Исследование антивирусов 6

**ZhIV** · 01.02.2008, 04:04

Файл index.htm получен 2008.02.01 01:58:21 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.1.10 2008.01.31 -
AntiVir 7.6.0.59 2008.01.31 -
Authentium 4.93.8 2008.01.31 -
Avast 4.7.1098.0 2008.02.01 -
AVG 7.5.0.516 2008.01.31 -
BitDefender 7.2 2008.02.01 -
CAT-QuickHeal 9.00 2008.01.30 -
ClamAV 0.92 2008.01.31 -
DrWeb 4.44.0.09170 2008.01.31 Worm.Sifiliz
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5501 2008.02.01 -
Ewido 4.0 2008.01.31 -
FileAdvisor 1 2008.02.01 -
Fortinet 3.14.0.0 2008.01.31 -
F-Prot 4.4.2.54 2008.01.30 -
F-Secure 6.70.13260.0 2008.01.31 Trojan-Downloader.JS.Remora.bg
Ikarus T3.1.1.20 2008.02.01 -
Kaspersky 7.0.0.125 2008.02.01 Trojan-Downloader.JS.Remora.bg
McAfee 5220 2008.01.31 -
Microsoft 1.3109 2008.02.01 -
NOD32v2 2841 2008.02.01 -
Norman 5.80.02 2008.01.31 -
Panda 9.0.0.4 2008.01.31 -
Prevx1 V2 2008.02.01 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.25.0 2008.01.31 Mal/ObfJS-R
Sunbelt 2.2.907.0 2008.02.01 -
Symantec 10 2008.02.01 -
TheHacker 6.2.9.203 2008.01.30 -
VBA32 3.12.2.6 2008.01.31 -
VirusBuster 4.3.26:9 2008.01.31 -
Webwasher-Gateway 6.6.2 2008.02.01 -

Дополнительная информация
File size: 24033 bytes
MD5: 49ea90c5d9dec69efd4050b1c3b3346b
SHA1: 1fbe03de0685da4c9c617dfd226e2d4a2af9ad67
PEiD: -

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**Vinni** · 01.02.2008, 04:31

http://www.virustotal.com/analisis/6...7210e515e0a04b
Зловред в NTFS-потоке (stream) svchost.exe:ext.exe

File d.exe received on 01.24.2008 20:52:44 (CET)
Result: 8/31 (25.81%)

Код:

Antivirus 	Version 	Last Update 	Result
AhnLab-V3 	2008.1.25.10 	2008.01.24 	-
AntiVir 	7.6.0.48 	2008.01.24 	TR/Crypt.XPACK.Gen
Authentium 	4.93.8 	2008.01.24 	-
Avast 	4.7.1098.0 	2008.01.23 	-
AVG 	7.5.0.516 	2008.01.24 	-
BitDefender 	7.2 	2008.01.24 	BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal 	9.00 	2008.01.24 	-
ClamAV 	0.91.2 	2008.01.24 	-
DrWeb 	4.44.0.09170 	2008.01.24 	-
eSafe 	7.0.15.0 	2008.01.16 	suspicious Trojan/Worm
eTrust-Vet 	31.3.5482 	2008.01.24 	-
Ewido 	4.0 	2008.01.24 	-
FileAdvisor 	1 	2008.01.24 	-
Fortinet 	3.14.0.0 	2008.01.24 	-
F-Prot 	4.4.2.54 	2008.01.24 	-
F-Secure 	6.70.13260.0 	2008.01.24 	-
Ikarus 	T3.1.1.20 	2008.01.24 	Virus.Win32.Obfuscated.BTM
Kaspersky 	7.0.0.125 	2008.01.24 	Heur.Trojan.Generic
McAfee 	5214 	2008.01.23 	-
Microsoft 	1.3109 	2008.01.24 	Trojan:Win32/Pugeju.A
NOD32v2 	2820 	2008.01.24 	-
Norman 	5.80.02 	2008.01.24 	-
Panda 	9.0.0.4 	2008.01.24 	-
Prevx1 	V2 	2008.01.24 	Covert.Code
Rising 	20.28.31.00 	2008.01.24 	-
Sophos 	4.24.0 	2008.01.24 	Mal/Behav-150
Sunbelt 	2.2.907.0 	2008.01.23 	-
Symantec 	10 	2008.01.24 	-
TheHacker 	6.2.9.196 	2008.01.23 	-
VBA32 	3.12.2.5 	2008.01.21 	-
VirusBuster 	4.3.26:9 	2008.01.24 	-

