Исследование антивирусов 4

Complete scanning result of "[b]kart.exe[/b]", received in VirusTotal at 11.22.2006, 05:44:37 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.44 11.21.2006 Worm/W32.Sircam.C
[COLOR="#ff0000"]Authentium 4.93.8 11.22.2006 no virus found[/COLOR]
Avast 4.7.892.0 11.20.2006 Win32:Sircam-B
AVG 386 11.20.2006 I-Worm/Sircam
BitDefender 7.2 11.22.2006 I-Worm.Sircam.A
CAT-QuickHeal 8.00 11.21.2006 (Suspicious) - DNAScan
[COLOR="#ff0000"]ClamAV devel-20060426 11.21.2006 no virus found[/COLOR]
DrWeb 4.33 11.21.2006 BACKDOOR.Trojan - Ok
eSafe 7.0.14.0 11.20.2006 Win32.Polipos.sus
[COLOR="#ff0000"]eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found[/COLOR]
Ewido 4.0 11.21.2006 Worm.Sircam.c
Fortinet 2.82.0.0 11.22.2006 suspicious
[COLOR="#ff0000"]F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found[/COLOR]
McAfee 4901 11.21.2006 W32/SirCam@MM
Microsoft 1.1804 11.22.2006 Win32/Sircam.C@mm
NOD32v2 1876 11.21.2006 Win32/Sircam.F
Norman 5.80.02 11.21.2006 W32/Suspicious_U.gen
Panda 9.0.0.4 11.21.2006 Suspicious file
[COLOR="#ff0000"]Prevx1 V2 11.22.2006 no virus found[/COLOR]
Sophos 4.11.0 11.16.2006 W32/Sircam-A
[COLOR="#ff0000"]TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found[/COLOR]
VBA32 3.11.1 11.21.2006 Win32.HLLW.SirCam
[COLOR="#ff0000"]VirusBuster 4.3.15:9 11.22.2006 no virus found[/COLOR]

Aditional Information
File size: 79504 bytes
MD5: 243c7d016e5edad97315f72227568128
SHA1: 9c3ea1cc74d5f985300a95f8bc85da6e4e888fe0
packers: Upack
packers: UPACK
packers: UPack

Complete scanning result of "[b]rolik.exe[/b]", received in VirusTotal at 11.22.2006, 06:02:17 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.44 11.21.2006 HEUR/Crypted
Authentium 4.93.8 11.22.2006 could be a corrupted executable file
[COLOR="#ff0000"]Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found[/COLOR]
DrWeb 4.33 11.21.2006 Trojan.MulDrop.1161
[COLOR="#ff0000"]eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found[/COLOR]
NOD32v2 1876 11.21.2006 a variant of Win32/TrojanDropper.Joiner.AJ
[COLOR="#ff0000"]Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found[/COLOR]
Sophos 4.11.0 11.16.2006 Mal/Packer
[COLOR="#ff0000"]TheHacker 6.0.3.122 11.21.2006 no virus found[/COLOR]
UNA 1.83 11.21.2006 Win32.CRYPT.virus
[COLOR="#ff0000"]VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found[/COLOR]

Aditional Information
File size: 76811 bytes
MD5: b1815a454d64a251360c5a9abe8791ac
SHA1: 1c556fbbbc17f765055490519a196cf615304be8
packers: SVKP
packers: SVKProtector

Complete scanning result of "test1.zip", received in VirusTotal at 11.22.2006, 05:58:27 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.44 11.21.2006 no virus found
Authentium 4.93.8 11.22.2006 Possibly a new variant of W32/Tricky-Malware-based!Maximus
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 DeepScan:Generic.Stration.93DDD392
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.21.2006 no virus found
DrWeb 4.33 11.21.2006 no virus found
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 Win32/Stration!ZIP!Worm
eTrust-Vet 30.3.3205 11.21.2006 Win32/Stration!ZIP!generic
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 Possibly a new variant of W32/Tricky-Malware-based!Maximus
F-Prot4 4.2.1.29 11.22.2006 W32/Tricky-Malware-based!Maximus
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 W32/Stratio-Zip
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 Trojan.Opnis.Gen.28

Aditional Information
File size: 22668 bytes
MD5: 0dff5bce2cb22a8877f16cf1864b444b
SHA1: efc3b2474b3e99f6d1738209b98f49a01cd80fbf
packers: UPX

[COLOR=#ff0000] [/COLOR]
Complete scanning result of "[b]screensaver_ABC.exe[/b]", received in VirusTotal at 11.22.2006, 08:48:35 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.44 11.22.2006 HEUR/Crypted
Authentium 4.93.8 11.22.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast 4.7.892.0 11.20.2006 Win32:Ldpinch-AH
[COLOR=#ff0000]AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found[/COLOR]
DrWeb 4.33 11.22.2006 BACKDOOR.PWS.Trojan
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
[COLOR=#ff0000]eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found[/COLOR]
F-Prot 3.16f 11.22.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4 4.2.1.29 11.22.2006 W32/CrazyCrunch-based!Maximus
[COLOR=#ff0000]Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 no virus found
Norman 5.80.02 11.21.2006 no virus found[/COLOR]
Panda 9.0.0.4 11.21.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found[/COLOR]
VBA32 3.11.1 11.21.2006 MalwareScope.Trojan-PSW.LdPinch.1
[COLOR=#ff0000]VirusBuster 4.3.15:9 11.22.2006 no virus found[/COLOR]

Aditional Information
File size: 14336 bytes
MD5: 90f100ef481774dca2be02004ee4967c
SHA1: 1f3d4f6340d62204c839d4fe5a0dc8352de26c8b
packers: ASPack
packers: ASPACK
packers: Aspack

Отсюда: [url]http://virusinfo.info/showthread.php?t=6856[/url]

Complete scanning result of "helper.rar", received in VirusTotal at 11.22.2006, 09:19:25 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.44 11.22.2006 no virus found
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 BackDoor.Jiagate
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 suspicious
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 no virus found
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 Suspicious file
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found


Aditional Information
File size: 18967 bytes
MD5: 4cb0e7fdb7543bddbe22d53efacd3d45
SHA1: 1277b086dfd1038823a8d61395ecee46f2dd6f1e
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "QIP8000.rar", received in VirusTotal at 11.22.2006, 12:50:26 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.44 11.22.2006 no virus found
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
[B]Ewido 4.0 11.22.2006 Trojan.ICQ.Delf.j[/B]
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1877 11.22.2006 no virus found
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.22.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 271381 bytes
MD5: c9be422182029c65a9f4df9a83b0a925
SHA1: 77ab6a6a07d3d420444d46a32ddeea27ce69c104

PS: Странно прогнал на KAV определяется как: [I]троянская программа Trojan-PSW.Win32.ICQ.Delf.j[/I]. Уже второй раз так на вирустотале не детектит, причем эту же разновидность троя

[COLOR=#ff0000]
[/COLOR]
Complete scanning result of "[b]mygirl.exe[/b]", received in VirusTotal at 11.22.2006, 15:43:08 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.44 11.22.2006 TR/Drop.Agent.aaq.2
[COLOR=#ff0000]Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found[/COLOR]
BitDefender 7.2 11.22.2006 DeepScan:Generic.PWStealer.A02FCE50
CAT-QuickHeal 8.00 11.22.2006 (Suspicious) - DNAScan
[COLOR=#ff0000]ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found[/COLOR]
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm
[COLOR=#ff0000]eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 no virus found[/COLOR]
Fortinet 2.82.0.0 11.22.2006 suspicious
[COLOR=#ff0000]F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1877 11.22.2006 no virus found[/COLOR]
Norman 5.80.02 11.22.2006 Suspicious_F.gen
Panda 9.0.0.4 11.21.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 11.22.2006 no virus found[/COLOR]
Sophos 4.11.0 11.16.2006 Mal/Packer
[COLOR=#ff0000]TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found[/COLOR]
VBA32 3.11.1 11.22.2006 MalwareScope.Trojan-PSW.LdPinch.2
[COLOR=#ff0000]VirusBuster 4.3.15:9 11.22.2006 no virus found[/COLOR]

Aditional Information
File size: 121717 bytes
MD5: 016f1fa3ee8ca1a7fc29a3ffe993e45f
SHA1: dcffd90b0a48d1c314a3ecf3fd7261ae7dadff97
packers: FSG
packers: FSG

Свежачок (пришел по IM)
Complete scanning result of "pics.pif", received in VirusTotal at 11.22.2006, 17:24:36 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.44 11.22.2006 no virus found
Authentium 4.93.8 11.22.2006 could be a corrupted executable file
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.22.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.22.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1877 11.22.2006 no virus found
Norman 5.80.02 11.22.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.22.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 25612 bytes
MD5: da62d0c1800aec4793fcf98f47440d2b
SHA1: 158ff737f2d1958b873e9927b58cfca963584f97

