Исследование антивирусов 4

В общем думал я думал как сделать более-менее объективную оценку антивирусов, и кое что придумал. Вот в эту тему прошу всех постить результаты проверки зверей которые были пойманы исключительно ручками. Т.е. которых не видел установленный на компютере антивирус. Так выборка будет по настоящему случайной.

[COLOR=Red]Постить в эту тему результаты проверки файлов исключительно пойманных руками на компьютерах.[/COLOR]

[COLOR="Blue"][B]Не[/B] постить результаты проверки файлов найденных на других сайтах или в коллекциях.
[B]Не[/B] постить результаты проверки файлов изначально найденных антивирусом.[/COLOR]

Предыдущие результаты:
[url]http://virusinfo.info/showthread.php?t=4367[/url]

STATUS: FINISHEDComplete scanning result of "winkve32.dll", received in VirusTotal at 07.02.2006, 19:28:21 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.19 07.02.2006 TR/PCK.Klone.G.1
Authentium 4.93.8 06.30.2006 no virus found
Avast 4.7.844.0 06.29.2006 no virus found
AVG 386 06.30.2006 Generic.WXQ
BitDefender 7.2 07.02.2006 no virus found
CAT-QuickHeal 8.00 07.01.2006 no virus found
ClamAV devel-20060426 07.01.2006 no virus found
DrWeb 4.33 07.02.2006 Trojan.Mezzia
eTrust-InoculateIT 23.72.56 07.02.2006 no virus found
eTrust-Vet 12.6.2283 06.30.2006 no virus found
Ewido 3.5 07.02.2006 no virus found
Fortinet 2.77.0.0 07.01.2006 W32/Klone.G
F-Prot 3.16f 06.30.2006 no virus found
Ikarus 0.2.65.0 06.30.2006 no virus found
Kaspersky 4.0.2.24 07.02.2006 Packed.Win32.Klone.g
McAfee 4797 06.30.2006 no virus found
Microsoft 1.1481 07.01.2006 no virus found
NOD32v2 1.1637 07.02.2006 no virus found
Norman 5.90.21 06.30.2006 no virus found
Panda 9.0.0.4 07.02.2006 Suspicious file
Sophos 4.07.0 07.02.2006 no virus found
Symantec 8.0 07.02.2006 no virus found
TheHacker 5.9.8.167 06.30.2006 no virus found
UNA 1.83 06.30.2006 no virus found
VBA32 3.11.0 07.02.2006 Trojan.Mezzia
VirusBuster 4.3.7:9 07.02.2006 no virus found

STATUS: FINISHEDComplete scanning result of "rdgRU2404.exe", received in VirusTotal at 07.02.2006, 19:30:31 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.19 07.02.2006 TR/Dldr.Obfuscated.N.5
Authentium 4.93.8 06.30.2006 no virus found
Avast 4.7.844.0 06.29.2006 no virus found
AVG 386 06.30.2006 no virus found
BitDefender 7.2 07.02.2006 no virus found
CAT-QuickHeal 8.00 07.01.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 07.01.2006 Dialer-306
DrWeb 4.33 07.02.2006 no virus found
eTrust-InoculateIT 23.72.56 07.02.2006 no virus found
eTrust-Vet 12.6.2283 06.30.2006 no virus found
Ewido 3.5 07.02.2006 no virus found
Fortinet 2.77.0.0 07.01.2006 Dial/269
F-Prot 3.16f 06.30.2006 no virus found
Ikarus 0.2.65.0 06.30.2006 no virus found
Kaspersky 4.0.2.24 07.02.2006 Trojan-Downloader.Win32.Obfuscated.n
McAfee 4797 06.30.2006 potentially unwanted program Dialer-269
Microsoft 1.1481 07.01.2006 no virus found
NOD32v2 1.1637 07.02.2006 no virus found
Norman 5.90.21 06.30.2006 no virus found
Panda 9.0.0.4 07.02.2006 no virus found
Sophos 4.07.0 07.02.2006 no virus found
Symantec 8.0 07.02.2006 no virus found
TheHacker 5.9.8.167 06.30.2006 no virus found
UNA 1.83 06.30.2006 no virus found
VBA32 3.11.0 07.02.2006 no virus found
VirusBuster 4.3.7:9 07.02.2006 no virus found

STATUS: FINISHEDComplete scanning result of "win3A.tmp.exe", received in VirusTotal at 07.02.2006, 19:30:59 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.19 07.02.2006 TR/Pakes.A.602
Authentium 4.93.8 06.30.2006 no virus found
Avast 4.7.844.0 06.29.2006 no virus found
AVG 386 06.30.2006 Generic.WUE
BitDefender 7.2 07.02.2006 no virus found
CAT-QuickHeal 8.00 07.01.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 07.01.2006 no virus found
DrWeb 4.33 07.02.2006 Trojan.DownLoader.10628
eTrust-InoculateIT 23.72.56 07.02.2006 Win32/SillyDl.AGC!Trojan
eTrust-Vet 12.6.2283 06.30.2006 no virus found
Ewido 3.5 07.02.2006 no virus found
Fortinet 2.77.0.0 07.01.2006 W32/Pakes!tr
F-Prot 3.16f 06.30.2006 no virus found
Ikarus 0.2.65.0 06.30.2006 no virus found
Kaspersky 4.0.2.24 07.02.2006 Trojan.Win32.Pakes
McAfee 4797 06.30.2006 Generic Downloader.ab
Microsoft 1.1481 07.01.2006 no virus found
NOD32v2 1.1637 07.02.2006 no virus found
Norman 5.90.21 06.30.2006 no virus found
Panda 9.0.0.4 07.02.2006 Adware/SystemDoctor
Sophos 4.07.0 07.02.2006 no virus found
Symantec 8.0 07.02.2006 Trojan Horse
TheHacker 5.9.8.167 06.30.2006 no virus found
UNA 1.83 06.30.2006 Trojan.Win32.Pakes
VBA32 3.11.0 07.02.2006 Trojan.Win32.Pakes
VirusBuster 4.3.7:9 07.02.2006 no virus found

Complete scanning result of "zipcodec-v6.155.exe", received in VirusTotal at 07.05.2006, 11:35:08 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.20 07.05.2006 DR/Zlob.Gen
Authentium 4.93.8 07.05.2006 no virus found
Avast 4.7.844.0 07.03.2006 no virus found
AVG 386 07.04.2006 no virus found
BitDefender 7.2 07.05.2006 no virus found
CAT-QuickHeal 8.00 07.04.2006 no virus found
ClamAV devel-20060426 07.04.2006 no virus found
DrWeb 4.33 07.05.2006 Trojan.Popuper
eTrust-InoculateIT 23.72.59 07.04.2006 no virus found
eTrust-Vet 12.6.2287 07.05.2006 no virus found
Ewido 3.5 07.05.2006 no virus found
Fortinet 2.77.0.0 07.05.2006 suspicious
F-Prot 3.16f 07.05.2006 no virus found
F-Prot4 4.2.1.29 07.05.2006 no virus found
Ikarus 0.2.65.0 07.04.2006 no virus found
Kaspersky 4.0.2.24 07.05.2006 Trojan-Downloader.Win32.Zlob.wq
McAfee 4799 07.04.2006 no virus found
Microsoft 1.1481 07.01.2006 no virus found
NOD32v2 1.1644 07.04.2006 no virus found
Norman 5.90.23 07.05.2006 no virus found
Panda 9.0.0.4 07.04.2006 no virus found
Sophos 4.07.0 07.05.2006 no virus found
Symantec 8.0 07.05.2006 no virus found
TheHacker 5.9.8.169 07.04.2006 no virus found
UNA 1.83 07.04.2006 no virus found
VBA32 3.11.0 07.04.2006 no virus found
VirusBuster 4.3.7:9 07.04.2006 no virus found

Complete scanning result of "aspi277816._xe", received in VirusTotal at 07.10.2006, 06:13:38 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 no virus found
Authentium 4.93.8 07.07.2006 no virus found
Avast 4.7.844.0 07.07.2006 Win32:Lmir-BK
AVG 386 07.07.2006 no virus found
BitDefender 7.2 07.10.2006 BehavesLike:Win32.SiteHijack
CAT-QuickHeal 8.00 07.07.2006 no virus found
ClamAV devel-20060426 07.07.2006 Trojan.Danmec.B-dll
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 Win32/Danmec!generic
Ewido 3.5 07.09.2006 no virus found
Fortinet 2.77.0.0 07.10.2006 no virus found
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 no virus found
Kaspersky 4.0.2.24 07.10.2006 no virus found
McAfee 4802 07.07.2006 no virus found
Microsoft 1.1481 07.09.2006 no virus found
NOD32v2 1.1651 07.08.2006 probably a variant of Win32/Spy.Gepost
Norman 5.90.23 07.07.2006 no virus found
Panda 9.0.0.4 07.09.2006 Suspicious file
Sophos 4.07.0 07.09.2006 no virus found
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 no virus found
VBA32 3.11.0 07.09.2006 suspected of Backdoor.Agent.123 (paranoid heuristics)
VirusBuster 4.3.7:9 07.09.2006 no virus found

Aditional Information
File size: 37376 bytes
MD5: c5ff5f2370a91f2cc5173c65bf1b7b06
SHA1: ed6e14595f753c7f6e5a2dde044df007a2cc8981
packers: UPX

Complete scanning result of "dlh9jkdq1._xe", received in VirusTotal at 07.10.2006, 06:24:29 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 TR/Dldr.Small.agq.4
Authentium 4.93.8 07.07.2006 no virus found
Avast 4.7.844.0 07.07.2006 no virus found
AVG 386 07.07.2006 Downloader.Generic.QUS
BitDefender 7.2 07.10.2006 Trojan.Downloader.CZO
CAT-QuickHeal 8.00 07.07.2006 Trojan.Small.agq.4
ClamAV devel-20060426 07.07.2006 Trojan.Downloader.Small-811
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 Downloader.Small
Fortinet 2.77.0.0 07.10.2006 W32/Dloader.F!tr
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 Trojan-Downloader.Win32.Tibs.M
Kaspersky 4.0.2.24 07.10.2006 no virus found
McAfee 4802 07.07.2006 Generic Downloader.f
Microsoft 1.1481 07.09.2006 Downloader.AT (threat-c)
NOD32v2 1.1651 07.08.2006 Win32/TrojanDownloader.Small.AWA
Norman 5.90.23 07.07.2006 W32/DLoader.FJG
Panda 9.0.0.4 07.09.2006 Adware/Adsmart
Sophos 4.07.0 07.09.2006 Troj/Small-BBP
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 W32/SdBot(2).worm.gen
UNA 1.83 07.08.2006 TrojanDownloader.Win32.Small
VBA32 3.11.0 07.09.2006 Trojan.PWS.GoldSpy
VirusBuster 4.3.7:9 07.09.2006 Trojan.Small.AWC