Additional information
File size: 51200 bytes
MD5: 71d7d37bcc9554229ef53624b1aa687e
SHA1: 7f49cf680a1b5375e104fe6a5b85cbb5f812f627
PEiD: -
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: http://info.prevx.com/aboutprogramte...20D200A1579A40

**Shu_b** · 01.02.2008, 12:27

Январь

**Синауридзе Александр** · 02.02.2008, 07:45

Файл menu.dll получен 2008.02.02 05:12:53 (CET)

AhnLab-V3 2008.2.2.10 2008.02.01 -
AntiVir 7.6.0.61 2008.02.01 -
Authentium 4.93.8 2008.02.01 W32/Trojan.BPOL
Avast 4.7.1098.0 2008.02.01 Win32:Horse-AA
AVG 7.5.0.516 2008.02.01 -
BitDefender 7.2 2008.02.02 Trojan.Horse.Pws.Ldpinch.DQY
CAT-QuickHeal 9.00 2008.02.01 -
ClamAV 0.92 2008.02.02 -
DrWeb 4.44.0.09170 2008.02.01 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5504 2008.02.01 Win32/VMalum.ABBN
Ewido 4.0 2008.02.01 -
FileAdvisor 1 2008.02.02 High threat detected
Fortinet 3.14.0.0 2008.02.02 -
F-Prot 4.4.2.54 2008.02.01 W32/Trojan.BPOL
F-Secure 6.70.13260.0 2008.02.01 W32/LdPinch.IYH
Ikarus T3.1.1.20 2008.02.02 Trojan.Horse.Pws.Ldpinch.DQY
Kaspersky 7.0.0.125 2008.02.02 -
McAfee 5221 2008.02.01 -
Microsoft 1.3204 2008.02.02 -
NOD32v2 2845 2008.02.02 -
Norman 5.80.02 2008.02.01 W32/LdPinch.IYH
Panda 9.0.0.4 2008.02.01 Suspicious file
Prevx1 V2 2008.02.02 Infostealer
Rising 20.29.22.00 2008.01.30 Trojan.PSW.Win32.LdPinch.rat
Sophos 4.26.0 2008.02.02 -
Sunbelt 2.2.907.0 2008.02.02 Trojan.Horse.Pws.Ldpinch.DQY
Symantec 10 2008.02.02 Infostealer
TheHacker 6.2.9.205 2008.02.01 -
VBA32 3.12.6.0 2008.02.02 -
VirusBuster 4.3.26:9 2008.02.01 -
Webwasher-Gateway 6.6.2 2008.02.01 -

Дополнительная информация
File size: 26112 bytes
MD5: 32f93c22f79f6658721e82e55f31006a
SHA1: bbcd66ac2e2298f06d245c0c6ba6fa5ac7cb0857
PEiD: -
Bit9 info: http://fileadvisor.bit9.com/services...1e82e55f31006a
packers: UPX
Prevx info: http://info.prevx.com/aboutprogramte...A7FE0035C7E59B

**Groft** · 05.02.2008, 02:14

Файл IPRTbox.exe получен 2008.02.05 00:04:37 (CET)
Текущий статус: закончено
Результат: 7/32 (21.88%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.5.10 2008.02.04 -
AntiVir 7.6.0.62 2008.02.04 -
Authentium 4.93.8 2008.02.04 -
Avast 4.7.1098.0 2008.02.04 -
AVG 7.5.0.516 2008.02.04 -
BitDefender 7.2 2008.02.04 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.04 -
DrWeb 4.44.0.09170 2008.02.04 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5511 2008.02.04 -
Ewido 4.0 2008.02.04 -
FileAdvisor 1 2008.02.05 -
Fortinet 3.14.0.0 2008.02.04 -
F-Prot 4.4.2.54 2008.02.04 W32/Heuristic-162!Eldorado
F-Secure 6.70.13260.0 2008.02.04 -
Ikarus T3.1.1.20 2008.02.04 Trojan-Downloader.Win32.Banload.kl
Kaspersky 7.0.0.125 2008.02.04 -
McAfee 5222 2008.02.04 -
Microsoft 1.3204 2008.02.04 -
NOD32v2 2848 2008.02.04 -
Norman 5.80.02 2008.02.04 -
Panda 9.0.0.4 2008.02.04 Suspicious file
Prevx1 V2 2008.02.05 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.04 Sus/ComPack-C
Sunbelt 2.2.907.0 2008.02.02 VIPRE.Suspicious
Symantec 10 2008.02.04 -
TheHacker 6.2.9.208 2008.02.04 -
VBA32 3.12.6.0 2008.02.03 Trojan-PSW.Win32.LdPinch.bsj
VirusBuster 4.3.26:9 2008.02.04 -
Webwasher-Gateway 6.6.2 2008.02.04 Win32.Malware.gen