О, on-line Dr.Web-a уже определяет как: Win32.HLLM.Limar

Complete scanning result of "7exssd32.o.exe", received in VirusTotal at 11.23.2006, 00:05:21 (CET).
Antivirus Version Update Result
AntiVir 7.2.0.44 11.22.2006 TR/Medbod.B
Authentium 4.93.8 11.22.2006 W32/Downloader.gen8
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 Trojan.Medbod.B
CAT-QuickHeal 8.00 11.22.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.22.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 suspicious
F-Prot 3.16f 11.22.2006 W32/Downloader.gen8
F-Prot4 4.2.1.29 11.22.2006 W32/Downloader.gen8
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4902 11.22.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1878 11.22.2006 no virus found
Norman 5.80.02 11.22.2006 no virus found
Panda 9.0.0.4 11.22.2006 Suspicious file
Prevx1 V2 11.23.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Behav-080
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.22.2006 no virus found
VBA32 3.11.1 11.22.2006 MalwareScope.Trojan-Proxy.Horst.3
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 23552 bytes
MD5: 3e73d3ce4bfc9668dcfe9180c561f7f3
SHA1: 7185b9d35bbb8a04b2411caf85abbea9d89034c0
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "load.exe", received in VirusTotal at 11.24.2006, 23:54:40 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.24.2006 no virus found
Authentium 4.93.8 11.24.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.24.2006 no virus found
BitDefender 7.2 11.24.2006 DeepScan:Generic.Malware.SFMBdldg.751FED43
CAT-QuickHeal 8.00 11.24.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.24.2006 no virus found
DrWeb 4.33 11.24.2006 no virus found
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.66 11.23.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.24.2006 no virus found
Fortinet 2.82.0.0 11.24.2006 suspicious
F-Prot 3.16f 11.24.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus
F-Prot4 4.2.1.29 11.24.2006 generic
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.24.2006 Trojan-Dropper.Win32.Agent.ays
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.24.2006 no virus found
NOD32v2 1882 11.24.2006 probably a variant of Win32/Spy.Small.DP
Norman 5.80.02 11.24.2006 W32/Smalltroj.NWF.dropper
Panda 9.0.0.4 11.24.2006 Suspicious file
Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.24.2006 suspected of Backdoor.xBot.1 (paranoid heuristics)
VirusBuster 4.3.15:9 11.24.2006 no virus found

Aditional Information
File size: 26276 bytes
MD5: 1f38950478ae888a2cf472c8071ba75a
SHA1: 7d6ddb62702f7438a75d9b7b3c7e425744992a3f
packers: embedded

[url]www.virusinfo.info/showthread.php?goto=newpost&t=6901[/url]

Complete scanning result of "robik.rar", received in VirusTotal at 11.25.2006, 00:23:18 (CET).

Antivirus Version Update Result
[b]AntiVir 7.2.0.46 11.24.2006 TR/PSW.LdPinch.bde[/b]
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.24.2006 no virus found
[b]BitDefender 7.2 11.24.2006 DeepScan:Generic.Dialer.ACD567A2[/b]
[b]CAT-QuickHeal 8.00 11.24.2006 (Suspicious) - DNAScan[/b]
ClamAV devel-20060426 11.24.2006 no virus found
DrWeb 4.33 11.24.2006 no virus found
[b]eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm[/b]
eTrust-InoculateIT 23.73.66 11.23.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.24.2006 no virus found
[b]Fortinet 2.82.0.0 11.24.2006 W32/LdPinch.BDE!tr.pws[/b]
F-Prot 3.16f 11.24.2006 no virus found
[b]F-Prot4 4.2.1.29 11.24.2006 generic[/b]
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.24.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.24.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.24.2006 Suspicious file
Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
[b]VBA32 3.11.1 11.24.2006 MalwareScope.Trojan-PSW.LdPinch.1[/b]
VirusBuster 4.3.15:9 11.24.2006 no virus found


Aditional Information
File size: 64426 bytes
MD5: a888d8c51f5c595533c918fc3290b909
SHA1: 217577bb73e56f93c4c229a4a8ec03eb1c549419

Complete scanning result of "10032_mmdust.exe", received in VirusTotal at 11.25.2006, 12:00:19 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.24.2006 no virus found
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.24.2006 no virus found
BitDefender 7.2 11.25.2006 no virus found
CAT-QuickHeal 8.00 11.24.2006 no virus found
ClamAV devel-20060426 11.25.2006 Trojan.Mmust
DrWeb 4.33 11.25.2006 Win32.HLLP.MMDust
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.24.2006 no virus found
Fortinet 2.82.0.0 11.25.2006 no virus found
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.25.2006 Virus.Win32.Merin.a
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.25.2006 no virus found
[B]NOD32v2 1882 11.24.2006 no virus found[/B]
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.24.2006 Suspicious file
Prevx1 V2 11.25.2006 Worm.Renama
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.24.2006 no virus found
VirusBuster 4.3.15:9 11.24.2006 no virus found

Aditional Information
File size: 11776 bytes
MD5: ae898f7dabd29ec8aa4ef8924bbdb46f
SHA1: d207b440db1d1bf77c607867ff4d44f3dfae3d4c
packers: UPX
packers: UPX

Можно скачать с [url]http://www.freeware.ru/program_prog_id_10032.html[/url].

[COLOR="#ff0000"] [/COLOR]
Complete scanning result of "[b]Latinas.exe[/b]", received in VirusTotal at 11.25.2006, 16:11:51 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.46 11.24.2006 DIAL/302366
[COLOR="#ff0000"]Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found[/COLOR]
AVG 386 11.25.2006 Potentially harmful program Dialer.DGK
BitDefender 7.2 11.25.2006 Dialer.Porn.Hcon.A
[COLOR="#ff0000"]CAT-QuickHeal 8.00 11.25.2006 no virus found[/COLOR]
ClamAV devel-20060426 11.25.2006 Dialer-715
[COLOR="#ff0000"]DrWeb 4.33 11.25.2006 no virus found[/COLOR]
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
[COLOR="#ff0000"]eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found[/COLOR]
Ewido 4.0 11.25.2006 Dialer.CapreDeam.r
Fortinet 2.82.0.0 11.25.2006 Dial/Dialer
[COLOR="#ff0000"]F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found[/COLOR]
Kaspersky 4.0.2.24 11.25.2006 not-a-virus:Porn-Dialer.Win32.CapreDeam.r
[COLOR="#ff0000"]McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.25.2006 no virus found[/COLOR]
NOD32v2 1882 11.24.2006 probably a variant of Win32/Dialer.CDDial
Norman 5.80.02 11.24.2006 W32/Dialer.AYVN
Panda 9.0.0.4 11.25.2006 Dialer.IKV
[COLOR="#ff0000"]Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found[/COLOR]
TheHacker 6.0.3.123 11.23.2006 Trojan/Dialer.CapreDeam.r
UNA 1.83 11.24.2006 Dialer.CapreDeam.9B67
VBA32 3.11.1 11.24.2006 Porn-Dialer.Win32.CapreDeam.r
[COLOR="#ff0000"]VirusBuster 4.3.15:9 11.25.2006 no virus found[/COLOR]

Aditional Information
File size: 96936 bytes
MD5: 0227f4f4aff0cec56e45f662812285fc
SHA1: 8df449e5cd2110e5db3d41a762ad1868a83a6351
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "y.exe", received in VirusTotal at 11.25.2006, 16:24:05 (CET).

[i]Antivirus Version Update Result[/i]

[COLOR="#ff0000"]AntiVir 7.2.0.46 11.24.2006 no virus found
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.25.2006 no virus found
BitDefender 7.2 11.25.2006 no virus found
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.25.2006 no virus found
eSafe 7.0.14.0 11.24.2006 no virus found
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.25.2006 no virus found
Fortinet 2.82.0.0 11.25.2006 no virus found
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.25.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.25.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found[/COLOR]
Panda 9.0.0.4 11.25.2006 Suspicious file
[COLOR="#ff0000"]Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found[/COLOR]
VBA32 3.11.1 11.24.2006 suspected of Trojan-PSW.LdPinch.8 (paranoid heuristics)
[COLOR="#ff0000"]VirusBuster 4.3.15:9 11.25.2006 no virus found[/COLOR]

Aditional Information
File size: 58368 bytes
MD5: 4ac5674a5dbe8d5463b29f49391408a3
SHA1: e113da8580000de81bc334a2fa62330144af4dd7

