
GData 19 2009.03.23 -
Ikarus T3.1.1.48.0 2009.03.23 -
K7AntiVirus 7.10.678 2009.03.21 -
Kaspersky 7.0.0.125 2009.03.23 -
McAfee 5561 2009.03.22 -
McAfee+Artemis 5561 2009.03.22 -
[B]McAfee-GW-Edition 6.7.6 2009.03.22 Worm.Autorun.esq
[/B]Microsoft 1.4502 2009.03.22 -
NOD32 3953 2009.03.21 -
Norman 6.00.06 2009.03.20 -
nProtect 2009.1.8.0 2009.03.23 -
Panda 10.0.0.10 2009.03.22 -
PCTools 4.4.2.0 2009.03.22 -
Prevx1 V2 2009.03.23 -
Rising 21.22.00.00 2009.03.23 -
Sophos 4.39.0 2009.03.23 -
Sunbelt 3.2.1858.2 2009.03.22 -
Symantec 1.4.4.12 2009.03.23 -
[B]TheHacker 6.3.3.4.287 2009.03.23 W32/AutoRun.esq
[/B]TrendMicro 8.700.0.1004 2009.03.23 -
VBA32 3.12.10.1 2009.03.23 -
ViRobot 2009.3.23.1659 2009.03.23 -
VirusBuster 4.6.5.0 2009.03.22 -
[/CODE]
Дополнительная информация
File size: 97791 bytes
MD5...: df7ebd547e890c70d0e802454168b346
SHA1..: 4e6f4197ee2563ed06946c6016d4fac1082ed1fe
SHA256: dfa991a20f3c184292e2eb3500ebfa3466bcaa06ae0d84e8933df9f18c7302f1
SHA512: 182a46b08005b3a7ac4f9a1738d52ad6c667721472a86a989ff2c305c952d027 25cd75c39cc2e2f93c9aefb9709c3b7919a06bc3cec4b224179d5061bc1962f7
ssdeep: 1536:YEwOnbNQKLjWDyy1o5RepJUEbooPRrKKRSq6Hn:Y2NQKPWDyDRepJltZrpR SfH 
PEiD..: -
TrID..: File type identification Win32 Executable MS Visual C++ (generic) (53.1%) Windows Screen Saver (18.4%) Win32 Executable Generic (12.0%) Win32 Dynamic Link Library (generic) (10.6%) Generic Win/DOS Executable (2.8%)
PEInfo: PE Structure information
24.03.2009, 16:27
berkut_v

File ___8_____________1.xls (ж_8 бюджет1.xls) received on 03.24.2009 10:13:05 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 2/39 (5.13%)

[CODE]Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.03.24 -
AhnLab-V3 5.0.0.2 2009.03.24 -
AntiVir 7.9.0.120 2009.03.24 EXP/Office.Dropper.Gen
Authentium 5.1.2.4 2009.03.23 -
Avast 4.8.1335.0 2009.03.23 -
AVG 8.5.0.283 2009.03.23 -
BitDefender 7.2 2009.03.24 -
CAT-QuickHeal 10.00 2009.03.24 -
ClamAV 0.94.1 2009.03.24 -
Comodo 1082 2009.03.23 -
DrWeb 4.44.0.09170 2009.03.24 -
eSafe 7.0.17.0 2009.03.23 -
eTrust-Vet 31.6.6414 2009.03.24 -
F-Prot 4.4.4.56 2009.03.23 -
F-Secure 8.0.14470.0 2009.03.24 -
Fortinet 3.117.0.0 2009.03.24 -
GData 19 2009.03.24 -
Ikarus T3.1.1.48.0 2009.03.24 -
K7AntiVirus 7.10.679 2009.03.23 -
Kaspersky 7.0.0.125 2009.03.24 -
McAfee 5562 2009.03.23 -
McAfee+Artemis 5562 2009.03.23 -
McAfee-GW-Edition 6.7.6 2009.03.24 Exploit.Office.Dropper.Gen
Microsoft 1.4502 2009.03.24 -
NOD32 3956 2009.03.24 -
Norman 6.00.06 2009.03.23 -
nProtect 2009.1.8.0 2009.03.24 -
Panda 10.0.0.10 2009.03.24 -
PCTools 4.4.2.0 2009.03.23 -
Prevx1 V2 2009.03.24 -
Rising 21.22.12.00 2009.03.24 -
Sophos 4.39.0 2009.03.24 -
Sunbelt 3.2.1858.2 2009.03.23 -
Symantec 1.4.4.12 2009.03.24 -
TheHacker 6.3.3.4.288 2009.03.24 -
TrendMicro 8.700.0.1004 2009.03.24 -
VBA32 3.12.10.1 2009.03.23 -
ViRobot 2009.3.23.1660 2009.03.24 -
VirusBuster 4.6.5.0 2009.03.23 - [/CODE]
Additional information
File size: 110080 bytes
MD5...: 3460754ac443f614434225ab8a3fbe38
SHA1..: 2800ec7a931893109f0f28bc1ae00d89081f46cd
SHA256: d1c1ed8f6325dc0b52ed4a663c844ae667aa4a5d79e3119efc3945e91d4f8509
SHA512: 9322c48ef644b6f1f8e5350bf732678691ecfb04c457cb688da7b894379b2b37
59c8b8466e2befd717a32e7c987931f2a1927a6179413f701dc7c7e9829b72e9
ssdeep: 768:CxTdfKsdNGTtLtV4mzX2c3TWh7JvGMdl12q9Cr1JPdd49ZA7F7TK+BT0EbDu
Vg:+hvGbP3TWt1Gw1j9Cp3