Aditional Information
File size: 2518 bytes
MD5: e1f690200eb34cfd48166bb4f5747c8b
SHA1: af0b4f4c8c54f62cb24ee6c1b820b7dbbe402edb
packers: FSG

Complete scanning result of "ICQ2003Decrypt._ll", received in VirusTotal at 07.10.2006, 06:28:18 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 W32/Bizex.A.DLL
Authentium 4.93.8 07.07.2006 no virus found
Avast 4.7.844.0 07.07.2006 Win32:Trojan-gen. {Other}
AVG 386 07.07.2006 no virus found
BitDefender 7.2 07.10.2006 Win32.HLLW.Bizex.A
CAT-QuickHeal 8.00 07.07.2006 PSWTool.ICQ.l (Not a Virus)
ClamAV devel-20060426 07.07.2006 no virus found
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 Not-A-Virus.PSWTool.Win32.ICQ.l
Fortinet 2.77.0.0 07.10.2006 HackerTool/ICQ
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 Worm.Win32.Bizex
Kaspersky 4.0.2.24 07.10.2006 not-a-virus:PSWTool.Win32.ICQ.l
McAfee 4802 07.07.2006 no virus found
Microsoft 1.1481 07.09.2006 no virus found
NOD32v2 1.1651 07.08.2006 unpack error
Norman 5.90.23 07.07.2006 W32/Bizex.K
Panda 9.0.0.4 07.09.2006 Trj/Bizex.E
Sophos 4.07.0 07.09.2006 no virus found
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 Worm.Win32.Bizex.b
VBA32 3.11.0 07.09.2006 Win32.Worm.Bizex
VirusBuster 4.3.7:9 07.09.2006 Trojan.Bizex.A

Aditional Information
File size: 7168 bytes
MD5: 477316c4c75b3bc03a5bc7ea23866d8a
SHA1: e064b2a2de99be1052df09bdb72e5cf0b3e3efc1
packers: UPX, embedded

Complete scanning result of "kernels8._xe", received in VirusTotal at 07.10.2006, 06:30:23 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 TR/Crypt.F.Gen
Authentium 4.93.8 07.07.2006 no virus found
Avast 4.7.844.0 07.07.2006 no virus found
AVG 386 07.07.2006 Downloader.Tibs
BitDefender 7.2 07.10.2006 Trojan.Downloader.Tibs.1.Gen
CAT-QuickHeal 8.00 07.07.2006 no virus found
ClamAV devel-20060426 07.07.2006 no virus found
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 no virus found
Fortinet 2.77.0.0 07.10.2006 no virus found
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 no virus found
Kaspersky 4.0.2.24 07.10.2006 Trojan-Downloader.Win32.Tibs.fj
McAfee 4802 07.07.2006 Generic Downloader.bl
Microsoft 1.1481 07.09.2006 no virus found
NOD32v2 1.1651 07.08.2006 probably a variant of Win32/TrojanDownloader.Small.AWA
Norman 5.90.23 07.07.2006 no virus found
Panda 9.0.0.4 07.09.2006 Suspicious file
Sophos 4.07.0 07.09.2006 no virus found
Symantec 8.0 07.10.2006 Trojan.Galapoper.A
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 no virus found
VBA32 3.11.0 07.09.2006 no virus found
VirusBuster 4.3.7:9 07.09.2006 no virus found

Aditional Information
File size: 7701 bytes
MD5: 38443465b705485b143394f50ebdb661
SHA1: f748d3fccb3de9c08260d39c516228b368216522

Complete scanning result of "OEM._xe", received in VirusTotal at 07.10.2006, 07:04:51 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 no virus found
Authentium 4.93.8 07.07.2006 could be a corrupted executable file
Avast 4.7.844.0 07.07.2006 no virus found
AVG 386 07.07.2006 no virus found
BitDefender 7.2 07.10.2006 no virus found
CAT-QuickHeal 8.00 07.10.2006 no virus found
ClamAV devel-20060426 07.07.2006 no virus found
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 Win32/ConycSp.4ib!Trojan
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 Proxy.Agent.jw
Fortinet 2.77.0.0 07.10.2006 suspicious
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 no virus found
Kaspersky 4.0.2.24 07.10.2006 no virus found
McAfee 4802 07.07.2006 no virus found
Microsoft 1.1481 07.09.2006 no virus found
NOD32v2 1.1651 07.08.2006 no virus found
Norman 5.90.23 07.07.2006 W32/Agent.ABIP
Panda 9.0.0.4 07.09.2006 no virus found
Sophos 4.07.0 07.09.2006 no virus found
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 no virus found
VBA32 3.11.0 07.09.2006 no virus found
VirusBuster 4.3.7:9 07.09.2006 Trojan.PR.Agent.CQI

Aditional Information
File size: 43507 bytes
MD5: 57c59d5987ea6a35420f0d2cdb252ed2
SHA1: c7d71f0d31fe5bce2be1b98cb4fe3dd7eaedda9a

Complete scanning result of "select._xe", received in VirusTotal at 07.10.2006, 07:23:36 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 TR/Proxy.Small.EM.2
Authentium 4.93.8 07.07.2006 no virus found
Avast 4.7.844.0 07.07.2006 no virus found
AVG 386 07.07.2006 no virus found
BitDefender 7.2 07.10.2006 no virus found
CAT-QuickHeal 8.00 07.10.2006 no virus found
ClamAV devel-20060426 07.07.2006 no virus found
DrWeb 4.33 07.09.2006 Trojan.Proxy.995
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 Proxy.Small.em
Fortinet 2.77.0.0 07.10.2006 W32/Small.EM!tr
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 Possibly a new unknown PE_Virus!Maximus
Ikarus 0.2.65.0 07.07.2006 no virus found
Kaspersky 4.0.2.24 07.10.2006 Trojan-Proxy.Win32.Small.em
McAfee 4802 07.07.2006 no virus found
Microsoft 1.1481 07.10.2006 no virus found
NOD32v2 1.1651 07.08.2006 no virus found
Norman 5.90.23 07.07.2006 no virus found
Panda 9.0.0.4 07.09.2006 Suspicious file
Sophos 4.07.0 07.09.2006 no virus found
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 no virus found
VBA32 3.11.0 07.09.2006 Trojan-Proxy.Win32.Small.em
VirusBuster 4.3.7:9 07.09.2006 no virus found

Aditional Information
File size: 27136 bytes
MD5: 6416cdf9f1fc2b6ae69d587382bb32d1
SHA1: 70e8299ddd3bb085baeff32acfc9388f88b16394
packers: UPX

Complete scanning result of "vxgame2._xe", received in VirusTotal at 07.10.2006, 07:27:41 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 no virus found
Authentium 4.93.8 07.07.2006 could be a corrupted executable file
Avast 4.7.844.0 07.07.2006 no virus found
AVG 386 07.07.2006 no virus found
BitDefender 7.2 07.10.2006 no virus found
CAT-QuickHeal 8.00 07.10.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 07.07.2006 no virus found
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 Win32/Cosiam.6bc!Trojan
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 no virus found
Fortinet 2.77.0.0 07.10.2006 suspicious
F-Prot 3.16f 07.07.2006 no virus found
F-Prot4 4.2.1.29 07.07.2006 no virus found
Ikarus 0.2.65.0 07.07.2006 no virus found
Kaspersky 4.0.2.24 07.10.2006 no virus found
McAfee 4802 07.07.2006 no virus found
Microsoft 1.1481 07.10.2006 no virus found
NOD32v2 1.1651 07.08.2006 no virus found
Norman 5.90.23 07.07.2006 W32/Agent.AEML
Panda 9.0.0.4 07.09.2006 Trj/Jupillites.G
Sophos 4.07.0 07.10.2006 no virus found
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 no virus found
UNA 1.83 07.08.2006 no virus found
VBA32 3.11.0 07.09.2006 no virus found
VirusBuster 4.3.7:9 07.09.2006 no virus found

Aditional Information
File size: 12771 bytes
MD5: 26a5ac9179271b3661cb3ff1a177904a
SHA1: 101d073afe4642d5a43e2502cbf2ecbfc7dbc8bc

Complete scanning result of "vxgamet4._xe", received in VirusTotal at 07.10.2006, 07:31:53 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.09.2006 TR/Dldr.Small.agq.4
Authentium 4.93.8 07.07.2006 W32/Downloader.MAP
Avast 4.7.844.0 07.07.2006 Win32:Trojan-gen. {Other}
AVG 386 07.07.2006 Downloader.Generic.QUS
BitDefender 7.2 07.10.2006 Trojan.Downloader.CZO
CAT-QuickHeal 8.00 07.10.2006 Trojan.Small.agq.4
ClamAV devel-20060426 07.07.2006 Trojan.Downloader.Small-811
DrWeb 4.33 07.09.2006 no virus found
eTrust-InoculateIT 23.72.64 07.09.2006 no virus found
eTrust-Vet 12.6.2291 07.07.2006 no virus found
Ewido 3.5 07.09.2006 Trojan.Small
Fortinet 2.77.0.0 07.10.2006 W32/Dloader.F!tr
F-Prot 3.16f 07.07.2006 security risk named W32/Downloader.MAP
F-Prot4 4.2.1.29 07.07.2006 W32/Downloader.MAP
Ikarus 0.2.65.0 07.07.2006 Trojan-Downloader.Win32.Tibs.M
Kaspersky 4.0.2.24 07.10.2006 no virus found
McAfee 4802 07.07.2006 Generic Downloader.f
Microsoft 1.1481 07.10.2006 Small.BCD (threat-c)
NOD32v2 1.1651 07.08.2006 Win32/TrojanDownloader.Small.AWA
Norman 5.90.23 07.07.2006 W32/DLoader.FJG
Panda 9.0.0.4 07.09.2006 Adware/Adsmart
Sophos 4.07.0 07.10.2006 Troj/Small-BBP
Symantec 8.0 07.10.2006 no virus found
TheHacker 5.9.8.171 07.10.2006 W32/SdBot(2).worm.gen
UNA 1.83 07.08.2006 TrojanDownloader.Win32.Small
VBA32 3.11.0 07.09.2006 Trojan.PWS.GoldSpy
VirusBuster 4.3.7:9 07.09.2006 Trojan.Small.AWC