файл [b]Аффтар_жжот.exe[/b]
Complete scanning result of "___1040", received in VirusTotal at 11.26.2006, 10:18:30 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.46 11.25.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 Possibly a new variant of W32/new-malware!Maximus
Avast 4.7.892.0 11.23.2006 Win32:Ldpinch-GH
[COLOR=#ff0000]AVG 386 11.25.2006 no virus found[/COLOR]
BitDefender 7.2 11.26.2006 DeepScan:Generic.Dialer.70C62169
CAT-QuickHeal 8.00 11.25.2006 (Suspicious) - DNAScan
[COLOR=#ff0000]ClamAV devel-20060426 11.25.2006 no virus found[/COLOR]
DrWeb 4.33 11.25.2006 Trojan.PWS.LDPinch.1314
[COLOR=#ff0000]eSafe 7.0.14.0 11.24.2006 no virus found
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.25.2006 no virus found[/COLOR]
Fortinet 2.82.0.0 11.26.2006 suspicious
F-Prot 3.16f 11.24.2006 Possibly a new variant of W32/new-malware!Maximus
F-Prot4 4.2.1.29 11.24.2006 W32/new-malware!Maximus
Ikarus 0.2.65.0 11.24.2006 Backdoor.Win32.Ciadoor.13
[COLOR=#ff0000]Kaspersky 4.0.2.24 11.26.2006 no virus found
McAfee 4904 11.24.2006 no virus found[/COLOR]
Microsoft 1.1804 11.26.2006 Win32/Ldpinch
[COLOR=#ff0000]NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found[/COLOR]
Panda 9.0.0.4 11.25.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 11.26.2006 no virus found[/COLOR]
Sophos 4.11.0 11.16.2006 Mal/Packer
[COLOR=#ff0000]TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found[/COLOR]
VBA32 3.11.1 11.25.2006 MalwareScope.Trojan-PSW.LdPinch.1
[COLOR=#ff0000]VirusBuster 4.3.15:9 11.25.2006 no virus found[/COLOR]

Aditional Information
File size: 59357 bytes
MD5: 2b2a7a248e223792c3b685098eb00cc1
SHA1: 21757f85d69c2ba260d4d13b1a17b80fc3e33418
packers: FSG
packers: FSG

scanning result of "Update-KB2718-x86.zip", received in VirusTotal at 11.27.2006, 06:02:07 (CET).

Antivirus Version Update Result
[b]AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted[/b]
[b]Authentium 4.93.8 11.24.2006 W32/Warezov.gen3!W32DL[/b]
Avast 4.7.892.0 11.23.2006 no virus found
[b]AVG 386 11.27.2006 I-Worm/Stration[/b]
[b]BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.72D1AE53[/b]
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
[b]eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm[/b]
[b]eTrust-InoculateIT 23.73.67 11.25.2006 Win32/Stration!ZIP!Worm[/b]
[b]eTrust-Vet 30.3.3211 11.24.2006 Win32/Stration!ZIP!generic[/b]
Ewido 4.0 11.26.2006 no virus found
[b]Fortinet 2.82.0.0 11.27.2006 W32/Stration.DS@mm[/b]
[b]F-Prot 3.16f 11.24.2006 W32/Warezov.gen3!W32DL[/b]
[b]F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen3!W32DL[/b]
Ikarus 0.2.65.0 11.24.2006 no virus found
[b]Kaspersky 4.0.2.24 11.27.2006 Email-Worm.Win32.Warezov.ha[/b]
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 Suspicious file
Prevx1 V2 11.27.2006 no virus found
[b]Sophos 4.11.0 11.16.2006 W32/Stratio-Zip[/b]
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 no virus found
VirusBuster 4.3.15:9 11.26.2006 no virus found


Aditional Information
File size: 18989 bytes
MD5: 1be8e6c16ee5145a540b877958d4dd6b
SHA1: 5ce971c17ba4064aca5b84bc571878ffc61a7a76
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "Update-KB9890-x86.exe", received in VirusTotal at 11.27.2006, 06:18:18 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 W32/Warezov.gen3!W32DL
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.27.2006 I-Worm/Stration
BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.780D6248
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 W32/Stration.DS@mm
F-Prot 3.16f 11.24.2006 W32/Warezov.gen3!W32DL
F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen3!W32DL
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.27.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 Suspicious file
Prevx1 V2 11.27.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 no virus found
VirusBuster 4.3.15:9 11.26.2006 no virus found

Aditional Information
File size: 21028 bytes
MD5: c7adbfabd6b2ab7bb88d9103de731d52
SHA1: ea5fb290dcd89c9560c67b8c40ab7495d2599650
packers: UPX
packers: UPX
packers: UPX
packers: UPX

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.27.2006, 11:45:20 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.27.2006 Worm/Stration.H
Authentium 4.93.8 11.24.2006 W32/Warezov.gen4
Avast 4.7.892.0 11.27.2006 no virus found
AVG 386 11.27.2006 no virus found
BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.25B4D41B
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.27.2006 no virus found
DrWeb 4.33 11.27.2006 Win32.HLLM.Limar
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.68 11.27.2006 Win32/Stration.Variant!Worm
eTrust-Vet 30.3.3217 11.27.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 suspicious
F-Prot 3.16f 11.24.2006 W32/Warezov.gen4
F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen4
Ikarus 0.2.65.0 11.27.2006 no virus found
Kaspersky 4.0.2.24 11.27.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1884 11.27.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 11.27.2006 W32/Malware
Panda 9.0.0.4 11.26.2006 no virus found
Prevx1 V2 11.27.2006 Worm.Warezov.Gen
Sophos 4.11.0 11.16.2006 W32/Strati-Gen
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.15:9 11.27.2006 Trojan.Opnis.Gen.29


Aditional Information
File size: 63488 bytes
MD5: ea5d7c90ed6963ad01454ea3bd31a6d7
SHA1: 5f1ecc30f76f22e59f44c47cbc85b42dc16b306e
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email][email protected][/email] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* Creating several executable files on hard-drive.
* File length: 63488 bytes.

[ Changes to filesystem ]
* Creates file C:windowssystem32cfgmwmid.exe.
* Creates file C:WINDOWSSYSTEM32olecmsre.dll.
* Creates file C:WINDOWSSYSTEM32oaklrass.exe.
* Creates file C:WINDOWSSYSTEM32 tlamsht.dll.
* Creates file C:WINDOWSSYSTEM32e1.dll.

[ Changes to registry ]
* Creates value "cfgmwmid"="c:windowssystem32cfgmwmid.exe" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun".

[ Changes to system settings ]
* Creates WindowsHook monitoring cbt activity.

[ Process/window information ]
* Creates an event called ZAAllowEvent.
* Creates an event called SGAllowEvent.
* Creates an event called NISAllowEvent.
* Creates an event called OPAllowEvent.
* Creates an event called MAAllowEvent2.
* Attempts to access service "vsmon".
* Creates an event called ActiveZA.
* Attempts to access service "SmcService".
* Creates an event called ActiveSG.
* Attempts to access service "wscsvc".
* Attempts to access service "SharedAccess".
* Attempts to access service "Symantec Core LC".
* Creates an event called ActiveNIS.
* Attempts to access service "OutpostFirewall".
* Creates an event called ActiveOP.
* Attempts to access service "MpfService".
* Creates an event called ActiveMA.
* Attempts to access service "WinRoute".
* Will automatically restart after boot (I'll be back...).
* Enumerates running processes.
* Modifies other process memory.
* Creates a remote thread.

Complete scanning result of "setup.exe", received in VirusTotal at 11.28.2006, 01:10:29 (CET).


Antivirus Version Update Result

[B]AntiVir 7.2.0.46 11.27.2006 HEUR/Malware[/B]
Authentium 4.93.8 11.27.2006 no virus found
Avast 4.7.892.0 11.27.2006 no virus found
[B]AVG 386 11.27.2006 Proxy.25.AO[/B]
[B]BitDefender 7.2 11.28.2006 DeepScan:Generic.Horst.4D66057B[/B]
CAT-QuickHeal 8.00 11.27.2006 no virus found
ClamAV devel-20060426 11.27.2006 no virus found
DrWeb 4.33 11.27.2006 no virus found
[B]eSafe 7.0.14.0 11.27.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.69 11.28.2006 no virus found
eTrust-Vet 30.3.3217 11.27.2006 no virus found
Ewido 4.0 11.27.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 no virus found
F-Prot 3.16f 11.27.2006 no virus found
F-Prot4 4.2.1.29 11.27.2006 no virus found
Ikarus 0.2.65.0 11.27.2006 no virus found
Kaspersky 4.0.2.24 11.28.2006 no virus found
McAfee 4905 11.27.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
[B]NOD32v2 1886 11.27.2006 probably a variant of Win32/Medbot.DC[/B]
[B]Norman 5.80.02 11.27.2006 W32/Malware[/B]
[B]Panda 9.0.0.4 11.27.2006 Suspicious file[/B]
Prevx1 V2 11.28.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.27.2006 no virus found
VBA32 3.11.1 11.27.2006 no virus found
VirusBuster 4.3.15:9 11.27.2006 no virus found

Aditional Information
File size: 35840 bytes
MD5: 3b881fb47ef62340dfb4eab692722532
SHA1: 52a8ecae75e6c54dd3e2221aa4ba20d0e3d21fbe
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email][email protected][/email] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 35840 bytes.