PEiD..: -
TrID..: File type identification
Microsoft Excel sheet (78.9%)
Generic OLE2 / Multistream Compound File (21.0%)

[size="1"][color="#666686"][B][I]Добавлено через 3 часа 54 минуты[/I][/B][/color][/size]

в предыдущем отлове только 16 антивирусов отлавливали
File macyjf.exe received on 03.24.2009 14:13:29 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 33/40 (82.5%)

[CODE]Antivirus Version Last Update Result
[B]a-squared 4.0.0.101 2009.03.24 Trojan.Win32.Autoit!IK
AhnLab-V3 5.0.0.2 2009.03.24 Win-Trojan/Midgare.236544
AntiVir 7.9.0.120 2009.03.24 TR/Onlinegames.A3 [/B]
Antiy-AVL 2.0.3.1 2009.03.24 -
[B]Authentium 5.1.2.4 2009.03.23 W32/Trojan3.AIQ
Avast 4.8.1335.0 2009.03.23 Win32:Agent-AEEP
AVG 8.5.0.283 2009.03.23 Worm/Autoit.LQN
BitDefender 7.2 2009.03.24 Worm.Generic.41831
CAT-QuickHeal 10.00 2009.03.24 Backdoor.Agent.adzv
ClamAV 0.94.1 2009.03.24 Trojan.Autoit-72
Comodo 1082 2009.03.23 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 4.44.0.09170 2009.03.24 Win32.HLLW.Autoruner.6013
eSafe 7.0.17.0 2009.03.23 Win32.Autorun.worm.z [/B]
eTrust-Vet 31.6.6414 2009.03.24 -
[B]F-Prot 4.4.4.56 2009.03.23 W32/Trojan3.AIQ
F-Secure 8.0.14470.0 2009.03.24 Trojan.Win32.Agent2.efp
Fortinet 3.117.0.0 2009.03.24 W32/Autorun.ZF!worm
GData 19 2009.03.24 Worm.Generic.41831
Ikarus T3.1.1.48.0 2009.03.24 Trojan.Win32.Autoit
K7AntiVirus 7.10.679 2009.03.23 Trojan.Win32.Midgare.roo
Kaspersky 7.0.0.125 2009.03.24 Trojan.Win32.Agent2.efp
McAfee 5562 2009.03.23 W32/Autorun.worm.n
McAfee+Artemis 5562 2009.03.23 W32/Autorun.worm.n
McAfee-GW-Edition 6.7.6 2009.03.24 Trojan.Onlinegames.A3
Microsoft 1.4502 2009.03.24 Worm:AutoIt/Renocide.gen!B
NOD32 3957 2009.03.24 Win32/Packed.Autoit.Gen
Norman 6.00.06 2009.03.23 W32/Smalltroj.LCYY [/B]
nProtect 2009.1.8.0 2009.03.24 -
[B]Panda 10.0.0.10 2009.03.24 Trj/Agent.LPX[/B]
PCTools 4.4.2.0 2009.03.24 -
[B]Prevx1 V2 2009.03.24 High Risk System Back Door [/B]
Rising 21.22.12.00 2009.03.24 -
[B]Sophos 4.39.0 2009.03.24 Mal/Generic-A[/B]
Sunbelt 3.2.1858.2 2009.03.23 -
[B]Symantec 1.4.4.12 2009.03.24 W32.Harakit
TheHacker 6.3.3.4.288 2009.03.24 Trojan/Midgare.rvm
TrendMicro 8.700.0.1004 2009.03.24 WORM_AUTORUN.HOZ
VBA32 3.12.10.1 2009.03.23 Trojan.Autoit.gen
ViRobot 2009.3.24.1661 2009.03.24 Trojan.Win32.Klone.345416.B [/B]
VirusBuster 4.6.5.0 2009.03.23 - [/CODE]