Aditional Information
File size: 1632 bytes
MD5: e6531c833c2314274aad9bf345108c99
SHA1: 0e2b5d8b0142b8256ee885df993b1112f8af5996

Complete scanning result of "1684338184._xe", received in VirusTotal at 07.12.2006, 05:35:11 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.11.2006 HEUR/Crypted.Modified
Authentium 4.93.8 07.11.2006 no virus found
Avast 4.7.844.0 07.11.2006 no virus found
AVG 386 07.11.2006 no virus found
BitDefender 7.2 07.12.2006 no virus found
CAT-QuickHeal 8.00 07.11.2006 no virus found
ClamAV devel-20060426 07.11.2006 no virus found
DrWeb 4.33 07.11.2006 no virus found
eTrust-InoculateIT 23.72.66 07.11.2006 no virus found
eTrust-Vet 12.6.2294 07.11.2006 no virus found
Ewido 4.0 07.11.2006 Logger.Agent.mf
Fortinet 2.77.0.0 07.12.2006 Spy/Agent
F-Prot 3.16f 07.11.2006 no virus found
F-Prot4 4.2.1.29 07.11.2006 no virus found
Ikarus 0.2.65.0 07.11.2006 no virus found
Kaspersky 4.0.2.24 07.12.2006 Trojan-Spy.Win32.Agent.mf
McAfee 4804 07.11.2006 no virus found
Microsoft 1.1481 07.10.2006 no virus found
NOD32v2 1.1654 07.11.2006 no virus found
Norman 5.90.23 07.11.2006 no virus found
Panda 9.0.0.4 07.11.2006 no virus found
Sophos 4.07.0 07.11.2006 no virus found
Symantec 8.0 07.12.2006 no virus found
TheHacker 5.9.8.173 07.11.2006 no virus found
UNA 1.83 07.11.2006 no virus found
VBA32 3.11.0 07.11.2006 Trojan-Spy.Win32.Agent.mf
VirusBuster 4.3.7:9 07.11.2006 no virus found

Aditional Information
File size: 10752 bytes
MD5: c19efde96a1318985af229590b218724
SHA1: d0be4afe15bbc292df455c6066fba4399fe2daf9
packers: UPX

Complete scanning result of "Setup.exe", received in VirusTotal at 07.12.2006, 22:06:46 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.12.2006 ADSPY/180Solutions.AS
Authentium 4.93.8 07.12.2006 no virus found
Avast 4.7.844.0 07.12.2006 no virus found
AVG 386 07.12.2006 Adware Generic.OYX
BitDefender 7.2 07.12.2006 Adware.Zango.B
CAT-QuickHeal 8.00 07.12.2006 no virus found
ClamAV devel-20060426 07.12.2006 no virus found
DrWeb 4.33 07.12.2006 Adware.Zango
eTrust-InoculateIT 23.72.66 07.11.2006 no virus found
eTrust-Vet 12.6.2295 07.12.2006 no virus found
Ewido 4.0 07.12.2006 no virus found
Fortinet 2.77.0.0 07.12.2006 Adware/WinAd!0267
F-Prot 3.16f 07.12.2006 no virus found
F-Prot4 4.2.1.29 07.12.2006 no virus found
Ikarus 0.2.65.0 07.12.2006 no virus found
Kaspersky 4.0.2.24 07.12.2006 not-a-virus:AdWare.Win32.180Solutions.as
McAfee 4805 07.12.2006 potentially unwanted program Adware-ZangoSA
Microsoft 1.1481 07.12.2006 no virus found
NOD32v2 1.1656 07.12.2006 no virus found
Norman 5.90.23 07.12.2006 W32/180Solutions.EQ
Panda 9.0.0.4 07.12.2006 no virus found
Sophos 4.07.0 07.12.2006 no virus found
Symantec 8.0 07.12.2006 no virus found
TheHacker 5.9.8.173 07.11.2006 no virus found
UNA 1.83 07.12.2006 Adware.180Solutions
VBA32 3.11.0 07.12.2006 AdWare.Win32.180Solutions.as
VirusBuster 4.3.7:9 07.12.2006 no virus found

Aditional Information
File size: 147536 bytes
MD5: 79dccdd7039bc37c1906c5f06396d206
SHA1: 5adfd2411a8b539f977aed2c676cc6f11b0df45b
packers: UPX

Complete scanning result of "Alers_.exe", received in VirusTotal at 07.13.2006, 15:08:41 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.13.2006 HEUR/Trojan.Downloader
Authentium 4.93.8 07.12.2006 no virus found
Avast 4.7.844.0 07.12.2006 no virus found
AVG 386 07.13.2006 no virus found
BitDefender 7.2 07.13.2006 BehavesLike:Win32.Backdoor
CAT-QuickHeal 8.00 07.12.2006 no virus found
ClamAV devel-20060426 07.13.2006 no virus found
DrWeb 4.33 07.13.2006 DLOADER.Trojan
eTrust-InoculateIT 23.72.67 07.13.2006 no virus found
eTrust-Vet 12.6.2296 07.13.2006 no virus found
Ewido 4.0 07.13.2006 no virus found
Fortinet 2.77.0.0 07.13.2006 suspicious
F-Prot 3.16f 07.12.2006 no virus found
F-Prot4 4.2.1.29 07.12.2006 no virus found
Ikarus 0.2.65.0 07.13.2006 no virus found
Kaspersky 4.0.2.24 07.13.2006 no virus found
McAfee 4805 07.12.2006 potentially unwanted program Keylog-Z0mbie
Microsoft 1.1481 07.13.2006 no virus found
NOD32v2 1.1657 07.13.2006 no virus found
Norman 5.90.23 07.13.2006 W32/Malware
Panda 9.0.0.4 07.13.2006 Suspicious file
Sophos 4.07.0 07.13.2006 no virus found
Symantec 8.0 07.13.2006 no virus found
TheHacker 5.9.8.174 07.13.2006 no virus found
UNA 1.83 07.12.2006 no virus found
VBA32 3.11.0 07.12.2006 no virus found
VirusBuster 4.3.7:9 07.12.2006 no virus found

Complete scanning result of "______.exe", received in VirusTotal at 07.16.2006, 19:02:10 (CET).
Antivirus Version Update Result
AntiVir 6.35.0.21 07.16.2006 TR/PSW.LdPinch.apk.2
Authentium 4.93.8 07.14.2006 no virus found
Avast 4.7.844.0 07.14.2006 no virus found
AVG 386 07.14.2006 PSW.Ldpinch.BML
BitDefender 7.2 07.16.2006 no virus found
CAT-QuickHeal 8.00 07.13.2006 no virus found
ClamAV devel-20060426 07.15.2006 no virus found
DrWeb 4.33 07.16.2006 no virus found
eTrust-InoculateIT 23.72.70 07.16.2006 no virus found
eTrust-Vet 12.6.2297 07.14.2006 no virus found
Ewido 4.0 07.16.2006 Trojan.LdPinch.apk
Fortinet 2.77.0.0 07.16.2006 W32/LdPinch.APK!tr.pws
F-Prot 3.16f 07.14.2006 no virus found
F-Prot4 4.2.1.29 07.14.2006 no virus found
Ikarus 0.2.65.0 07.14.2006 no virus found
Kaspersky 4.0.2.24 07.16.2006 Trojan-PSW.Win32.LdPinch.apk
McAfee 4807 07.14.2006 no virus found
Microsoft 1.1508 07.16.2006 no virus found
NOD32v2 1.1663 07.16.2006 no virus found
Norman 5.90.23 07.14.2006 no virus found
Panda 9.0.0.4 07.16.2006 Suspicious file
Sophos 4.07.0 07.16.2006 no virus found
Symantec 8.0 07.16.2006 no virus found
TheHacker 5.9.8.176 07.15.2006 no virus found
UNA 1.83 07.14.2006 Trojan.PSW.Win32.LdPinch
VBA32 3.11.0 07.15.2006 Trojan-PSW.Win32.LdPinch.apk
VirusBuster 4.3.7:9 07.15.2006 no virus found

Aditional Information
File size: 102400 bytes
MD5: d5cd0417e8f81c26538bc4d6c1890497
SHA1: f2ac59bd1ac4ebba368ac7149a0b4115adef4d34
packers: UPX

Complete scanning result of "1_32bean32_1._ll", received in VirusTotal at 07.17.2006, 07:03:06 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.16.2006 BDS/Agent.ctu.2
Authentium 4.93.8 07.14.2006 no virus found
Avast 4.7.844.0 07.14.2006 no virus found
AVG 386 07.14.2006 no virus found
BitDefender 7.2 07.17.2006 Trojan.Agent.RX
CAT-QuickHeal 8.00 07.13.2006 no virus found
ClamAV devel-20060426 07.15.2006 no virus found
DrWeb 4.33 07.16.2006 BackDoor.Uragan
eTrust-InoculateIT 23.72.70 07.16.2006 no virus found
eTrust-Vet 12.6.2297 07.14.2006 no virus found
Ewido 4.0 07.16.2006 no virus found
Fortinet 2.77.0.0 07.16.2006 suspicious
F-Prot 3.16f 07.14.2006 no virus found
F-Prot4 4.2.1.29 07.14.2006 no virus found
Ikarus 0.2.65.0 07.14.2006 no virus found
Kaspersky 4.0.2.24 07.17.2006 Trojan.Win32.Inject.aa
McAfee 4807 07.14.2006 no virus found
Microsoft 1.1508 07.17.2006 no virus found
NOD32v2 1.1663 07.16.2006 a variant of Win32/TrojanProxy.Xorpix
Norman 5.90.23 07.14.2006 no virus found
Panda 9.0.0.4 07.16.2006 Suspicious file
Sophos 4.07.0 07.17.2006 no virus found
Symantec 8.0 07.17.2006 no virus found
TheHacker 5.9.8.176 07.15.2006 no virus found
UNA 1.83 07.14.2006 no virus found
VBA32 3.11.0 07.17.2006 no virus found
VirusBuster 4.3.7:9 07.16.2006 no virus found