[ Process/window information ]
* Modifies other process memory.
* Attempts to access service "wscsvc".
* Attempts to access service "SharedAccess".
* Attempts to access service "kavsvc".
* Attempts to access service "SAVScan".
* Attempts to access service "Symantec Core LC".
* Attempts to access service "navapsvc".
* Attempts to access service "wuauserv".
* Attempts to access service "KAVPersonal50".
* Disables security related services.

STATUS: FINISHEDComplete scanning result of "ogysteo.exe", received in VirusTotal at 11.28.2006, 22:00:01 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.28.2006 TR/Proxy.Small.DU.16
Authentium 4.93.8 11.27.2006 could be infected with an unknown virus
Avast 4.7.892.0 11.28.2006 no virus found
AVG 386 11.28.2006 Generic2.KKL
BitDefender 7.2 11.28.2006 no virus found
CAT-QuickHeal 8.00 11.28.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.28.2006 no virus found
DrWeb 4.33 11.28.2006 Trojan.Spambot
eSafe 7.0.14.0 11.28.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.69 11.28.2006 no virus found
eTrust-Vet 30.3.3219 11.28.2006 no virus found
Ewido 4.0 11.28.2006 no virus found
Fortinet 2.82.0.0 11.28.2006 suspicious
F-Prot 3.16f 11.27.2006 could be infected with an unknown virus
F-Prot4 4.2.1.29 11.27.2006 generic
Ikarus 0.2.65.0 11.28.2006 no virus found
Kaspersky 4.0.2.24 11.28.2006 Trojan-Proxy.Win32.Small.du
McAfee 4906 11.28.2006 no virus found
Microsoft 1.1804 11.28.2006 no virus found
NOD32v2 1887 11.28.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 11.28.2006 no virus found
Panda 9.0.0.4 11.28.2006 Suspicious file
Prevx1 V2 11.28.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.28.2006 no virus found
VBA32 3.11.1 11.28.2006 no virus found
VirusBuster 4.3.15:9 11.28.2006 no virus found


STATUS: FINISHEDComplete scanning result of "avz00003.dta", received in VirusTotal at 11.28.2006, 22:00:31 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.28.2006 no virus found
Authentium 4.93.8 11.27.2006 no virus found
Avast 4.7.892.0 11.28.2006 no virus found
AVG 386 11.28.2006 no virus found
BitDefender 7.2 11.28.2006 no virus found
CAT-QuickHeal 8.00 11.28.2006 no virus found
ClamAV devel-20060426 11.28.2006 no virus found
DrWeb 4.33 11.28.2006 no virus found
eSafe 7.0.14.0 11.28.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.69 11.28.2006 no virus found
eTrust-Vet 30.3.3219 11.28.2006 no virus found
Ewido 4.0 11.28.2006 no virus found
Fortinet 2.82.0.0 11.28.2006 suspicious
F-Prot 3.16f 11.27.2006 no virus found
F-Prot4 4.2.1.29 11.27.2006 no virus found
Ikarus 0.2.65.0 11.28.2006 no virus found
Kaspersky 4.0.2.24 11.28.2006 SpamTool.Win32.Agent.t
McAfee 4906 11.28.2006 no virus found
Microsoft 1.1804 11.28.2006 no virus found
NOD32v2 1887 11.28.2006 no virus found
Norman 5.80.02 11.28.2006 no virus found
Panda 9.0.0.4 11.28.2006 Suspicious file
Prevx1 V2 11.28.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.28.2006 no virus found
VBA32 3.11.1 11.28.2006 suspected of Email-Worm.Mydoom.3 (paranoid heuristics)
VirusBuster 4.3.15:9 11.28.2006 no virus found

STATUS: FINISHEDComplete scanning result of "avz00002.dta", received in VirusTotal at 11.28.2006, 22:01:31 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.28.2006 no virus found
Authentium 4.93.8 11.27.2006 no virus found
Avast 4.7.892.0 11.28.2006 Win32:Trojano-CS
AVG 386 11.28.2006 no virus found
BitDefender 7.2 11.28.2006 no virus found
CAT-QuickHeal 8.00 11.28.2006 no virus found
ClamAV devel-20060426 11.28.2006 no virus found
DrWeb 4.33 11.28.2006 no virus found
eSafe 7.0.14.0 11.28.2006 no virus found
eTrust-InoculateIT 23.73.69 11.28.2006 no virus found
eTrust-Vet 30.3.3219 11.28.2006 no virus found
Ewido 4.0 11.28.2006 no virus found
Fortinet 2.82.0.0 11.28.2006 no virus found
F-Prot 3.16f 11.27.2006 no virus found
F-Prot4 4.2.1.29 11.27.2006 no virus found
Ikarus 0.2.65.0 11.28.2006 no virus found
Kaspersky 4.0.2.24 11.28.2006 SpamTool.Win32.Agent.t
McAfee 4906 11.28.2006 no virus found
Microsoft 1.1804 11.28.2006 no virus found
NOD32v2 1887 11.28.2006 no virus found
Norman 5.80.02 11.28.2006 no virus found
Panda 9.0.0.4 11.28.2006 Suspicious file
Prevx1 V2 11.28.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.28.2006 SpamTool.Win32.Agent.F918
VBA32 3.11.1 11.28.2006 suspected of Email-Worm.Mydoom.3 (paranoid heuristics)
VirusBuster 4.3.15:9 11.28.2006 no virus found


:)

Complete scanning result of "[b]sex_girl_porno.exe[/b]", received in VirusTotal at 11.30.2006, 19:58:50 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.46 11.30.2006 HEUR/Crypted
[COLOR=#ff0000]Authentium 4.93.8 11.30.2006 no virus found
Avast 4.7.892.0 11.30.2006 no virus found
AVG 386 11.30.2006 no virus found[/COLOR]
BitDefender 7.2 11.30.2006 DeepScan:Generic.PWStealer.CE74FB38
CAT-QuickHeal 8.00 11.30.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.30.2006 Trojan.Dropper.Agent-106
DrWeb 4.33 11.30.2006 Trojan.PWS.LDPinch.1217
eSafe 7.0.14.0 11.30.2006 Suspicious Trojan/Worm
[COLOR=#ff0000]eTrust-InoculateIT 23.73.72 11.29.2006 no virus found
eTrust-Vet 30.3.3223 11.30.2006 no virus found
Ewido 4.0 11.30.2006 no virus found
Fortinet 2.82.0.0 11.30.2006 no virus found
F-Prot 3.16f 11.30.2006 no virus found
F-Prot4 4.2.1.29 11.30.2006 no virus found
Ikarus 0.2.65.0 11.30.2006 no virus found
Kaspersky 4.0.2.24 11.30.2006 no virus found
McAfee 4908 11.30.2006 no virus found[/COLOR]
Microsoft 1.1804 11.30.2006 Win32/Ldpinch
[COLOR=#ff0000]NOD32v2 1892 11.30.2006 no virus found
Norman 5.80.02 11.30.2006 no virus found[/COLOR]
Panda 9.0.0.4 11.30.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 11.30.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.126 11.29.2006 no virus found
UNA 1.83 11.30.2006 no virus found[/COLOR]
VBA32 3.11.1 11.30.2006 MalwareScope.Trojan-PSW.LdPinch.1
[COLOR=#ff0000]VirusBuster 4.3.15:9 11.30.2006 no virus found[/COLOR]

Aditional Information
File size: 32256 bytes
MD5: efaee5e926a09506b80ef5fb3de7c757
SHA1: 79dd5e7b32f6de79730503c80a58227a23c2ded9
packers: PECOMPACT
packers: PecBundle, PECompact

Complete scanning result of "[b]porno.exe[/b]", received in VirusTotal at 11.30.2006, 20:24:54 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.46 11.30.2006 HEUR/Crypted
Authentium 4.93.8 11.30.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
[COLOR=#ff0000]Avast 4.7.892.0 11.30.2006 no virus found
AVG 386 11.30.2006 no virus found
BitDefender 7.2 11.30.2006 no virus found[/COLOR]
CAT-QuickHeal 8.00 11.30.2006 (Suspicious) - DNAScan
[COLOR=#ff0000]ClamAV devel-20060426 11.30.2006 no virus found
DrWeb 4.33 11.30.2006 no virus found
eSafe 7.0.14.0 11.30.2006 no virus found
eTrust-InoculateIT 23.73.72 11.29.2006 no virus found
eTrust-Vet 30.3.3223 11.30.2006 no virus found
Ewido 4.0 11.30.2006 no virus found[/COLOR]
Fortinet 2.82.0.0 11.30.2006 suspicious
F-Prot 3.16f 11.30.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4 4.2.1.29 11.30.2006 W32/Threat-HLLSI-based!Maximus
[COLOR=#ff0000]Ikarus 0.2.65.0 11.30.2006 no virus found
Kaspersky 4.0.2.24 11.30.2006 no virus found
McAfee 4908 11.30.2006 no virus found
Microsoft 1.1804 11.30.2006 no virus found
NOD32v2 1892 11.30.2006 no virus found
Norman 5.80.02 11.30.2006 no virus found[/COLOR]
Panda 9.0.0.4 11.30.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 11.30.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.126 11.29.2006 no virus found
UNA 1.83 11.30.2006 no virus found[/COLOR]
VBA32 3.11.1 11.30.2006 MalwareScope.Trojan-PSW.LdPinch.1
[COLOR=#ff0000]VirusBuster 4.3.15:9 11.30.2006 no virus found[/COLOR]