Additional information
File size: 345416 bytes
MD5...: a68fed9bb2efde1ff0dca8dedff7a736
SHA1..: f45a20db3894e39cedc1c8d211f48acb39889bff
SHA256: 8e2d845d7cb056a05d1e10d2de82632fbeb2fb96edda7298d24e899d53ff1163
SHA512: 5de48df6e28a5033080a42c27c88db8c9f28051fb9fddabcfb1f85f4f0522bdb
86c86b8c21ccea289fb586a9df20a2823aedf460862594f5089e8cc6e9d386f0
ssdeep: 6144:Xjk1EHI7OyXfOe5JnVZFrv7p4TKcw5TCDx+a62foC0ji61D48jso:XjGjPO
evnllBcCMfAC0j88Yo

PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x90ed0
timedatestamp.....: 0x4850e379 (Thu Jun 12 08:51:05 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x57000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x58000 0x3a000 0x39200 7.92 e5dd1823a0945d13b9b1eafb53f1cd15
.rsrc 0x92000 0x1000 0x600 3.17 46fa8faf2149b0d50b1dadb772597c8c

( 13 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> ADVAPI32.dll: RegCloseKey
> COMCTL32.dll: ImageList_Create
> comdlg32.dll: GetSaveFileNameW
> GDI32.dll: LineTo
> MPR.dll: WNetUseConnectionW
> ole32.dll: CoInitialize
> OLEAUT32.dll: -
> SHELL32.dll: DragFinish
> USER32.dll: GetDC
> VERSION.dll: VerQueryValueW
> WINMM.dll: timeGetTime
> WSOCK32.dll: -

( 0 exports )

Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=38FE752C48FF656A45B10527AABF3E00D8D6AEF3' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=38FE752C48FF656A45B10527AABF3E00D8D6AEF3</a>
25.03.2009, 18:32
rxx

File autorun.inf received on 03.25.2009 16:28:29 (CET)
Current status: finished
Result: 18/39 (46.16%)
[CODE]Antivirus Version Last Update Result
a-squared - - Worm.Win32.Conficker!IK
AhnLab-V3 - - -
AntiVir - - -
Antiy-AVL - - -
Authentium - - -
Avast - - -
AVG - - Worm/Generic_c.ZW
BitDefender - - Worm.Autorun.VHG
CAT-QuickHeal - - -
ClamAV - - Worm.Autorun-1838
Comodo - - Worm.Win32.AutoRun.etg
DrWeb - - Win32.HLLW.Shadow
eSafe - - -
eTrust-Vet - - INF/Conficker
F-Prot - - -
F-Secure - - Worm:W32/Downaduprun.A
Fortinet - - -
GData - - Worm.Autorun.VHG
Ikarus - - Worm.Win32.Conficker
K7AntiVirus - - -
Kaspersky - - -
McAfee - - -
McAfee+Artemis - - -
McAfee-GW-Edition - - -
Microsoft - - Worm:Win32/Conficker.B!inf
NOD32 - - INF/Conficker
Norman - - -
nProtect - - -
Panda - - -
PCTools - - -
Prevx1 - - -
Rising - - -
Sophos - - Mal/ConfInf-A
Sunbelt - - INF.Autorun (v)
Symantec - - W32.Downadup!autorun
TheHacker - - W32/Conficker.autorunL
TrendMicro - - TROJ_DOWNAD.AF
VBA32 - - Trojan.Autorun.gen
ViRobot - - -
VirusBuster - - INF.Conficker.F[/CODE]
Additional information
File size: 59306 bytes
MD5...: 060dc978741e7ff27686ca8885802623
SHA1..: 4e32ff1cf3243ce56ff278cc0924b601784463d1
SHA256: 4202574ee60beb13a329f4ba6f6bc55a6e3cfbdfccab929f50024603d9cde020
SHA512: 6665cf3425448730ae8cf04d1d46b20ff088a915a912ed4061136f44639dc10e
a469d38e636281f11850630cf92de41ba946bba2a0a4ef2266cc5408dc587599
ssdeep: 1536:IS+zcVPpjrVmdmwGvp1kGEJ5V7hAUJcFc00LZ:+g9plmW8PD2Gc2Z
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (66.6%)
MP3 audio (33.3%)
PEInfo: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode
27.03.2009, 19:04
serjel