Aditional Information
File size: 13372 bytes
MD5: cebb0f59f09bd36b6d2b1a2ab8531aa3
SHA1: 408a1f6013d4aad6ee838e00778e82a689569dbf
packers: UPack

Complete scanning result of "Nfo_viewer._xe", received in VirusTotal at 07.20.2006, 13:47:50 (CET).
Antivirus Version Update Result
AntiVir 6.35.0.21 07.20.2006 no virus found
Authentium 4.93.8 07.19.2006 no virus found
Avast 4.7.844.0 07.19.2006 no virus found
AVG 386 07.19.2006 no virus found
BitDefender 7.2 07.20.2006 BehavesLike:Trojan.StartPage
CAT-QuickHeal 8.00 07.20.2006 no virus found
ClamAV devel-20060426 07.20.2006 no virus found
DrWeb 4.33 07.20.2006 no virus found
eTrust-InoculateIT 23.72.73 07.20.2006 no virus found
eTrust-Vet 12.6.2303 07.20.2006 no virus found
Ewido 4.0 07.20.2006 no virus found
Fortinet 2.77.0.0 07.19.2006 suspicious
F-Prot 3.16f 07.19.2006 no virus found
F-Prot4 4.2.1.29 07.19.2006 no virus found
Ikarus 0.2.65.0 07.20.2006 no virus found
Kaspersky 4.0.2.24 07.20.2006 no virus found
McAfee 4810 07.19.2006 no virus found
Microsoft 1.1508 07.20.2006 no virus found
NOD32v2 1.1669 07.20.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 07.20.2006 no virus found
Panda 9.0.0.4 07.20.2006 Suspicious file
Sophos 4.07.0 07.20.2006 no virus found
Symantec 8.0 07.20.2006 no virus found
TheHacker 5.9.8.178 07.19.2006 no virus found
UNA 1.83 07.19.2006 no virus found
VBA32 3.11.0 07.19.2006 no virus found
VirusBuster 4.3.7:9 07.19.2006 no virus found

Aditional Information
File size: 17408 bytes
MD5: 4dca4457e33e6e8ff283c50515450a35
SHA1: a74ea29e12f8388031c647e92b09b5b4ebb099b7
packers: UPX

Complete scanning result of "nm.c-m", received in VirusTotal at 07.20.2006, 21:57:07 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.21 07.20.2006 HEUR/Trojan.Downloader
Authentium 4.93.8 07.20.2006 Possibly a new variant of W32/Downloader-Sml-based!Maximus
Avast 4.7.844.0 07.19.2006 no virus found
AVG 386 07.20.2006 no virus found
BitDefender 7.2 07.20.2006 Trojan.Downloader.Small.ARS
CAT-QuickHeal 8.00 07.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 07.20.2006 Trojan.Downloader.Small-1250
DrWeb 4.33 07.20.2006 Trojan.DownLoader.7253
eTrust-InoculateIT 23.72.73 07.20.2006 no virus found
eTrust-Vet 12.6.2303 07.20.2006 no virus found
Ewido 4.0 07.20.2006 no virus found
Fortinet 2.77.0.0 07.20.2006 suspicious
F-Prot 3.16f 07.20.2006 Possibly a new variant of W32/Downloader-Sml-based!Maximus
F-Prot4 4.2.1.29 07.20.2006 W32/Downloader-Sml-based!Maximus
Ikarus 0.2.65.0 07.20.2006 no virus found
Kaspersky 4.0.2.24 07.20.2006 Trojan-Downloader.Win32.Tiny.av
McAfee 4811 07.20.2006 no virus found
Microsoft 1.1508 07.20.2006 TrojanDropper:Win32/Small.gen
NOD32v2 1.1671 07.20.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 07.20.2006 W32/Downloader
Panda 9.0.0.4 07.20.2006 Suspicious file
Sophos 4.07.0 07.20.2006 no virus found
Symantec 8.0 07.20.2006 no virus found
TheHacker 5.9.8.178 07.19.2006 no virus found
UNA 1.83 07.20.2006 no virus found
VBA32 3.11.0 07.20.2006 Trojan-Downloader.Win32.Small.csf
VirusBuster 4.3.7:9 07.20.2006 no virus found


Aditional Information
File size: 784 bytes
MD5: 626f953ea4817bd59f9b8fa29e6306bb
SHA1: 4b3b769367bcc9f2b7e43951e498955266aca36b

поражает обилие фпротов в рейтинге ;-)

старичка Литмуса узнали далеко не все...

File "q81.c-m" received on 07.20.2006 at 22:04:28 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.

Antivirus Version Update Result
AntiVir 6.35.0.21 07.20.2006 BDS/Litmus.203
Authentium 4.93.8 07.20.2006 no virus found
Avast 4.7.844.0 07.19.2006 no virus found
AVG 386 07.20.2006 BackDoor.Generic2.VRC
BitDefender 7.2 07.20.2006 Backdoor.Litmus.203
CAT-QuickHeal 8.00 07.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 07.20.2006 no virus found
DrWeb 4.33 07.20.2006 BackDoor.Litmus.203
eTrust-InoculateIT 23.72.73 07.20.2006 no virus found
eTrust-Vet 12.6.2303 07.20.2006 no virus found
Ewido 4.0 07.20.2006 Backdoor.Litmus.203
Fortinet 2.77.0.0 07.20.2006 W32/BDoor.203!tr.bdr
F-Prot 3.16f 07.20.2006 could be infected with an unknown virus
F-Prot4 4.2.1.29 07.20.2006 Possibly a new unknown PE_Virus!Maximus
Ikarus 0.2.65.0 07.20.2006 Backdoor.Win32.Litmus.203
Kaspersky 4.0.2.24 07.20.2006 Backdoor.Win32.Litmus.203
McAfee 4811 07.20.2006 BackDoor-JZ
Microsoft 1.1508 07.20.2006 no virus found
NOD32v2 1.1671 07.20.2006 Win32/Litmus.203
Norman 5.90.23 07.20.2006 W32/Litmus.BTI
Panda 9.0.0.4 07.20.2006 Suspicious file
Sophos 4.07.0 07.20.2006 no virus found
Symantec 8.0 07.20.2006 Backdoor.Litmus.203
TheHacker 5.9.8.179 07.21.2006 Backdoor.JZ
UNA 1.83 07.20.2006 Backdoor.Litmus.203
VBA32 3.11.0 07.20.2006 Backdoor.Litmus.203
VirusBuster 4.3.7:9 07.20.2006 no virus found

Aditional Information
File size: 20729 bytes
MD5: f44432aa51dcd6ca9d8cbb96831ec3d7
SHA1: 984596b7b58aaccdeeb09bd4eb90c0b0ab7e4f50
packers: Packed
packers: SoftComp

scanning result of "VIRUS___Pinch.rar", received in VirusTotal at 07.24.2006, 09:27:15 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.24 07.24.2006 no virus found
Authentium 4.93.8 07.21.2006 no virus found
Avast 4.7.844.0 07.23.2006 no virus found
AVG 386 07.21.2006 no virus found
BitDefender 7.2 07.22.2006 no virus found
CAT-QuickHeal 8.00 07.22.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 07.21.2006 no virus found
DrWeb 4.33 07.23.2006 Trojan.PWS.LDPinch.462
eTrust-InoculateIT 23.72.76 07.23.2006 no virus found
eTrust-Vet 12.6.2306 07.24.2006 no virus found
Ewido 4.0 07.23.2006 Trojan.LdPinch
Fortinet 2.77.0.0 07.23.2006 suspicious
F-Prot 3.16f 07.21.2006 no virus found
F-Prot4 4.2.1.29 07.21.2006 no virus found
Ikarus 0.2.65.0 07.23.2006 no virus found
Kaspersky 4.0.2.24 07.24.2006 no virus found
McAfee 4812 07.21.2006 no virus found
Microsoft 1.1508 07.24.2006 no virus found
NOD32v2 1.1675 07.23.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 07.21.2006 no virus found
Panda 9.0.0.4 07.23.2006 Suspicious file
Sophos 4.07.0 07.24.2006 no virus found
Symantec 8.0 07.24.2006 no virus found
TheHacker 5.9.8.180 07.24.2006 no virus found
UNA 1.83 07.21.2006 Win32.CRYPT.virus
VBA32 3.11.0 07.24.2006 Trojan.PWS.LDPinch.462
VirusBuster 4.3.7:9 07.23.2006 no virus found


Aditional Information
File size: 135398 bytes
MD5: 5b09a2cb7fb3b59dbc441053a60781ca
SHA1: 5143220e2fe690024260d707d3fb8affedb4b53e
packers: SVKProtector

Вдогонку, тест распакованного из архива вируса дал:
Ikarus 0.2.65.0 07.23.2006 Backdoor.Win32.SdBot.AKU

Икарусу стоило бы понимать РАР :)