Файл ______________________________.ra получен 2008.02.05 00:08:14 (CET)
Текущий статус: закончено
Результат: 2/32 (6.25%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.5.10 2008.02.04 -
AntiVir 7.6.0.62 2008.02.04 -
Authentium 4.93.8 2008.02.04 -
Avast 4.7.1098.0 2008.02.04 -
AVG 7.5.0.516 2008.02.04 -
BitDefender 7.2 2008.02.04 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.04 -
DrWeb 4.44.0.09170 2008.02.04 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5511 2008.02.04 -
Ewido 4.0 2008.02.04 -
FileAdvisor 1 2008.02.05 -
Fortinet 3.14.0.0 2008.02.04 -
F-Prot 4.4.2.54 2008.02.04 -
F-Secure 6.70.13260.0 2008.02.04 -
Ikarus T3.1.1.20 2008.02.04 -
Kaspersky 7.0.0.125 2008.02.04 -
McAfee 5222 2008.02.04 -
Microsoft 1.3204 2008.02.04 -
NOD32v2 2848 2008.02.04 -
Norman 5.80.02 2008.02.04 -
Panda 9.0.0.4 2008.02.04 -
Prevx1 V2 2008.02.05 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.04 -
Sunbelt 2.2.907.0 2008.02.02 -
Symantec 10 2008.02.04 -
TheHacker 6.2.9.208 2008.02.04 Trojan/Small.e
VBA32 3.12.6.0 2008.02.03 Trojan-Clicker.SWF.Small.e
VirusBuster 4.3.26:9 2008.02.04 -
Webwasher-Gateway 6.6.2 2008.02.04 -

**Макcим** · 07.02.2008, 14:03

Тема http://virusinfo.info/showthread.php?t=17687

Код:

Файл mssrv32.exe получен 2008.02.07 11:48:31 (CET)
Антивирус	Версия	Обновление	Результат
AhnLab-V3	2008.2.6.10	2008.02.05	-
AntiVir	7.6.0.62	2008.02.07	HEUR/Crypted
Authentium	4.93.8	2008.02.06	-
Avast	4.7.1098.0	2008.02.06	-
AVG	7.5.0.516	2008.02.06	Crypt.H
BitDefender	7.2	2008.02.07	-
CAT-QuickHeal	9.00	2008.02.04	-
ClamAV	0.92	2008.02.07	-
DrWeb	4.44.0.09170	2008.02.07	-
eSafe	7.0.15.0	2008.01.28	Suspicious File
eTrust-Vet	31.3.5518	2008.02.07	-
Ewido	4.0	2008.02.06	-
FileAdvisor	1	2008.02.07	-
Fortinet	3.14.0.0	2008.02.06	-
F-Prot	4.4.2.54	2008.02.06	-
F-Secure	6.70.13260.0	2008.02.07	-
Ikarus	T3.1.1.20	2008.02.07	-
Kaspersky	7.0.0.125	2008.02.07	-
McAfee	5224	2008.02.06	-
Microsoft	1.3204	2008.02.07	-
NOD32v2	2855	2008.02.07	-
Norman	5.80.02	2008.02.06	-
Panda	9.0.0.4	2008.02.07	-
Rising	20.29.22.00	2008.01.30	-
Sophos	4.26.0	2008.02.07	-
Sunbelt	2.2.907.0	2008.02.07	-
Symantec	10	2008.02.07	-
TheHacker	6.2.9.211	2008.02.06	-
VBA32	3.12.6.0	2008.02.07	-
VirusBuster	4.3.26:9	2008.02.06	-
Webwasher-Gateway	6.6.2	2008.02.07	Heuristic.Crypted
Дополнительная информация
File size: 16384 bytes
MD5: c5cfaaf9390bd8f7afdcfeff829ed7e5
SHA1: 013c2f14176db49505e93a84243027bfa597fd70
PEiD: -