Mycentria

Файл A0045214.exe получен 2009.03.27 16:50:19 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО

Результат: 8/39 (20.52%)

[CODE]Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.03.27 -
AhnLab-V3 5.0.0.2 2009.03.27 -
AntiVir 7.9.0.129 2009.03.27 -
Antiy-AVL 2.0.3.1 2009.03.27 -
Authentium 5.1.2.4 2009.03.27 -
Avast 4.8.1335.0 2009.03.26 -
AVG 8.5.0.283 2009.03.27 -
BitDefender 7.2 2009.03.27 -
CAT-QuickHeal 10.00 2009.03.26 -
ClamAV 0.94.1 2009.03.27 -
[B]Comodo 1086 2009.03.27 ApplicUnsaf.Win32.AdWare.Mycentria.~A[/B]
[B]DrWeb 4.44.0.09170 2009.03.27 Trojan.Mycentria.22[/B]
[B]eSafe 7.0.17.0 2009.03.26 Win32.Banker[/B]
eTrust-Vet 31.6.6420 2009.03.27 -
F-Prot 4.4.4.56 2009.03.27 -
F-Secure 8.0.14470.0 2009.03.27 -
Fortinet 3.117.0.0 2009.03.27 -
GData 19 2009.03.27 -
Ikarus T3.1.1.48.0 2009.03.27 -
K7AntiVirus 7.10.683 2009.03.27 -
Kaspersky 7.0.0.125 2009.03.27 -
[B]McAfee 5565 2009.03.26 potentially unwanted program Generic PUP[/B]
[B]McAfee+Artemis 5565 2009.03.26 potentially unwanted program Generic PUP [/B]
McAfee-GW-Edition 6.7.6 2009.03.27 -
Microsoft 1.4502 2009.03.27 -
[B]NOD32 3969 2009.03.27 Win32/Adware.Mycentria [/B]
Norman 6.00.06 2009.03.27 -
nProtect 2009.1.8.0 2009.03.27 -
Panda 10.0.0.10 2009.03.27 -
PCTools 4.4.2.0 2009.03.27 -
[B]Prevx1 V2 2009.03.27 Medium Risk Malware [/B]
Rising 21.22.42.00 2009.03.27 -
Sophos 4.40.0 2009.03.27 -
Sunbelt 3.2.1858.2 2009.03.26 -
Symantec 1.4.4.12 2009.03.27 -
TheHacker 6.3.3.7.292 2009.03.26 -
TrendMicro 8.700.0.1004 2009.03.27 -
[B]VBA32 3.12.10.1 2009.03.26 Win32.Adware.Mycentria [/B]
ViRobot 2009.3.27.1666 2009.03.27 -
[/CODE]
Дополнительная информация
File size: 55586 bytes
MD5...: 9f5bc21ebdc08e169168124221f5deab
SHA1..: 8f9cda38451f1903a8e3da4ba8ff15927f8fc878
SHA256: 611c6a838934f4312796f88721657c0bc46595aefbced64e4c00c604b04d3536
SHA512: 891f619bab571926629c8e07d508da34c27227e41dc0a62cdacbaa9099e1da6f
9ff077ddad236592add893474cb7c878e033a6f80a26c30db9e6eb2171069859
ssdeep: 1536:FKDqJvz2xyM40DSmJAqAELVigPvtMOUheOs4d:FKDAfCDSmJPAI0uP0eOBd

PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x315d
timedatestamp.....: 0x460e79c3 (Sat Mar 31 15:09:55 2007)
machinetype.......: 0x14c (I386)
30.03.2009, 14:27
Kuzz

Файл avz00025.dta получен 2009.03.30 12:22:02 (CET)
Текущий статус: закончено
Результат: 15/40 (37.5%)
[CODE][B]a-squared 4.0.0.101 2009.03.30 Riskware.AdWare.Mywebsearch!IK [/B]
AhnLab-V3 5.0.0.2 2009.03.30 -
AntiVir 7.9.0.129 2009.03.30 -
[B]Antiy-AVL 2.0.3.1 2009.03.30 AdTool/Win32.MyWebSearch
Authentium 5.1.2.4 2009.03.29 W32/HackTool.BAC [/B]
Avast 4.8.1335.0 2009.03.29 -
AVG 8.5.0.285 2009.03.29 -
BitDefender 7.2 2009.03.30 -
CAT-QuickHeal 10.00 2009.03.30 -
ClamAV 0.94.1 2009.03.29 -
[B]Comodo 1089 2009.03.29 ApplicUnwnt.Win32.Toolbar.MyWebSearch [/B]
DrWeb 4.44.0.09170 2009.03.30 -
eSafe 7.0.17.0 2009.03.27 -
eTrust-Vet 31.6.6424 2009.03.30 -
[B]F-Prot 4.4.4.56 2009.03.29 W32/HackTool.BAC[/B]
F-Secure 8.0.14470.0 2009.03.30 -
[B]Fortinet 3.117.0.0 2009.03.30 W32/MyWebSearch [/B]
GData 19 2009.03.30 -
[B]Ikarus T3.1.1.48.0 2009.03.30 not-a-virus:AdWare.Mywebsearch
K7AntiVirus 7.10.684 2009.03.28 not-a-virus:AdTool.Win32.MyWebSearch.az [/B]
Kaspersky 7.0.0.125 2009.03.30 -
[B]McAfee 5568 2009.03.29 potentially unwanted program MWS
McAfee+Artemis 5568 2009.03.29 potentially unwanted program MWS [/B]
McAfee-GW-Edition 6.7.6 2009.03.30 -
Microsoft 1.4502 2009.03.30 -
[B]NOD32 3974 2009.03.30 Win32/Toolbar.MyWebSearch [/B]
Norman 6.00.06 2009.03.27 -
[B]nProtect 2009.1.8.0 2009.03.30 Trojan-Clicker/W32.Toolbar.57344.B
Panda 10.0.0.10 2009.03.29 Application/MyWebSearch [/B]
PCTools 4.4.2.0 2009.03.29 -
Prevx1 V2 2009.03.30 -
Rising 21.23.03.00 2009.03.30 -
Sophos 4.40.0 2009.03.30 -
Sunbelt 3.2.1858.2 2009.03.29 -
Symantec 1.4.4.12 2009.03.30 -
[B]TheHacker 6.3.3.9.296 2009.03.30 Adware/MyWebSearch.az [/B]
TrendMicro 8.700.0.1004 2009.03.30 -
VBA32 3.12.10.1 2009.03.29 -
[B]ViRobot 2009.3.30.1668 2009.03.30 Adware.AskBar.To.57344 [/B]
VirusBuster 4.6.5.0 2009.03.30 - [/CODE]
Дополнительная информация
File size: 57344 bytes
MD5...: 30e4c0a012ae80e8479523a8d9a3217f
SHA1..: f5e602af05e25de625fd401f9492a66659ea20b7
SHA256: 23b4fd1592eed3c2d06877fa909ed13985e0d3ca76db856cb216a1ec6af4c5cd
SHA512: cd9e775e448c78bc370d4d208a6383308f596d01409d0909c0cbfb34fe9adf2b
410764d3e9c245001d013581f97335edc70c1fb7c090c5e1c011d4e6342e52ca
ssdeep: 768:iARygQiAOPjVbMVcEFjZW4ed44RO2/9IXH+jMF0MjaN5lJJwr6imhAlw:iAR
ygQAj+VcMd2VLMHON53Jw+imhAl