Complete scanning result of "winccf32.dll", received in VirusTotal at 07.24.2006, 10:17:56 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.24 07.24.2006 TR/PCK.Klone.G.15
Authentium 4.93.8 07.21.2006 no virus found
Avast 4.7.844.0 07.23.2006 Win32:Klone-N
AVG 386 07.21.2006 Generic.YEC
BitDefender 7.2 07.22.2006 Trojan.Downloader.Agent.ADE
CAT-QuickHeal 8.00 07.22.2006 no virus found
ClamAV devel-20060426 07.21.2006 no virus found
DrWeb 4.33 07.23.2006 no virus found
eTrust-InoculateIT 23.72.76 07.23.2006 no virus found
eTrust-Vet 12.6.2306 07.24.2006 no virus found
Ewido 4.0 07.23.2006 no virus found
Fortinet 2.77.0.0 07.23.2006 W32/Klone.G
F-Prot 3.16f 07.21.2006 no virus found
F-Prot4 4.2.1.29 07.21.2006 no virus found
Ikarus 0.2.65.0 07.24.2006 no virus found
Kaspersky 4.0.2.24 07.24.2006 Packed.Win32.Klone.g
McAfee 4812 07.21.2006 no virus found
Microsoft 1.1508 07.24.2006 no virus found
NOD32v2 1.1675 07.23.2006 no virus found
Norman 5.90.23 07.21.2006 no virus found
Panda 9.0.0.4 07.23.2006 Suspicious file
Sophos 4.07.0 07.24.2006 no virus found
Symantec 8.0 07.24.2006 no virus found
TheHacker 5.9.8.180 07.24.2006 no virus found
UNA 1.83 07.21.2006 no virus found
VBA32 3.11.0 07.24.2006 no virus found
VirusBuster 4.3.7:9 07.23.2006 no virus found

Aditional Information
File size: 18944 bytes
MD5: f849bedb22de523bf9ced1edea4d6e3e
SHA1: 2a57e9929ee939640a1655cba394b16b18c5cd7f
packers: PecBundle, PECompact

STATUS: FINISHEDComplete scanning result of "winlogon1.exe", received in VirusTotal at 07.26.2006, 14:58:27 (CET).
Antivirus Version Update Result
AntiVir 6.35.1.0 07.26.2006 no virus found
Authentium 4.93.8 07.26.2006 no virus found
Avast 4.7.844.0 07.26.2006 no virus found
AVG 386 07.25.2006 no virus found
BitDefender 7.2 07.26.2006 no virus found
CAT-QuickHeal 8.00 07.26.2006 no virus found
ClamAV devel-20060426 07.26.2006 no virus found
DrWeb 4.33 07.26.2006 no virus found
eTrust-InoculateIT 23.72.78 07.25.2006 no virus found
eTrust-Vet 12.6.2309 07.26.2006 no virus found
Ewido 4.0 07.26.2006 no virus found
Fortinet 2.77.0.0 07.26.2006 no virus found
F-Prot 3.16f 07.26.2006 no virus found
F-Prot4 4.2.1.29 07.26.2006 no virus found
Ikarus 0.2.65.0 07.26.2006 no virus found
Kaspersky 4.0.2.24 07.26.2006 no virus found
McAfee 4814 07.25.2006 no virus found
Microsoft 1.1508 07.26.2006 no virus found
NOD32v2 1.1679 07.26.2006 no virus found
Norman 5.90.23 07.26.2006 no virus found
Panda 9.0.0.4 07.26.2006 no virus found
Sophos 4.07.0 07.26.2006 no virus found
Symantec 8.0 07.26.2006 no virus found
TheHacker 5.9.8.181 07.25.2006 no virus found
UNA 1.83 07.25.2006 no virus found
VBA32 3.11.0 07.26.2006 suspected of Trojan.Perflog.12
VirusBuster 4.3.7:9 07.25.2006 no virus found

это действительно троян, свежайший ITW ...

Complete scanning result of "Process._xe", received in VirusTotal at 07.28.2006, 13:34:13 (CET).

Antivirus Version Update Result
AntiVir 6.35.1.0 07.28.2006 no virus found
Authentium 4.93.8 07.28.2006 no virus found
Avast 4.7.844.0 07.26.2006 no virus found
AVG 386 07.27.2006 no virus found
BitDefender 7.2 07.28.2006 no virus found
CAT-QuickHeal 8.00 07.26.2006 no virus found
ClamAV devel-20060426 07.27.2006 no virus found
DrWeb 4.33 07.28.2006 no virus found
eTrust-InoculateIT 23.72.80 07.28.2006 no virus found
eTrust-Vet 12.6.2314 07.28.2006 no virus found
Ewido 4.0 07.27.2006 no virus found
Fortinet 2.77.0.0 07.27.2006 no virus found
F-Prot 3.16f 07.27.2006 no virus found
F-Prot4 4.2.1.29 07.27.2006 no virus found
Ikarus 0.2.65.0 07.27.2006 no virus found
Kaspersky 4.0.2.24 07.28.2006 no virus found
McAfee 4816 07.27.2006 potentially unwanted program PrcViewer
Microsoft 1.1508 07.27.2006 no virus found
NOD32v2 1.1682 07.27.2006 Win32/PrcView
Norman 5.90.23 07.28.2006 no virus found
Panda 9.0.0.4 07.27.2006 Application/Processor
Sophos 4.07.0 07.28.2006 no virus found
Symantec 8.0 07.28.2006 no virus found
TheHacker 5.9.8.182 07.27.2006 Aplicacion/Processor.20
UNA 1.83 07.27.2006 no virus found
VBA32 3.11.0 07.27.2006 no virus found
VirusBuster 4.3.7:9 07.27.2006 no virus found

Aditional Information
File size: 53248 bytes
MD5: 7397f6ee4a9601a123b645c0cd428017
SHA1: 890368473ecbc404dcd42ff0c6c38397102f59c0

Complete scanning result of "avz00003.dta", received in VirusTotal at 07.29.2006, 07:58:27 (CET).

Antivirus Version Update Result
AntiVir 6.35.1.0 07.28.2006 no virus found
Authentium 4.93.8 07.29.2006 no virus found
Avast 4.7.844.0 07.28.2006 no virus found
AVG 386 07.28.2006 no virus found
BitDefender 7.2 07.29.2006 no virus found
CAT-QuickHeal 8.00 07.28.2006 no virus found
ClamAV devel-20060426 07.27.2006 no virus found
DrWeb 4.33 07.28.2006 no virus found
eTrust-InoculateIT 23.72.81 07.29.2006 no virus found
eTrust-Vet 12.6.2314 07.28.2006 no virus found
Ewido 4.0 07.28.2006 no virus found
Fortinet 2.77.0.0 07.29.2006 W32/Small.UD!tr
F-Prot 3.16f 07.28.2006 no virus found
F-Prot4 4.2.1.29 07.28.2006 no virus found
Ikarus 0.2.65.0 07.28.2006 no virus found
Kaspersky 4.0.2.24 07.29.2006 no virus found
McAfee 4817 07.28.2006 no virus found
Microsoft 1.1508 07.27.2006 no virus found
NOD32v2 1.1683 07.28.2006 no virus found
Norman 5.90.23 07.28.2006 no virus found
Panda 9.0.0.4 07.28.2006 no virus found
Sophos 4.08.0 07.29.2006 no virus found
Symantec 8.0 07.29.2006 no virus found
TheHacker 5.9.8.182 07.27.2006 no virus found
UNA 1.83 07.28.2006 no virus found
VBA32 3.11.0 07.28.2006 no virus found
VirusBuster 4.3.7:9 07.28.2006 no virus found

Aditional Information
File size: 186368 bytes
MD5: e9cd5f02365e9a0e92772bb08120385a
SHA1: 374b3ad656445df8c721ceb895eaeff96c16c8d1
packers: PecBundle, PECompact

Complete scanning result of "avz00004.dta", received in VirusTotal at 07.29.2006, 08:02:29 (CET).

Antivirus Version Update Result
AntiVir 6.35.1.0 07.28.2006 no virus found
Authentium 4.93.8 07.29.2006 no virus found
Avast 4.7.844.0 07.28.2006 no virus found
AVG 386 07.28.2006 BackDoor.Agent.BWP
BitDefender 7.2 07.29.2006 Trojan.Antiav.3.9
CAT-QuickHeal 8.00 07.28.2006 no virus found
ClamAV devel-20060426 07.27.2006 no virus found
DrWeb 4.33 07.28.2006 Trojan.MulDrop.3299
eTrust-InoculateIT 23.72.81 07.29.2006 no virus found
eTrust-Vet 12.6.2314 07.28.2006 Win32/Covesmer.L
Ewido 4.0 07.28.2006 Backdoor.Agent.adr
Fortinet 2.77.0.0 07.29.2006 W32/Agent.ADR!tr.bdr
F-Prot 3.16f 07.28.2006 no virus found
F-Prot4 4.2.1.29 07.28.2006 no virus found
Ikarus 0.2.65.0 07.28.2006 no virus found
Kaspersky 4.0.2.24 07.29.2006 no virus found
McAfee 4817 07.28.2006 no virus found
Microsoft 1.1508 07.27.2006 no virus found
NOD32v2 1.1683 07.28.2006 a variant of Win32/TrojanDropper.Agent.AKO
Norman 5.90.23 07.28.2006 no virus found
Panda 9.0.0.4 07.28.2006 Adware/SpySheriff
Sophos 4.08.0 07.29.2006 no virus found
Symantec 8.0 07.29.2006 no virus found
TheHacker 5.9.8.182 07.27.2006 no virus found
UNA 1.83 07.28.2006 no virus found
VBA32 3.11.0 07.28.2006 no virus found
VirusBuster 4.3.7:9 07.28.2006 no virus found


Aditional Information
File size: 184320 bytes
MD5: bd5d084936a498db3e938b2316707657
SHA1: d993877ba3828857853266d4fa15cdeda258865e