**rubin** · 07.02.2008, 17:04

Склеен к игрушке троянчик
Файл IQ-Test.exe получен 2008.02.07 14:54:57 (CET)

Код:

AhnLab-V3	2008.2.6.10	2008.02.05	-
AntiVir	7.6.0.62	2008.02.07	TR/Crypt.XDR.Gen
Authentium	4.93.8	2008.02.06	-
Avast	4.7.1098.0	2008.02.06	Win32:IRCBot-CNV
AVG	7.5.0.516	2008.02.06	Dropper.FreeJoiner.D
BitDefender	7.2	2008.02.07	DeepScan:Generic.Malware.Fdld!!.C033CF9B
CAT-QuickHeal	9.00	2008.02.04	-
ClamAV	0.92	2008.02.07	-
DrWeb	4.44.0.09170	2008.02.07	-
eSafe	7.0.15.0	2008.01.28	-
eTrust-Vet	31.3.5518	2008.02.07	-
Ewido	4.0	2008.02.07	-
FileAdvisor	1	2008.02.07	-
Fortinet	3.14.0.0	2008.02.07	-
F-Prot	4.4.2.54	2008.02.06	-
F-Secure	6.70.13260.0	2008.02.07	W32/Smalltroj.CQSR
Ikarus	T3.1.1.20	2008.02.07	-
Kaspersky	7.0.0.125	2008.02.07	Heur.Trojan.Generic
McAfee	5224	2008.02.06	-
Microsoft	1.3204	2008.02.07	-
NOD32v2	2855	2008.02.07	-
Norman	5.80.02	2008.02.06	W32/Smalltroj.CQSR
Panda	9.0.0.4	2008.02.07	Suspicious file
Prevx1	V2	2008.02.07	-
Rising	20.29.22.00	2008.01.30	-
Sophos	4.26.0	2008.02.07	Sus/Behav-1018
Sunbelt	2.2.907.0	2008.02.07	-
Symantec	10	2008.02.07	-
TheHacker	6.2.9.211	2008.02.06	-
VBA32	3.12.6.0	2008.02.07	-
VirusBuster	4.3.26:9	2008.02.07	-
Webwasher-Gateway	6.6.2	2008.02.07	Trojan.Crypt.XDR.Gen

File size: 1883754 bytes
MD5: f19c795419075e9a6f2100d795db5af2
SHA1: ea37994d7a08ea4b6b7362f7acff0e17ed660ce4
PEiD: -
packers: embedded

**ZhIV** · 08.02.2008, 06:47

Файл exp_1_.htm получен 2008.02.08 04:09:24 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.07 -
Authentium 4.93.8 2008.02.08 -
Avast 4.7.1098.0 2008.02.07 -
AVG 7.5.0.516 2008.02.07 JS/Downloader.Agent
BitDefender 7.2 2008.02.08 Exploit.AdodbStream.J
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.08 -
DrWeb 4.44.0.09170 2008.02.07 VBS.PackFor
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5520 2008.02.07 -
Ewido 4.0 2008.02.07 -
FileAdvisor 1 2008.02.08 -
Fortinet 3.14.0.0 2008.02.07 JS/WebAttacker!exploit
F-Prot 4.4.2.54 2008.02.07 -
F-Secure 6.70.13260.0 2008.02.08 JS/Laume.gen2
Ikarus T3.1.1.20 2008.02.08 Trojan-Downloader.JS.Psyme.hu
Kaspersky 7.0.0.125 2008.02.08 Trojan-Downloader.JS.Iframe.as
McAfee 5225 2008.02.07 JS/Downloader-AUD
Microsoft 1.3204 2008.02.07 TrojanDownloader:JS/Psyme.gen
NOD32v2 2857 2008.02.07 -
Norman 5.80.02 2008.02.07 JS/Laume.gen2
Panda 9.0.0.4 2008.02.07 -
Prevx1 V2 2008.02.08 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.07 Mal/ObfJS-A
Sunbelt 2.2.907.0 2008.02.08 -
Symantec 10 2008.02.08 Downloader
TheHacker 6.2.9.212 2008.02.07 Trojan/Downloader.vbs
VBA32 3.12.6.0 2008.02.07 -
VirusBuster 4.3.26:9 2008.02.07 JS.Agent.B
Webwasher-Gateway 6.6.2 2008.02.07 JS.WebAttacker.gen (suspicious)