Aditional Information
File size: 14117 bytes
MD5: 612f6149668f3d868b7ea4ce44ab0840
SHA1: 607488ca2164627a9828c9d28eba71afb10f4481
packers: FSG
packers: FSG

Complete scanning result of "[b]Smoking.exe[/b]", received in VirusTotal at 12.01.2006, 15:23:24 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.46 12.01.2006 HEUR/Crypted
[COLOR=#ff0000]Authentium 4.93.8 11.30.2006 no virus found[/COLOR]
Avast 4.7.892.0 12.01.2006 Win32:Ldpinch-AH
[COLOR=#ff0000]AVG 386 12.01.2006 no virus found
BitDefender 7.2 12.01.2006 no virus found
CAT-QuickHeal 8.00 11.30.2006 no virus found
ClamAV devel-20060426 12.01.2006 no virus found[/COLOR]
DrWeb 4.33 12.01.2006 BACKDOOR.PWS.Trojan
eSafe 7.0.14.0 11.30.2006 suspicious Trojan/Worm
[COLOR=#ff0000]eTrust-InoculateIT 23.73.73 12.01.2006 no virus found
eTrust-Vet 30.3.3225 12.01.2006 no virus found
Ewido 4.0 12.01.2006 no virus found
Fortinet 2.82.0.0 12.01.2006 no virus found
F-Prot 3.16f 11.30.2006 no virus found
F-Prot4 4.2.1.29 11.30.2006 no virus found
Ikarus 0.2.65.0 12.01.2006 no virus found
Kaspersky 4.0.2.24 12.01.2006 no virus found
McAfee 4908 11.30.2006 no virus found
Microsoft 1.1804 12.01.2006 no virus found[/COLOR]
NOD32v2 1892 11.30.2006 a variant of Win32/PSW.LdPinch.RG
[COLOR=#ff0000]Norman 5.80.02 12.01.2006 no virus found[/COLOR]
Panda 9.0.0.4 12.01.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 12.01.2006 no virus found
Sophos 4.12.0 12.01.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.127 12.01.2006 no virus found
UNA 1.83 11.30.2006 no virus found[/COLOR]
VBA32 3.11.1 11.30.2006 MalwareScope.Trojan-PSW.LdPinch.1
[COLOR=#ff0000]VirusBuster 4.3.15:9 11.30.2006 no virus found[/COLOR]

Aditional Information
File size: 172544 bytes
MD5: 85c75dbf1e460d11249d038244767798
SHA1: 7e2c9aef24cc213be92f2227dd8d0f44a22f760f
packers: UPX
packers: UPX
packers: UPX
packers: UPX

File: Поговорим-ка_v2.1.exe
Status: INFECTED/MALWARE
MD5 5c97a32f094c8dba7380749bf555cb9a
Packers detected: NSPACK
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found BehavesLike:Trojan.FirewallBypass (probable variant)
ClamAV Found nothing
Dr.Web Found Trojan.PWS.LDPinch.1338
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Dropper.Win32.Agent.azx
NOD32 Found nothing
Norman Virus Control Found nothing
VirusBuster Found nothing
VBA32 Found Trojan.MulDrop.4393

Complete scanning result of "new_version_stration_.rar", received in VirusTotal at 12.05.2006, 06:07:05 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 12.04.2006 TR/Dldr.Stration.Gen
Authentium 4.93.8 12.04.2006 W32/Warezov.gen4
Avast 4.7.892.0 12.04.2006 no virus found
AVG 386 12.05.2006 I-Worm/Stration
BitDefender 7.2 12.05.2006 Win32.Warezov.FF@mm
CAT-QuickHeal 8.00 12.04.2006 no virus found
ClamAV devel-20060426 12.05.2006 Worm.Stration.WZ
DrWeb 4.33 12.04.2006 no virus found
eSafe 7.0.14.0 12.03.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.76 12.05.2006 no virus found
eTrust-Vet 30.3.3230 12.04.2006 no virus found
Ewido 4.0 12.04.2006 no virus found
Fortinet 2.82.0.0 12.05.2006 W32/Stration.DS@mm
F-Prot 3.16f 12.04.2006 W32/Warezov.gen4
F-Prot4 4.2.1.29 12.04.2006 W32/Warezov.gen3!W32DL
Ikarus 1.0.26 12.04.2006 Email-Worm.Win32.Warezov.gen
Kaspersky 4.0.2.24 12.05.2006 no virus found
McAfee 4910 12.04.2006 no virus found
Microsoft 1.1804 12.05.2006 no virus found
NOD32v2 1900 12.05.2006 a variant of Win32/Stration
Norman 5.80.02 12.04.2006 no virus found
Panda 9.0.0.4 12.03.2006 no virus found
Prevx1 V2 12.05.2006 no virus found
Sophos 4.12.0 12.04.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.128 12.04.2006 no virus found
UNA 1.83 12.04.2006 no virus found
VBA32 3.11.1 12.04.2006 no virus found
VirusBuster 4.3.15:9 12.04.2006 no virus found

Aditional Information
File size: 28098 bytes
MD5: 206bd01c2093cd76b496cc477188f938
SHA1: 000133c1969ff6e3e52c65c8c140976ba4b045bc
packers: UPX
packers: UPX
packers: UPX
packers: UPX, embedded

Complete scanning result of "new_virus.rar", received in VirusTotal at 12.05.2006, 11:57:17 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 12.05.2006 TR/Dldr.Stration.Gen
Authentium 4.93.8 12.04.2006 W32/Warezov.gen4
Avast 4.7.892.0 12.05.2006 Win32:Warezov-QS
AVG 386 12.05.2006 I-Worm/Stration
BitDefender 7.2 12.05.2006 Dropped:Win32.Warezov.DO@mm
CAT-QuickHeal 8.00 12.04.2006 no virus found
ClamAV devel-20060426 12.05.2006 Worm.Stration.XB
DrWeb 4.33 12.05.2006 Win32.HLLM.Limar.based
eSafe 7.0.14.0 12.03.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.76 12.05.2006 no virus found
eTrust-Vet 30.3.3232 12.05.2006 no virus found
Ewido 4.0 12.04.2006 no virus found
Fortinet 2.82.0.0 12.05.2006 W32/Stration.DS@mm
F-Prot 3.16f 12.04.2006 W32/Warezov.gen4
F-Prot4 4.2.1.29 12.04.2006 W32/Warezov.gen3!W32DL
Ikarus T3.1.0.26 12.04.2006 Email-Worm.Win32.Warezov.gen
Kaspersky 4.0.2.24 12.05.2006 no virus found
McAfee 4910 12.04.2006 no virus found
Microsoft 1.1804 12.05.2006 no virus found
NOD32v2 1901 12.05.2006 a variant of Win32/Stration
Norman 5.80.02 12.04.2006 no virus found
Panda 9.0.0.4 12.05.2006 no virus found
Prevx1 V2 12.05.2006 no virus found
Sophos 4.12.0 12.04.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.129 12.05.2006 no virus found
UNA 1.83 12.04.2006 no virus found
VBA32 3.11.1 12.05.2006 Email-Worm.Win32.Warezov.fb
VirusBuster 4.3.15:9 12.05.2006 no virus found

Aditional Information
File size: 28019 bytes
MD5: 0540ecb170ffc420ed78352ffc0a796a
SHA1: 44c51bfce5cf5c43fca58bc2af478bb57c13c598
packers: UPX
packers: UPX
packers: UPX
packers: UPX
packers: UPX, embedded

Complete scanning result of "setup.rar", received in VirusTotal at 12.05.2006, 18:23:52 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.49 12.05.2006 no virus found
[B]Authentium 4.93.8 12.04.2006 W32/Methodbod.gen2[/B]
Avast 4.7.892.0 12.05.2006 no virus found
AVG 386 12.05.2006 no virus found
[B]BitDefender 7.2 12.05.2006 DeepScan:Generic.Horst.7162EBF0[/B]
CAT-QuickHeal 8.00 12.05.2006 no virus found
[B]ClamAV devel-20060426 12.05.2006 Trojan.Medbot-98[/B]
DrWeb 4.33 12.05.2006 no virus found
[B]eSafe 7.0.14.0 12.03.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.76 12.05.2006 no virus found
eTrust-Vet 30.3.3232 12.05.2006 no virus found
Ewido 4.0 12.05.2006 no virus found
Fortinet 2.82.0.0 12.05.2006 no virus found
[B]F-Prot 3.16f 12.04.2006 W32/Methodbod.gen2
F-Prot4 4.2.1.29 12.04.2006 W32/Methodbod.gen2[/B]
Ikarus T3.1.0.26 12.05.2006 no virus found
Kaspersky 4.0.2.24 12.05.2006 no virus found
McAfee 4911 12.05.2006 no virus found
Microsoft 1.1804 12.05.2006 no virus found
NOD32v2 1902 12.05.2006 no virus found
Norman 5.80.02 12.05.2006 no virus found
[B]Panda 9.0.0.4 12.05.2006 Suspicious file[/B]
Prevx1 V2 12.05.2006 no virus found
[B]Sophos 4.12.0 12.04.2006 Mal/Behav-080[/B]
Sunbelt 2.2.907.0 11.30.2006 no virus found
[B]TheHacker 6.0.3.129 12.05.2006 Trojan/Horst.gen[/B]
UNA 1.83 12.04.2006 no virus found
[B]VBA32 3.11.1 12.05.2006 MalwareScope.Trojan-Proxy.Horst.1[/B]
VirusBuster 4.3.15:9 12.05.2006 no virus found