Complete scanning result of "drsmartload185a.exe", received in VirusTotal at 07.29.2006, 08:54:23 (CET).
Antivirus Version Update Result
AntiVir 6.35.1.0 07.28.2006 no virus found
Authentium 4.93.8 07.29.2006 no virus found
Avast 4.7.844.0 07.28.2006 no virus found
AVG 386 07.28.2006 no virus found
BitDefender 7.2 07.29.2006 BehavesLike:Trojan.Downloader
CAT-QuickHeal 8.00 07.28.2006 no virus found
ClamAV devel-20060426 07.27.2006 no virus found
DrWeb 4.33 07.28.2006 Adware.DollarRevenue
eTrust-InoculateIT 23.72.81 07.29.2006 no virus found
eTrust-Vet 12.6.2314 07.28.2006 no virus found
Ewido 4.0 07.28.2006 Downloader.VB.aiw
Fortinet 2.77.0.0 07.29.2006 no virus found
F-Prot 3.16f 07.28.2006 no virus found
F-Prot4 4.2.1.29 07.28.2006 no virus found
Ikarus 0.2.65.0 07.28.2006 no virus found
Kaspersky 4.0.2.24 07.29.2006 no virus found
McAfee 4817 07.28.2006 no virus found
Microsoft 1.1508 07.27.2006 no virus found
NOD32v2 1.1683 07.28.2006 Win32/TrojanDownloader.Adload.NAR
Norman 5.90.23 07.28.2006 no virus found
Panda 9.0.0.4 07.28.2006 no virus found
Sophos 4.08.0 07.29.2006 no virus found
Symantec 8.0 07.29.2006 no virus found
TheHacker 5.9.8.182 07.27.2006 no virus found
UNA 1.83 07.28.2006 no virus found
VBA32 3.11.0 07.28.2006 no virus found
VirusBuster 4.3.7:9 07.28.2006 no virus found
---------------
Complete scanning result of "win32.exe", received in VirusTotal at 07.29.2006, 09:00:53 (CET).
Antivirus Version Update Result
AntiVir 6.35.1.0 07.29.2006 TR/Dldr.Tibs.C
Authentium 4.93.8 07.29.2006 W32/Downloader.AFBZ
Avast 4.7.844.0 07.28.2006 Win32:Tibs-DG
AVG 386 07.28.2006 no virus found
BitDefender 7.2 07.29.2006 no virus found
CAT-QuickHeal 8.00 07.28.2006 no virus found
ClamAV devel-20060426 07.27.2006 no virus found
DrWeb 4.33 07.28.2006 Trojan.DownLoader.10891
eTrust-InoculateIT 23.72.81 07.29.2006 no virus found
eTrust-Vet 12.6.2314 07.28.2006 Win32/Vxidl!generic
Ewido 4.0 07.28.2006 Downloader.Tibs.gc
Fortinet 2.77.0.0 07.29.2006 no virus found
F-Prot 3.16f 07.28.2006 W32/Downloader.AFBZ
F-Prot4 4.2.1.29 07.28.2006 Possibly a new unknown PE_Virus!Maximus
Ikarus 0.2.65.0 07.28.2006 no virus found
Kaspersky 4.0.2.24 07.29.2006 no virus found
McAfee 4817 07.28.2006 no virus found
Microsoft 1.1508 07.27.2006 no virus found
NOD32v2 1.1683 07.28.2006 probably a variant of Win32/TrojanDownloader.Small.AWA
Norman 5.90.23 07.28.2006 no virus found
Panda 9.0.0.4 07.28.2006 Suspicious file
Sophos 4.08.0 07.29.2006 no virus found
Symantec 8.0 07.29.2006 Trojan.Galapoper.A
TheHacker 5.9.8.182 07.27.2006 no virus found
UNA 1.83 07.28.2006 no virus found
VBA32 3.11.0 07.28.2006 Trojan.DownLoader.10891
VirusBuster 4.3.7:9 07.28.2006 no virus found

Complete scanning result of "SYS2.DLL", received in VirusTotal at 07.31.2006, 08:32:08 (CET).

Antivirus Version Update Result
AntiVir6.35.1.007.30.2006no virus found
Authentium4.93.807.29.2006no virus found
Avast4.7.844.007.29.2006no virus found
AVG38607.28.2006no virus found
BitDefender7.207.31.2006no virus found
CAT-QuickHeal8.0007.31.2006no virus found
ClamAVdevel-2006042607.31.2006no virus found
DrWeb 4.3307.30.2006no virus found
eTrust-InoculateIT23.72.8207.30.2006no virus found
eTrust-Vet12.6.231407.28.2006no virus found
Ewido4.007.30.2006no virus found
Fortinet2.77.0.007.30.2006no virus found
F-Prot3.16f07.28.2006no virus found
F-Prot44.2.1.2907.28.2006no virus found
Ikarus0.2.65.007.28.2006no virus found
[B] Kaspersky4.0.2.2407.31.2006not-a-virus:Monitor.Win32.ActualSpy.a[/B]
McAfee481707.28.2006no virus found
Microsoft1.150807.27.2006no virus found
[B] NOD32v21.168407.29.2006a variant of Win32/RiskWare.ActualSpy[/B]
Norman5.90.2307.28.2006no virus found
Panda9.0.0.407.30.2006no virus found
Sophos4.08.007.30.2006no virus found
Symantec8.007.31.2006no virus found
TheHacker5.9.8.18307.30.2006no virus found
UNA1.8307.28.2006no virus found
[B] VBA323.11.007.31.2006suspected of Malware.Delf.24[/B]
VirusBuster4.3.7:907.30.2006no virus found

[U]Aditional Information[/U]
File size: 20480 bytes
MD5: 154c89f71c125660f1ef4cc7a903a1e9
SHA1: 0914c5ca347e090fec684eab8b18fa2f3076183f
packers: embedded

Complete scanning result of "pmnlm.dll", received in VirusTotal at 07.31.2006, 13:24:31 (CET).

Antivirus Version Update Result
AntiVir 6.35.1.0 07.31.2006 ADSPY/Virtumonde.BD
Authentium 4.93.8 07.29.2006 no virus found
Avast 4.7.844.0 07.31.2006 no virus found
AVG 386 07.28.2006 no virus found
BitDefender 7.2 07.31.2006 no virus found
CAT-QuickHeal 8.00 07.31.2006 no virus found
ClamAV devel-20060426 07.31.2006 no virus found
DrWeb 4.33 07.31.2006 Trojan.Virtumod
eTrust-InoculateIT 23.72.82 07.30.2006 no virus found
eTrust-Vet 12.6.2318 07.31.2006 Win32/Vundo
Ewido 4.0 07.30.2006 no virus found
Fortinet 2.77.0.0 07.30.2006 suspicious
F-Prot 3.16f 07.28.2006 no virus found
F-Prot4 4.2.1.29 07.28.2006 no virus found
Ikarus 0.2.65.0 07.28.2006 no virus found
Kaspersky 4.0.2.24 07.31.2006 not-a-virus:AdWare.Win32.Virtumonde.gen
McAfee 4817 07.28.2006 Vundo
Microsoft 1.1508 07.27.2006 no virus found
NOD32v2 1.1684 07.29.2006 no virus found
Norman 5.90.23 07.31.2006 no virus found
Panda 9.0.0.4 07.30.2006 Suspicious file
Sophos 4.08.0 07.31.2006 no virus found
Symantec 8.0 07.31.2006 no virus found
TheHacker 5.9.8.183 07.30.2006 no virus found
UNA 1.83 07.28.2006 no virus found
VBA32 3.11.0 07.31.2006 no virus found
VirusBuster 4.3.7:9 07.30.2006 no virus found

Aditional Information
File size: 581684 bytes
MD5: 124748ab0a385191bf04af0336e6df55
SHA1: 3d87c659daccfb410a4aa36a1004c3f95f48c0e7
packers: embedded

Complete scanning result of "DC008_FOTO.JGP___________________", received in VirusTotal at 08.01.2006, 07:24:32 (CET).

AntivirusVersionUpdateResult [B]
AntiVir6.35.1.007.31.2006HEUR/Win32.Virus.Hdr[/B]
Authentium4.93.807.31.2006no virus found
Avast4.7.844.007.31.2006no virus found
AVG38607.31.2006no virus found
BitDefender7.208.01.2006no virus found
[B] CAT-QuickHeal8.0007.31.2006(Suspicious) - DNAScan[/B]
[B] ClamAVdevel-2006042608.01.2006Trojan.Downloader.Small-1712[/B]
DrWeb 4.3307.31.2006no virus found
eTrust-InoculateIT23.72.8307.31.2006no virus found
eTrust-Vet12.6.231807.31.2006no virus found
Ewido4.007.31.2006no virus found
[B] Fortinet2.77.0.008.01.2006suspicious[/B]
F-Prot3.16f07.31.2006no virus found
F-Prot44.2.1.2907.31.2006no virus found
[B] Ikarus0.2.65.007.31.2006Trojan-Downloader.Win32.Small.CIE[/B]
Kaspersky4.0.2.2408.01.2006no virus found
[B] McAfee481807.31.2006Downloader-ZL[/B]
[B] Microsoft1.150807.27.2006TrojanDropper:Win32/Small.gen[/B]
[B] NOD32v21.168507.31.2006probably unknown NewHeur_PE virus[/B]
[B] Norman5.90.2307.31.2006W32/Downloader
Panda9.0.0.407.31.2006Trj/Downloader.JOU[/B]
Sophos4.08.008.01.2006no virus found
[B] Symantec8.008.01.2006Trojan.Gobrena[/B]
TheHacker5.9.8.18407.31.2006no virus found
UNA1.8307.31.2006no virus found
[B] VBA323.11.007.31.2006suspected of Win32.Trojan.Downloader (http://{removed}/flash/menu6.swf)[/B]
VirusBuster4.3.7:907.31.2006no virus found

[U]Aditional Information[/U] File size: 2369 bytesMD5: e3fa68c3f01a36db8bf3e246f1f1b457SHA1: 670f099c4cd4f9ab12ee899c95d5bb85594c2655Norman SandBox:
[ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [EMAIL="[email protected]"][email protected][/EMAIL] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* File length: 2369 bytes.

[ Changes to filesystem ]
* Creates file C:oot.log.
* Deletes file c:oot.log.
* Creates file C:autoexec32.exe.

[ Network services ]
* Downloads file from [URL="http://update.microsoft.com/"]http://update.microsoft.com/[/URL] as c:oot.log.
* Downloads file from xttp//www.eden21.net/flash/menu6.swf as c:autoexec32.exe.

[ Security issues ]
* Starting downloaded file - potential security problem.

Complete scanning result of "GainPlugin.dll", received in VirusTotal at 08.01.2006, 10:52:38 (CET).