PEiD..: -
31.03.2009, 10:23
ZhIV

Файл avz00001.dta получен 2009.03.31 08:16:17 (CET)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.0.0.101 2009.03.31 Packer.Krunchy!IK[/B]
AhnLab-V3 5.0.0.2 2009.03.31 -
[B]AntiVir 7.9.0.129 2009.03.30 TR/Drop.Agent.akxp[/B]
Antiy-AVL 2.0.3.1 2009.03.30 -
[B]Authentium 5.1.2.4 2009.03.30 W32/Heuristic-210!Eldorado[/B]
Avast 4.8.1335.0 2009.03.30 -
[B]AVG 8.5.0.285 2009.03.30 SHeur2.YCD
BitDefender 7.2 2009.03.31 Packer.Krunchy.B
CAT-QuickHeal 10.00 2009.03.30 TrojanDropper.Agent.akxp
[/B]ClamAV 0.94.1 2009.03.31 -
Comodo 1090 2009.03.30 -
DrWeb 4.44.0.09170 2009.03.31 -
[B]eSafe 7.0.17.0 2009.03.27 Suspicious File[/B]
eTrust-Vet 31.6.6425 2009.03.30 -
[B]F-Prot 4.4.4.56 2009.03.30 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.03.31 Trojan-Dropper.Win32.Agent.akxp
Fortinet 3.117.0.0 2009.03.31 PossibleThreat
GData 19 2009.03.31 Packer.Krunchy.B
Ikarus T3.1.1.49.0 2009.03.31 Packer.Krunchy
K7AntiVirus 7.10.685 2009.03.30 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.03.31 Trojan-Dropper.Win32.Agent.akxp[/B]
McAfee 5569 2009.03.30 -
[B]McAfee+Artemis 5569 2009.03.30 Generic!Artemis
McAfee-GW-Edition 6.7.6 2009.03.30 Trojan.Drop.Agent.akxp
Microsoft 1.4502 2009.03.31 Trojan:Win32/Meredrop
NOD32 3976 2009.03.30 Win32/IRCBot.AMC
Norman 6.00.06 2009.03.30 W32/Spybot.gen6
[/B]nProtect 2009.1.8.0 2009.03.31 -
[B]Panda 10.0.0.10 2009.03.30 Generic Malware
PCTools 4.4.2.0 2009.03.30 Packed/FRBR
Prevx1 V2 2009.03.31 High Risk Worm
Rising 21.23.10.00 2009.03.31 Trojan.DL.Win32.Nodef.gd
[/B]Sophos 4.40.0 2009.03.31 -
Sunbelt 3.2.1858.2 2009.03.31 -
Symantec 1.4.4.12 2009.03.31 -
[B]TheHacker 6.3.3.9.296 2009.03.30 Trojan/Dropper.Agent.akxp
TrendMicro 8.700.0.1004 2009.03.30 WORM_SPYBOT.AUM[/B]
VBA32 3.12.10.1 2009.03.29 -
ViRobot 2009.3.30.1668 2009.03.31 -
[B]VirusBuster 4.6.5.0 2009.03.30 Packed/FRBR[/B][/CODE]

Дополнительная информация
File size: 23552 bytes
MD5...: 202a1c4c061a09929398bce42001997f
SHA1..: 3a53f384a7f5d17ba01d018ba752b9b025577946
SHA256: a36da5ac32bd8f724dbecf1ecc302d397e1ff471c7a826eaa1afb54bdcb4aa12
SHA512: adf0e7664b5117c5f410962f2a0dc2720ef5c05a8a2486f61031a0575f85f3b2 11b7a0ce3a1c2ba97373f4a0f562c7f3a187b23966b2ba0c09b5dde3df78f5ce
ssdeep: 384:A0s9TUQHU43B5NKdnBEb4lW4vs3Zd7vuEMt1WSltv7EkhlSrFZjYHp7myKYb wXcE:A0OTUQP3nNzcxYBSlWXYtmVY0sxYp3h/ 
PEiD..: -

Показывать 40 сообщений этой темы на одной странице