Aditional Information
File size: 42447 bytes
MD5: ee7b10cc7b235464c1b04cd5496b8e9a
SHA1: 6bb14eac48de8a4a7e3e8c9f556ebcee855eaf49
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "[b]NEW_WinRAR_KG3.61.exe[/b]", received in VirusTotal at 12.06.2006, 07:39:00 (CET).

[i]Antivirus Version Update Result[/i]

[COLOR=#ff0000]AntiVir 7.2.0.49 12.06.2006 no virus found
Authentium 4.93.8 12.05.2006 no virus found
Avast 4.7.892.0 12.05.2006 no virus found
AVG 386 12.05.2006 no virus found
BitDefender 7.2 12.06.2006 no virus found[/COLOR]
CAT-QuickHeal 8.00 12.05.2006 (Suspicious) - DNAScan
[COLOR=#ff0000]ClamAV devel-20060426 12.06.2006 no virus found[/COLOR]
DrWeb 4.33 12.05.2006 Trojan.MulDrop.4153
eSafe 7.0.14.0 12.03.2006 Win32.Polipos.sus
[COLOR=#ff0000]eTrust-InoculateIT 23.73.78 12.06.2006 no virus found
eTrust-Vet 30.3.3234 12.06.2006 no virus found
Ewido 4.0 12.05.2006 no virus found[/COLOR]
Fortinet 2.82.0.0 12.06.2006 suspicious
[COLOR=#ff0000]F-Prot 3.16f 12.05.2006 no virus found
F-Prot4 4.2.1.29 12.05.2006 no virus found
Ikarus T3.1.0.26 12.05.2006 no virus found
Kaspersky 4.0.2.24 12.06.2006 no virus found
McAfee 4911 12.05.2006 no virus found
Microsoft 1.1804 12.06.2006 no virus found
NOD32v2 1903 12.05.2006 no virus found
Norman 5.80.02 12.05.2006 no virus found[/COLOR]
Panda 9.0.0.4 12.06.2006 Suspicious file
[COLOR=#ff0000]Prevx1 V2 12.06.2006 no virus found
Sophos 4.12.0 12.05.2006 no virus found[/COLOR]
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
[COLOR=#ff0000]TheHacker 6.0.3.129 12.05.2006 no virus found
UNA 1.83 12.05.2006 no virus found[/COLOR]
VBA32 3.11.1 12.05.2006 suspected of Trojan-PSW.LdPinch.38 (paranoid heuristics)
[COLOR=#ff0000]VirusBuster 4.3.15:9 12.05.2006 no virus found[/COLOR]

Aditional Information
File size: 189952 bytes
MD5: 9198d755fcfb18f1a92f083635af07cb
SHA1: ac6d98b208e3378d072ff296d7e8dbcc47dde955
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Complete scanning result of "setup.exe", received in VirusTotal at 12.06.2006, 18:07:32 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.49 12.06.2006 no virus found
[B]Authentium 4.93.8 12.05.2006 W32/Methodbod.gen2[/B]
Avast 4.7.892.0 12.06.2006 no virus found
AVG 386 12.06.2006 no virus found
[B]BitDefender 7.2 12.06.2006 DeepScan:Generic.Horst.831BFB7F[/B]
CAT-QuickHeal 8.00 12.05.2006 no virus found
[B]ClamAV devel-20060426 12.06.2006 Trojan.Medbot-98[/B]
DrWeb 4.33 12.06.2006 no virus found
[B]eSafe 7.0.14.0 12.06.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.78 12.06.2006 no virus found
eTrust-Vet 30.3.3234 12.06.2006 no virus found
Ewido 4.0 12.06.2006 no virus found
Fortinet 2.82.0.0 12.06.2006 no virus found
[B]F-Prot 3.16f 12.05.2006 W32/Methodbod.gen2
F-Prot4 4.2.1.29 12.05.2006 W32/Methodbod.gen2[/B]
Ikarus T3.1.0.26 12.05.2006 no virus found
Kaspersky 4.0.2.24 12.06.2006 no virus found
McAfee 4911 12.05.2006 no virus found
Microsoft 1.1804 12.06.2006 no virus found
NOD32v2 1904 12.06.2006 no virus found
[B]Norman 5.80.02 12.05.2006 W32/Malware
Panda 9.0.0.4 12.06.2006 Suspicious file[/B]
Prevx1 V2 12.06.2006 no virus found
[B]Sophos 4.12.0 12.06.2006 Mal/Behav-080[/B]
Sunbelt 2.2.907.0 11.30.2006 no virus found
[B]TheHacker 6.0.3.130 12.06.2006 Trojan/Horst.gen[/B]
UNA 1.83 12.05.2006 no virus found
[B]VBA32 3.11.1 12.05.2006 MalwareScope.Trojan-Proxy.Horst.1[/B]
VirusBuster 4.3.15:9 12.05.2006 no virus found

Aditional Information
File size: 44544 bytes
MD5: 0667b2142eae7afe013cad02fbbbb5ce
SHA1: 3847537d3e55487fc7fddddea509508e38f7b81e
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email][email protected][/email] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 44544 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

Scanner results
[b]AntiVir Found Heuristic/Malware (probable variant) [/b]
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
[b]Dr.Web Found BACKDOOR.Trojan, BackDoor.Pomax (probable variant) [/b]
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
VirusBuster Found nothing
[b]VBA32 Found Embedded.Trojan-Spy.Win32.Small.gm (probable variant)[/b]

Только что пришел по почте... Хотя на свежатину не похож...

Complete scanning result of "__1056", received in VirusTotal at 12.07.2006, 10:48:49 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.49 12.07.2006 TR/Dldr.Tiny.BM.50
Authentium 4.93.8 12.07.2006 W32/Downloader.AUDX
Avast 4.7.892.0 12.06.2006 no virus found
AVG 386 12.07.2006 Downloader.Generic2.ZWH
BitDefender 7.2 12.07.2006 Trojan.Downloader.Tiny.BM
CAT-QuickHeal 8.00 12.06.2006 TrojanDownloader.Tiny.bm
ClamAV devel-20060426 12.07.2006 Trojan.Downloader-13
DrWeb 4.33 12.07.2006 Trojan.DownLoader.15512
eSafe 7.0.14.0 12.06.2006 no virus found
eTrust-InoculateIT 23.73.79 12.07.2006 Win32/NordDL.1lx!Trojan
eTrust-Vet 30.3.3236 12.07.2006 Win32/Ohbeeb.AA
Ewido 4.0 12.07.2006 Downloader.Tiny.bm
Fortinet 2.82.0.0 12.07.2006 W32/Tiny.BM!tr.dldr
F-Prot 3.16f 12.05.2006 security risk named W32/Downloader.AUDX
F-Prot4 4.2.1.29 12.05.2006 W32/Downloader.AUDX
Ikarus T3.1.0.26 12.07.2006 Trojan-Downloader.Small.CBF
Kaspersky 4.0.2.24 12.07.2006 Trojan-Downloader.Win32.Tiny.bm
McAfee 4912 12.07.2006 no virus found
Microsoft 1.1804 12.07.2006 no virus found
NOD32v2 1906 12.07.2006 Win32/TrojanDownloader.Tiny.NBR
Norman 5.80.02 12.06.2006 W32/Tiny.SV
Panda 9.0.0.4 12.07.2006 no virus found
Prevx1 V2 12.07.2006 Downloader.Drev.A
Sophos 4.12.0 12.06.2006 Troj/Tiny-BT
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.130 12.06.2006 no virus found
UNA 1.83 12.06.2006 TrojanDownloader.Win32.Tiny.8DEF
VBA32 3.11.1 12.06.2006 Trojan-Downloader.Win32.Tiny.bm
VirusBuster 4.3.15:9 12.06.2006 Trojan.DL.Tiny.DK