AntivirusVersionUpdateResult
[B] AntiVir6.35.1.008.01.2006 ADSPY/Gator.1101.2[/B]
Authentium4.93.807.31.2006 no virus found
Avast4.7.844.007.31.2006 no virus found
[B] AVG38607.31.2006 Adware Generic.CYU[/B]
BitDefender7.208.01.2006 no virus found
CAT-QuickHeal-07.31.2006 no virus found
ClamAVdevel-2006042608.01.2006 no virus found
DrWebn- no virus found
eTrust-InoculateIT23.72.8307.31.2006 no virus found
eTrust-Vet12.6.231908.01.2006 no virus found
Ewido4.008.01.2006 no virus found
Fortinet2.77.0.008.01.2006 no virus found
F-Prot3.16f07.31.2006 no virus found
F-Prot44.2.1.2907.31.2006 no virus found
Ikarus0.2.65.007.31.2006 no virus found
[B] Kaspersky4.0.2.2408.01.2006 not-a-virus:AdWare.Win32.Gator.1101[/B]
[B] McAfee481807.31.2006 potentially unwanted program Adware-GAIN[/B]
Microsoft1.150807.27.2006 no virus found
NOD32v21.168608.01.2006 no virus found
Norman5.90.2307.31.2006 no virus found
[B] Panda9.0.0.407.31.2006 Suspicious file[/B]
Sophos4.08.008.01.2006 no virus found
Symantec8.008.01.2006 no virus found
TheHacker5.9.8.18407.31.2006 no virus found
UNA1.8308.01.2006 no virus found
[B] VBA323.11.007.31.2006 suspected of Adware.Gator.3[/B]
VirusBuster4.3.7:907.31.2006 no virus found

[U]Aditional Information[/U]
File size: 65536 bytes
MD5: 34cc0828ec37e6a04bfe48b521689e4f
SHA1: 4586064fee90142f4eb9ce5836664256fce19745

Результаты

AntiVir 6.35.1.0 08.02.2006 HEUR/Crypted.Modified
Authentium 4.93.8 08.02.2006 no virus found
Avast 4.7.844.0 08.02.2006 Win32:Ldpinch-EJ
AVG 386 08.01.2006 no virus found
BitDefender 7.2 08.02.2006 no virus found
CAT-QuickHeal 8.00 08.02.2006 no virus found
ClamAV devel-20060426 08.02.2006 no virus found
DrWeb 4.33 08.02.2006 no virus found
eTrust-InoculateIT 23.72.84 08.01.2006 no virus found
eTrust-Vet 12.6.2321 08.02.2006 no virus found
Ewido 4.0 08.02.2006 no virus found
Fortinet 2.77.0.0 08.02.2006 suspicious
F-Prot 3.16f 08.02.2006 no virus found
F-Prot4 4.2.1.29 08.02.2006 no virus found
Ikarus 0.2.65.0 08.02.2006 no virus found
Kaspersky 4.0.2.24 08.02.2006 no virus found
McAfee 4819 08.01.2006 no virus found
Microsoft 1.1508 08.02.2006 Win32/Ldpinch
NOD32v2 1.1687 08.01.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 08.02.2006 no virus found
Panda 9.0.0.4 08.01.2006 Suspicious file
Sophos 4.08.0 08.02.2006 Troj/LdPnch-Gen
Symantec 8.0 08.02.2006 no virus found
TheHacker 5.9.8.185 08.02.2006 no virus found
UNA 1.83 08.01.2006 no virus found
VBA32 3.11.0 08.01.2006 suspected of Trojan-PSW.PdPinch.1
VirusBuster 4.3.7:9 08.01.2006 no virus found

Complete scanning result of "intcodec-v6.335.exe", received in VirusTotal at 08.05.2006, 19:31:11 (CET).

AntiVir 6.35.1.0 08.05.2006 no virus found
Authentium 4.93.8 08.04.2006 no virus found
Avast 4.7.844.0 08.04.2006 no virus found
[b] AVG 386 08.04.2006 Downloader.Zlob.CGR [/b]
[b]BitDefender 7.2 08.05.2006 Trojan.Zlob.Gen [/b]
CAT-QuickHeal 8.00 08.04.2006 no virus found
[b]ClamAV devel-20060426 08.04.2006 Trojan.Downloader.Zlob-471[/b]
DrWeb 4.33 08.05.2006 no virus found
eTrust-InoculateIT 23.72.87 08.04.2006 no virus found
eTrust-Vet 12.6.2324 08.04.2006 no virus found
Ewido 4.0 08.05.2006 no virus found
[b]Fortinet 2.77.0.0 08.05.2006 suspicious [/b]
F-Prot 3.16f 08.04.2006 no virus found
F-Prot4 4.2.1.29 08.04.2006 no virus found
[b]Ikarus 0.2.65.0 08.04.2006 Trojan-Downloader.Win32.Zlob.ni [/b]
Kaspersky 4.0.2.24 08.05.2006 no virus found
McAfee 4822 08.04.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1693 08.05.2006 no virus found
Norman 5.90.23 08.04.2006 no virus found
Panda 9.0.0.4 08.05.2006 no virus found
Sophos 4.08.0 08.05.2006 no virus found
Symantec 8.0 08.05.2006 no virus found
TheHacker 5.9.8.186 08.04.2006 no virus found
[b] UNA 1.83 08.04.2006 TrojanDownloader.Win32.Zlob [/b]
VBA32 3.11.0 08.04.2006 no virus found
VirusBuster 4.3.7:9 08.05.2006 no virus found

Antivirus Version Update Result
AntiVir 6.35.1.0 08.07.2006 HEUR/Hijacker
Authentium 4.93.8 08.06.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast 4.7.844.0 08.04.2006 no virus found
AVG 386 08.05.2006 PSW.Generic2.CYG
BitDefender 7.2 08.07.2006 Generic.Malware.SMB.B37B41D1
CAT-QuickHeal 8.00 08.07.2006 no virus found
ClamAV devel-20060426 08.06.2006 no virus found
DrWeb 4.33 08.07.2006 Trojan.PWS.Rat
eTrust-InoculateIT 23.72.88 08.06.2006 no virus found
eTrust-Vet 12.6.2324 08.04.2006 no virus found
Ewido 4.0 08.06.2006 Logger.TheRat.b
Fortinet 2.77.0.0 08.07.2006 no virus found
F-Prot 3.16f 08.06.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4 4.2.1.29 08.06.2006 W32/Threat-HLLSI-based!Maximus
Ikarus 0.2.65.0 08.07.2006 no virus found
Kaspersky 4.0.2.24 08.07.2006 Trojan-Spy.Win32.TheRat.b
McAfee 4822 08.04.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1694 08.05.2006 no virus found
Norman 5.90.23 08.04.2006 no virus found
Panda 9.0.0.4 08.06.2006 no virus found
Sophos 4.08.0 08.07.2006 no virus found
Symantec 8.0 08.07.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.04.2006 no virus found
VBA32 3.11.0 08.06.2006 Trojan-Spy.Win32.TheRat.b
VirusBuster 4.3.7:9 08.06.2006 no virus found

Antivirus Version Update Result
AntiVir 6.35.1.0 08.07.2006 TR/VB.akr
Authentium 4.93.8 08.06.2006 no virus found
Avast 4.7.844.0 08.04.2006 Win32:Trojan-gen. {VB}
AVG 386 08.05.2006 Generic.SPI
BitDefender 7.2 08.07.2006 Trojan.Vb.AKR
CAT-QuickHeal 8.00 08.07.2006 no virus found
ClamAV devel-20060426 08.06.2006 no virus found
DrWeb 4.33 08.07.2006 Trojan.PWS.Yah
eTrust-InoculateIT 23.72.88 08.06.2006 no virus found
eTrust-Vet 12.6.2324 08.04.2006 no virus found
Ewido 4.0 08.06.2006 Trojan.VB.akr
Fortinet 2.77.0.0 08.07.2006 W32/VB.AKR!tr
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.07.2006 no virus found
Kaspersky 4.0.2.24 08.07.2006 Trojan.Win32.VB.akr
McAfee 4822 08.04.2006 W32/Generic.worm!p2p
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1694 08.05.2006 Win32/VB.AKR
Norman 5.90.23 08.04.2006 W32/VBTroj.BJD
Panda 9.0.0.4 08.06.2006 Suspicious file
Sophos 4.08.0 08.07.2006 no virus found
Symantec 8.0 08.07.2006 Trojan Horse
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.04.2006 no virus found
VBA32 3.11.0 08.06.2006 no virus found
VirusBuster 4.3.7:9 08.06.2006 no virus found

AntiVir 6.35.1.0 08.07.2006 EXP/Agent.B
Authentium 4.93.8 08.06.2006 no virus found
Avast 4.7.844.0 08.04.2006 no virus found
AVG 386 08.05.2006 no virus found
BitDefender 7.2 08.07.2006 no virus found
CAT-QuickHeal 8.00 08.07.2006 no virus found
ClamAV devel-20060426 08.06.2006 no virus found
DrWeb 4.33 08.07.2006 no virus found
eTrust-InoculateIT 23.72.88 08.06.2006 no virus found
eTrust-Vet 12.6.2328 08.07.2006 no virus found
Ewido 4.0 08.07.2006 Hijacker.Agent.a
Fortinet 2.77.0.0 08.07.2006 HTML/Clicker.B!tr
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.07.2006 no virus found
Kaspersky 4.0.2.24 08.07.2006 Trojan-Clicker.HTML.Agent.a
McAfee 4822 08.04.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1694 08.05.2006 no virus found
Norman 5.90.23 08.07.2006 no virus found
Panda 9.0.0.4 08.07.2006 no virus found
Sophos 4.08.0 08.07.2006 no virus found
Symantec 8.0 08.07.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.04.2006 no virus found
VBA32 3.11.0 08.07.2006 Trojan-Clicker.HTML.Agent.a#22
VirusBuster 4.3.7:9 08.07.2006 no virus found