Aditional Information
File size: 2560 bytes
MD5: 14425bb89f6d2b448b28cd1ccf4d9f8b
SHA1: 995c776401c5ef3578e1a1bdd29a9132b90d1589
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PXC=a26e59461175[/url]

Complete scanning result of "setup.exe", received in VirusTotal at 12.07.2006, 14:06:37 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.49 12.07.2006 no virus found
[B]Authentium 4.93.8 12.07.2006 W32/Methodbod.gen2[/B]
Avast 4.7.892.0 12.07.2006 no virus found
AVG 386 12.07.2006 no virus found
[B]BitDefender 7.2 12.07.2006 DeepScan:Generic.Horst.FBC6323B[/B]
CAT-QuickHeal 8.00 12.06.2006 no virus found
[B]ClamAV devel-20060426 12.07.2006 Trojan.Medbot-98[/B]
DrWeb 4.33 12.07.2006 no virus found
[B]eSafe 7.0.14.0 12.06.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.79 12.07.2006 no virus found
eTrust-Vet 30.3.3236 12.07.2006 no virus found
Ewido 4.0 12.07.2006 no virus found
Fortinet 2.82.0.0 12.07.2006 no virus found
[B]F-Prot 3.16f 12.05.2006 W32/Methodbod.gen2
F-Prot4 4.2.1.29 12.05.2006 W32/Methodbod.gen2[/B]
Ikarus T3.1.0.26 12.07.2006 no virus found
Kaspersky 4.0.2.24 12.07.2006 no virus found
McAfee 4912 12.07.2006 no virus found
Microsoft 1.1804 12.07.2006 no virus found
NOD32v2 1907 12.07.2006 no virus found
[B]Norman 5.80.02 12.06.2006 W32/Malware[/B]
Panda 9.0.0.4 12.07.2006 Suspicious file
Prevx1 V2 12.07.2006 no virus found
[B]Sophos 4.12.0 12.06.2006 Mal/Behav-080[/B]
Sunbelt 2.2.907.0 11.30.2006 no virus found
[B]TheHacker 6.0.3.130 12.06.2006 Trojan/Horst.gen[/B]
UNA 1.83 12.06.2006 no virus found
[B]VBA32 3.11.1 12.06.2006 MalwareScope.Trojan-Proxy.Horst.1[/B]
VirusBuster 4.3.15:9 12.06.2006 no virus found

Aditional Information
File size: 44544 bytes
MD5: 1722a1dc5186cdf52465245a5fb76cba
SHA1: 55157c41e7064161961298c5441c88cd119c1cda
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email][email protected][/email] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 44544 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

[COLOR="Silver"]Благодарю [b]2jocke2[/b] за предоставленный образец[/COLOR]
Complete scanning result of "[b]zAskop.dll[/b]", received in VirusTotal at 12.07.2006, 14:54:22 (CET).

[i]Antivirus Version Update Result[/i]

AntiVir 7.2.0.49 12.07.2006 TR/Spy.Agent.AAE.1
[COLOR="#ff0000"]Authentium 4.93.8 12.07.2006 no virus found[/COLOR]
Avast 4.7.892.0 12.07.2006 Win32:Small-BKI
AVG 386 12.07.2006 PSW.Generic2.SDM
BitDefender 7.2 12.07.2006 Generic.Malware.SFMdld.0099442E
[COLOR="#ff0000"]CAT-QuickHeal 8.00 12.06.2006 no virus found
ClamAV devel-20060426 12.07.2006 no virus found[/COLOR]
DrWeb 4.33 12.07.2006 Trojan.Spambot
[COLOR="#ff0000"]eSafe 7.0.14.0 12.07.2006 no virus found
eTrust-InoculateIT 23.73.79 12.07.2006 no virus found[/COLOR]
eTrust-Vet 30.3.3236 12.07.2006 Win32/Meldsimp!generic
[COLOR="#ff0000"]Ewido 4.0 12.07.2006 no virus found
Fortinet 2.82.0.0 12.07.2006 no virus found
F-Prot 3.16f 12.05.2006 no virus found
F-Prot4 4.2.1.29 12.05.2006 no virus found
Ikarus T3.1.0.26 12.07.2006 no virus found
Kaspersky 4.0.2.24 12.07.2006 no virus found
McAfee 4912 12.07.2006 no virus found
Microsoft 1.1804 12.07.2006 no virus found[/COLOR]
NOD32v2 1907 12.07.2006 probably a variant of Win32/Spy.Small.DP
[COLOR="#ff0000"]Norman 5.80.02 12.07.2006 no virus found[/COLOR]
Panda 9.0.0.4 12.07.2006 Trj/Agysteo.B
[COLOR="#ff0000"]Prevx1 V2 12.07.2006 no virus found
Sophos 4.12.0 12.06.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.130 12.06.2006 no virus found
UNA 1.83 12.06.2006 no virus found[/COLOR]
VBA32 3.11.1 12.06.2006 suspected of Backdoor.xBot.1 (paranoid heuristics)
[COLOR="#ff0000"]VirusBuster 4.3.15:9 12.06.2006 no virus found[/COLOR]

Aditional Information
File size: 13824 bytes
MD5: 41d48c0c2defce2294855c766401127f
SHA1: a0c0d338877bf61a3eb8f0d13599b8a8b70dc644
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "setup.exe", received in VirusTotal at 12.08.2006, 08:52:36 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.49 12.08.2006 no virus found
[B]Authentium 4.93.8 12.07.2006 W32/Methodbod.gen2[/B]
Avast 4.7.892.0 12.07.2006 no virus found
AVG 386 12.07.2006 no virus found
[B]BitDefender 7.2 12.08.2006 DeepScan:Generic.Horst.FF530EE6[/B]
CAT-QuickHeal 8.00 12.07.2006 no virus found
[B]ClamAV devel-20060426 12.08.2006 Trojan.Medbot-98[/B]
DrWeb 4.33 12.08.2006 no virus found
[B]eSafe 7.0.14.0 12.07.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.80 12.08.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 no virus found
Ewido 4.0 12.07.2006 no virus found
Fortinet 2.82.0.0 12.08.2006 no virus found
[B]F-Prot 3.16f 12.07.2006 W32/Methodbod.gen2
F-Prot4 4.2.1.29 12.07.2006 W32/Methodbod.gen2[/B]
Ikarus T3.1.0.26 12.07.2006 no virus found
Kaspersky 4.0.2.24 12.08.2006 no virus found
[B]McAfee 4913 12.07.2006 BackDoor-CMQ.gen[/B]
Microsoft 1.1804 12.08.2006 no virus found
NOD32v2 1909 12.07.2006 no virus found
[B]Norman 5.80.02 12.07.2006 W32/Horst.gen14
Panda 9.0.0.4 12.08.2006 Suspicious file[/B]
Prevx1 V2 12.08.2006 no virus found
[B]Sophos 4.12.0 12.06.2006 Mal/Behav-080[/B]
Sunbelt 2.2.907.0 11.30.2006 no virus found
[B]TheHacker 6.0.3.130 12.06.2006 Trojan/Horst.gen[/B]
UNA 1.83 12.07.2006 no virus found
[B]VBA32 3.11.1 12.07.2006 MalwareScope.Trojan-Proxy.Horst.1[/B]
VirusBuster 4.3.15:9 12.07.2006 no virus found

Aditional Information
File size: 44032 bytes
MD5: 13b3e0b604f4eac38ee519cb5aa08e35
SHA1: fd10382f34177e0b92247560d3288edac0b5eae8
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "___1051", received in VirusTotal at 12.08.2006, 14:27:43 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.49 12.08.2006 no virus found
Authentium 4.93.8 12.07.2006 no virus found
Avast 4.7.892.0 12.07.2006 no virus found
AVG 386 12.08.2006 no virus found
BitDefender 7.2 12.08.2006 no virus found
CAT-QuickHeal 8.00 12.07.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 12.08.2006 no virus found
DrWeb 4.33 12.08.2006 no virus found
eSafe 7.0.14.0 12.07.2006 no virus found
eTrust-InoculateIT 23.73.80 12.08.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 no virus found
Ewido 4.0 12.08.2006 no virus found
Fortinet 2.82.0.0 12.08.2006 no virus found
F-Prot 3.16f 12.07.2006 no virus found
F-Prot4 4.2.1.29 12.07.2006 no virus found
Ikarus T3.1.0.26 12.07.2006 Trojan-Downloader.Win32.Banload.rf
Kaspersky 4.0.2.24 12.08.2006 no virus found
McAfee 4913 12.07.2006 no virus found
Microsoft 1.1804 12.08.2006 no virus found
[B]NOD32v2 1910 12.08.2006 probably unknown NewHeur_PE virus[/B]
Norman 5.80.02 12.08.2006 no virus found
Panda 9.0.0.4 12.08.2006 Suspicious file
Prevx1 V2 12.08.2006 no virus found
Sophos 4.12.0 12.08.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.130 12.06.2006 no virus found
UNA 1.83 12.07.2006 no virus found
VBA32 3.11.1 12.07.2006 no virus found
VirusBuster 4.3.15:9 12.07.2006 no virus found