Complete scanning result of "exe_1", received in VirusTotal at 08.07.2006, 18:04:10 (CET).
Antivirus Version Update Result
AntiVir 6.35.1.0 08.07.2006 HEUR/Win32.Virus.HLLP
Authentium 4.93.8 08.06.2006 no virus found
Avast 4.7.844.0 08.04.2006 no virus found
AVG 386 08.07.2006 no virus found
BitDefender 7.2 08.07.2006 MemScan:Backdoor.Haxdoor.IX
CAT-QuickHeal 8.00 08.07.2006 no virus found
ClamAV devel-20060426 08.07.2006 no virus found
DrWeb 4.33 08.07.2006 Trojan.MulDrop.3820
eTrust-InoculateIT 23.72.88 08.06.2006 Win32/Unknown!Trojan
eTrust-Vet 12.6.2328 08.07.2006 Win32/Multidropper.AJ
Ewido 4.0 08.07.2006 no virus found
Fortinet 2.77.0.0 08.07.2006 W32/Small.APZ!tr
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.07.2006 no virus found
Kaspersky 4.0.2.24 08.07.2006 Trojan-Dropper.Win32.Small.apz
McAfee 4823 08.07.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1695 08.07.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 08.07.2006 no virus found
Panda 9.0.0.4 08.07.2006 Suspicious file
Sophos 4.08.0 08.07.2006 no virus found
Symantec 8.0 08.07.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.04.2006 TrojanDropper.Win32.Small
VBA32 3.11.0 08.07.2006 Trojan-Dropper.Win32.Small.apz
VirusBuster 4.3.7:9 08.07.2006 no virus found

Aditional Information
File size: 65654 bytes
MD5: a3404e3847ff77d63d6183361224fe1a
SHA1: 58fd90a5ea3037c694caf54d186318c99b20cb42
packers: embedded

Complete scanning result of "exe_2", received in VirusTotal at 08.07.2006, 18:04:37 (CET).
Antivirus Version Update Result
AntiVir 6.35.1.0 08.07.2006 no virus found
Authentium 4.93.8 08.06.2006 no virus found
Avast 4.7.844.0 08.04.2006 Win32:Trojan-gen. {Other}
AVG 386 08.07.2006 no virus found
BitDefender 7.2 08.07.2006 Backdoor.Haxdoor.IX
CAT-QuickHeal 8.00 08.07.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 08.07.2006 no virus found
DrWeb 4.33 08.07.2006 BackDoor.Haxdoor.287
eTrust-InoculateIT 23.72.88 08.06.2006 no virus found
eTrust-Vet 12.6.2328 08.07.2006 Win32/Haxdoor!generic
Ewido 4.0 08.07.2006 no virus found
Fortinet 2.77.0.0 08.07.2006 suspicious
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.07.2006 no virus found
Kaspersky 4.0.2.24 08.07.2006 Backdoor.Win32.Haxdoor.iy
McAfee 4823 08.07.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1695 08.07.2006 a variant of Win32/Haxdoor
Norman 5.90.23 08.07.2006 W32/Haxdoor.ALQ
Panda 9.0.0.4 08.07.2006 Bck/Haxdoor.LR
Sophos 4.08.0 08.07.2006 no virus found
Symantec 8.0 08.07.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.04.2006 no virus found
VBA32 3.11.0 08.07.2006 suspected of Embedded.Backdoor.Win32.Haxdoor.iy
VirusBuster 4.3.7:9 08.07.2006 Trojan.DR.Haxdoor.Gen.4

Aditional Information
File size: 53189 bytes
MD5: 673bec1a7aeb5a4ea96d230909eb413f
SHA1: af6db7da9dfad7f5142547a8bdc9256cd1961c39
packers: FSG

Complete scanning result of "lger.exe", received in VirusTotal at 08.08.2006, 13:53:30
(CET).

Antivirus Version Update Result
AntiVir 6.35.1.0 08.08.2006 no virus found
Authentium 4.93.8 08.08.2006 no virus found
Avast 4.7.844.0 08.04.2006 no virus found
AVG 386 08.07.2006 no virus found
BitDefender 7.2 08.08.2006 Dropped:Trojan.Downloader.Small.CYF
CAT-QuickHeal 8.00 08.08.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 08.08.2006 no virus found
DrWeb 4.33 08.08.2006 Trojan.MulDrop.4061
eTrust-InoculateIT 23.72.89 08.08.2006 no virus found
eTrust-Vet 12.6.2329 08.08.2006 no virus found
Ewido 4.0 08.08.2006 no virus found
Fortinet 2.77.0.0 08.08.2006 no virus found
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.08.2006 no virus found
Kaspersky 4.0.2.24 08.08.2006 Trojan-Dropper.Win32.Agent.atu
McAfee 4823 08.07.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1696 08.07.2006 a variant of Win32/TrojanDownloader.Small.NLI
Norman 5.90.23 08.08.2006 W32/Downloader
Panda 9.0.0.4 08.07.2006 Suspicious file
Sophos 4.08.0 08.08.2006 no virus found
Symantec 8.0 08.08.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.07.2006 no virus found
VBA32 3.11.0 08.07.2006 suspected of Embedded.Trojan-Dropper.Win32.Tiny.d
VirusBuster 4.3.7:9 08.07.2006 no virus found

Aditional Information
File size: 29184 bytes
MD5: ed090462824e8eee300d212063346088
SHA1: 2cb8c50c7008a55a2f6113ed6ae7d50c3752af83
packers: PecBundle, PECompact
Norman SandBox:
[ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email][email protected][/email] - REMEMBER TO
ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing PEC2.
* Creating several executable files on hard-drive.
* File length: 29184 bytes.

[ Changes to filesystem ]
* Creates file C:WINDOWSTEMP<981.exe.
* Creates file C:WINDOWSSYSTEM32shchostv.exe.
* Creates file C:WINDOWSTEMPwertiodfio898e.tmp.
* Creates file C:WINDOWSTEMP?31.exe.

[ Changes to registry ]
* Sets value "WINID"="01C641D3E6DC73F0" in key "HKCUSoftwareMicrosoftWindowsCurrentVersionExplorer".
* Creates value "win_drivr32"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKCUSoftwareMicrosoftWindowsCurrentVersionRun".
* Creates value "win_drivr32"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnce".
* Creates key "HKCUSoftwareMicrosoftWindows NTCurrentVersionWindows".
* Sets value "load"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKCUSoftwareMicrosoftWindows
NTCurrentVersionWindows".
* Sets value "run"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKCUSoftwareMicrosoftWindows
NTCurrentVersionWindows".
* Creates value "win_drivr32"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun".
* Creates key "HKLMSoftwareMicrosoftWindowsCurrentVersionRunOnce".
* Sets value "win_drivr32"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRunOnce".
* Creates key "HKLMSoftwareMicrosoftWindows NTcurrentversionWindows".
* Sets value "load"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKLMSoftwareMicrosoftWindows
NTcurrentversionWindows".
* Sets value "run"="C:WINDOWSSYSTEM32shchostv.exe" in key "HKLMSoftwareMicrosoftWindows
NTcurrentversionWindows".
* Creates key "HKLMSoftwareMicrosoftWindows NTcurrentversionWinlogon".

Complete scanning result of "qw.exe", received in VirusTotal at 08.08.2006, 14:08:20
(CET).

Antivirus Version Update Result
AntiVir 6.35.1.0 08.08.2006 no virus found
Authentium 4.93.8 08.08.2006 no virus found
Avast 4.7.844.0 08.04.2006 no virus found
AVG 386 08.07.2006 no virus found
BitDefender 7.2 08.08.2006 no virus found
CAT-QuickHeal 8.00 08.08.2006 no virus found
ClamAV devel-20060426 08.08.2006 no virus found
DrWeb 4.33 08.08.2006 Trojan.Spambot
eTrust-InoculateIT 23.72.89 08.08.2006 no virus found
eTrust-Vet 12.6.2329 08.08.2006 Win32/Suspect
Ewido 4.0 08.08.2006 no virus found
Fortinet 2.77.0.0 08.08.2006 no virus found
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.08.2006 no virus found
Kaspersky 4.0.2.24 08.08.2006 no virus found
McAfee 4823 08.07.2006 New Malware.am
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1696 08.07.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 08.08.2006 no virus found
Panda 9.0.0.4 08.07.2006 Suspicious file
Sophos 4.08.0 08.08.2006 no virus found
Symantec 8.0 08.08.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.07.2006 no virus found
VBA32 3.11.0 08.07.2006 no virus found
VirusBuster 4.3.7:9 08.07.2006 no virus found

Aditional Information
File size: 23552 bytes
MD5: 5b2a41c86daec7124db931bf34b0580a
SHA1: a28ef328eca64d4adf43b12cb44ed0f4a38c0366

Complete scanning result of "drsmartload45a.exe", received in VirusTotal at 08.08.2006, 15:24:20 (CET).
Antivirus Version Update Result
AntiVir 6.35.1.0 08.08.2006 no virus found
Authentium 4.93.8 08.08.2006 no virus found
Avast 4.7.844.0 08.08.2006 no virus found
AVG 386 08.07.2006 no virus found
BitDefender 7.2 08.08.2006 BehavesLike:Trojan.Downloader
CAT-QuickHeal 8.00 08.08.2006 no virus found
ClamAV devel-20060426 08.08.2006 no virus found
DrWeb 4.33 08.08.2006 Adware.DollarRevenue
eTrust-InoculateIT 23.72.89 08.08.2006 no virus found
eTrust-Vet 12.6.2329 08.08.2006 no virus found
Ewido 4.0 08.08.2006 Downloader.Adload.ds
Fortinet 2.77.0.0 08.08.2006 no virus found
F-Prot 3.16f 08.06.2006 no virus found
F-Prot4 4.2.1.29 08.06.2006 no virus found
Ikarus 0.2.65.0 08.08.2006 no virus found
Kaspersky 4.0.2.24 08.08.2006 no virus found
McAfee 4823 08.07.2006 no virus found
Microsoft 1.1508 08.04.2006 no virus found
NOD32v2 1.1696 08.07.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 08.08.2006 no virus found
Panda 9.0.0.4 08.07.2006 no virus found
Sophos 4.08.0 08.08.2006 no virus found
Symantec 8.0 08.08.2006 no virus found
TheHacker 5.9.8.187 08.07.2006 no virus found
UNA 1.83 08.07.2006 no virus found
VBA32 3.11.0 08.07.2006 no virus found
VirusBuster 4.3.7:9 08.07.2006 no virus found

Aditional Information
File size: 20480 bytes
MD5: f894952eaa7bf9ececac0c15667fae53
SHA1: 1a9be5e685e4bb47daa7e23353a0f27bae506c12