Aditional Information
File size: 333312 bytes
MD5: c7ce45626e59f49002bf533a2b7c7bd4
SHA1: f26cbbe2141eb0ad93d4d00e50a2238a839d7396
packers: PE_Patch, Aspack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Complete scanning result of "setup.exe", received in VirusTotal at 12.08.2006, 18:38:07 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.49 12.08.2006 no virus found
[B]Authentium 4.93.8 12.07.2006 W32/Methodbod.gen2[/B]
Avast 4.7.892.0 12.08.2006 no virus found
AVG 386 12.08.2006 no virus found
[B]BitDefender 7.2 12.08.2006 DeepScan:Generic.Horst.5CCDBFEF[/B]
CAT-QuickHeal 8.00 12.08.2006 no virus found
[B]ClamAV devel-20060426 12.08.2006 Trojan.Medbot-98[/B]
DrWeb 4.33 12.08.2006 no virus found
[B]eSafe 7.0.14.0 12.07.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.80 12.08.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 no virus found
Ewido 4.0 12.08.2006 no virus found
Fortinet 2.82.0.0 12.08.2006 no virus found
[B]F-Prot 3.16f 12.07.2006 W32/Methodbod.gen2
F-Prot4 4.2.1.29 12.07.2006 W32/Methodbod.gen2[/B]
Ikarus T3.1.0.26 12.07.2006 no virus found
Kaspersky 4.0.2.24 12.08.2006 no virus found
McAfee 4914 12.08.2006 no virus found
Microsoft 1.1804 12.08.2006 no virus found
NOD32v2 1911 12.08.2006 no virus found
[B]Norman 5.80.02 12.08.2006 W32/Horst.gen14[/B]
[B]Panda 9.0.0.4 12.08.2006 Suspicious file[/B]
Prevx1 V2 12.08.2006 no virus found
[B]Sophos 4.12.0 12.08.2006 Mal/Behav-080[/B]
Sunbelt 2.2.907.0 11.30.2006 no virus found
[B]TheHacker 6.0.3.130 12.06.2006 Trojan/Horst.gen[/B]
UNA 1.83 12.07.2006 no virus found
[B]VBA32 3.11.1 12.08.2006 MalwareScope.Trojan-Proxy.Horst.1[/B]
VirusBuster 4.3.15:9 12.08.2006 no virus found

Aditional Information
File size: 44544 bytes
MD5: e8cb9a43e491e5cc592f225371df0a0a
SHA1: ad86ee6cae901b10692635324eceabcc76b04322
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "setup.exe", received in VirusTotal at 12.09.2006, 20:16:30 (CET).


Antivirus Version Update Result

AntiVir 7.2.0.49 12.08.2006 no virus found
[B]Authentium 4.93.8 12.08.2006 W32/Methodbod.gen2[/B]
Avast 4.7.892.0 12.08.2006 no virus found
AVG 386 12.09.2006 no virus found
[B]BitDefender 7.2 12.09.2006 DeepScan:Generic.Horst.F09457F2[/B]
CAT-QuickHeal 8.00 12.09.2006 no virus found
[B]ClamAV devel-20060426 12.09.2006 Trojan.Medbot-98[/B]
DrWeb 4.33 12.09.2006 no virus found
[B]eSafe 7.0.14.0 12.07.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.81 12.09.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 no virus found
Ewido 4.0 12.09.2006 no virus found
Fortinet 2.82.0.0 12.09.2006 no virus found
[B]F-Prot 3.16f 12.08.2006 W32/Methodbod.gen2
F-Prot4 4.2.1.29 12.08.2006 W32/Methodbod.gen2[/B]
Ikarus T3.1.0.26 12.07.2006 no virus found
[B]Kaspersky 4.0.2.24 12.09.2006 Trojan-Proxy.Win32.Horst.sh[/B]
McAfee 4914 12.08.2006 no virus found
[B]NOD32v2 1913 12.09.2006 a variant of Win32/Medbot.DP
Norman 5.80.02 12.08.2006 W32/Horst.gen14
Panda 9.0.0.4 12.09.2006 Suspicious file[/B]
Prevx1 V2 12.09.2006 no virus found
[B]Sophos 4.12.0 12.08.2006 Mal/Behav-080[/B]
[B]Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.130 12.06.2006 Trojan/Horst.gen[/B]
UNA 1.83 12.08.2006 no virus found
[B]VBA32 3.11.1 12.09.2006 MalwareScope.Trojan-Proxy.Horst.1[/B]
VirusBuster 4.3.15:9 12.09.2006 no virus found

Aditional Information
File size: 44032 bytes
MD5: b2f3daed796da63f74f0d86554931dc6
SHA1: a3bfcda907e914483a2a05d9c7767c4ca60371da
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Complete scanning result of "Moiseev_ebal_Bilana.exe", received in VirusTotal at 12.11.2006, 02:13:08 (CET).


Antivirus Version Update Result

[B]AntiVir 7.2.0.49 12.10.2006 HEUR/Crypted[/B]
Authentium 4.93.8 12.08.2006 no virus found
Avast 4.7.892.0 12.08.2006 no virus found
AVG 386 12.09.2006 no virus found
BitDefender 7.2 12.11.2006 no virus found
[B]CAT-QuickHeal 8.00 12.09.2006 (Suspicious) - DNAScan[/B]
ClamAV devel-20060426 12.10.2006 no virus found
DrWeb 4.33 12.10.2006 no virus found
[B]eSafe 7.0.14.0 12.07.2006 suspicious Trojan/Worm[/B]
eTrust-InoculateIT 23.73.81 12.09.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 no virus found
Ewido 4.0 12.10.2006 no virus found
[B]Fortinet 2.82.0.0 12.11.2006 suspicious[/B]
F-Prot 3.16f 12.08.2006 no virus found
[B]F-Prot4 4.2.1.29 12.08.2006 generic[/B]
Ikarus T3.1.0.26 12.07.2006 no virus found
Kaspersky 4.0.2.24 12.11.2006 no virus found
McAfee 4915 12.10.2006 no virus found
[B]Microsoft 1.1804 12.10.2006 Win32/Ldpinch[/B]
NOD32v2 1913 12.09.2006 no virus found
Norman 5.80.02 12.08.2006 no virus found
[B]Panda 9.0.0.4 12.11.2006 Suspicious file[/B]
Prevx1 V2 12.11.2006 no virus found
Sophos 4.12.0 12.10.2006 no virus found
[B]Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious[/B]
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.08.2006 no virus found
[B]VBA32 3.11.1 12.10.2006 MalwareScope.Trojan-PSW.PdPinch.5[/B]
VirusBuster 4.3.15:9 12.10.2006 no virus found

Aditional Information
File size: 33268 bytes
MD5: fc3ca9215687f84bf1fb3035e63945fd
SHA1: 3672f81e54cce27aad769d4407b92f520507a3f1
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Из очередного спама

Complete scanning result of "__1056", received in VirusTotal at 12.11.2006, 05:23:48 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.49 12.10.2006 no virus found
Authentium 4.93.8 12.08.2006 no virus found
Avast 4.7.892.0 12.08.2006 no virus found
AVG 386 12.09.2006 no virus found
[B]BitDefender 7.2 12.11.2006 DeepScan:Generic.Dld.Wmed.E.55D473CD [/B]
CAT-QuickHeal 8.00 12.09.2006 no virus found
ClamAV devel-20060426 12.10.2006 no virus found
[B]DrWeb 4.33 12.10.2006 Trojan.DownLoader.15754[/B]
eSafe 7.0.14.0 12.07.2006 no virus found
eTrust-InoculateIT 23.73.81 12.09.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 no virus found
Ewido 4.0 12.10.2006 no virus found
Fortinet 2.82.0.0 12.11.2006 no virus found
F-Prot 3.16f 12.08.2006 no virus found
F-Prot4 4.2.1.29 12.08.2006 no virus found
Ikarus T3.1.0.26 12.07.2006 no virus found
[B]Kaspersky 4.0.2.24 12.11.2006 Trojan-Downloader.Win32.Donn.ae [/B]
McAfee 4915 12.10.2006 no virus found
Microsoft 1.1804 12.10.2006 no virus found
NOD32v2 1913 12.09.2006 no virus found
Norman 5.80.02 12.08.2006 no virus found
Panda 9.0.0.4 12.11.2006 no virus found
[B]Prevx1 V2 12.11.2006 Win32.Malware.gen [/B]
Sophos 4.12.0 12.10.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 no virus found
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.08.2006 no virus found
VBA32 3.11.1 12.10.2006 no virus found
VirusBuster 4.3.15:9 12.10.2006 no virus found

Aditional Information
File size: 3584 bytes
MD5: fd42667ea6e265a87eb0e57177fb1890
SHA1: 352ef85eb8607b1c5323012caed3d589eb2dfb13
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PXC=5ac261384280[/url]