Дополнительная информация
File size: 20097 bytes
MD5: 83bae86b7cae28d9f7b5c7be4817540d
SHA1: 99cb925ec8a31de1f95ed7128a57fe0e162e54d0
PEiD: -
packers: Crypt.DCScript

Добавлено через 19 минут

Файл index_25_.htm получен 2008.02.08 04:28:36 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.07 -
Authentium 4.93.8 2008.02.08 IRC/IESlice.B
Avast 4.7.1098.0 2008.02.07 -
AVG 7.5.0.516 2008.02.07 JS/Psyme
BitDefender 7.2 2008.02.08 Trojan.Js.Downloader.BDS
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.08 JS.XorCrypt
DrWeb 4.44.0.09170 2008.02.07 VBS.Psyme.434
eSafe 7.0.15.0 2008.01.28 JS.MS06-006
eTrust-Vet 31.3.5520 2008.02.07 -
Ewido 4.0 2008.02.07 -
FileAdvisor 1 2008.02.08 -
Fortinet 3.14.0.0 2008.02.07 -
F-Prot 4.4.2.54 2008.02.07 -
F-Secure 6.70.13260.0 2008.02.08 Trojan-Downloader.JS.Agent.xp
Ikarus T3.1.1.20 2008.02.08 Trojan-Downloader.JS.Agent.kd
Kaspersky 7.0.0.125 2008.02.08 Trojan-Downloader.JS.Agent.xp
McAfee 5225 2008.02.07 JS/Downloader-BCZ
Microsoft 1.3204 2008.02.07 -
NOD32v2 2857 2008.02.07 -
Norman 5.80.02 2008.02.07 -
Panda 9.0.0.4 2008.02.07 -
Prevx1 V2 2008.02.08 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.07 Troj/JSXor-Gen
Sunbelt 2.2.907.0 2008.02.08 -
Symantec 10 2008.02.08 Downloader
TheHacker 6.2.9.212 2008.02.07 -
VBA32 3.12.6.0 2008.02.07 -
VirusBuster 4.3.26:9 2008.02.07 -
Webwasher-Gateway 6.6.2 2008.02.07 JavaScript.CodeUnfolding.gen!High (suspicious)

Дополнительная информация
File size: 28724 bytes
MD5: 34c529faa4b4d134712ccb5275678287
SHA1: fbb8ddad32173ced31c7aad4f2f3f81cbf90acb5
PEiD: -

Файл index_12_.htm получен 2008.02.08 04:28:12 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.07 HEUR/Exploit.HTML
Authentium 4.93.8 2008.02.08 -
Avast 4.7.1098.0 2008.02.07 -
AVG 7.5.0.516 2008.02.07 JS/Downloader.Agent
BitDefender 7.2 2008.02.08 Exploit.AdodbStream.J
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.08 -
DrWeb 4.44.0.09170 2008.02.07 VBS.PackFor
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5520 2008.02.07 -
Ewido 4.0 2008.02.07 -
FileAdvisor 1 2008.02.08 -
Fortinet 3.14.0.0 2008.02.07 JS/WebAttacker!exploit
F-Prot 4.4.2.54 2008.02.07 -
F-Secure 6.70.13260.0 2008.02.08 JS/Laume.gen2
Ikarus T3.1.1.20 2008.02.08 Trojan-Downloader.JS.Psyme.hu
Kaspersky 7.0.0.125 2008.02.08 Trojan-Downloader.JS.Psyme.wm
McAfee 5225 2008.02.07 JS/Downloader-AUD
Microsoft 1.3204 2008.02.07 TrojanDownloader:JS/Psyme.gen
NOD32v2 2857 2008.02.07 -
Norman 5.80.02 2008.02.07 JS/Laume.gen2
Panda 9.0.0.4 2008.02.07 -
Prevx1 V2 2008.02.08 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.07 Mal/ObfJS-A
Sunbelt 2.2.907.0 2008.02.08 -
Symantec 10 2008.02.08 Downloader
TheHacker 6.2.9.212 2008.02.07 Trojan/Downloader.vbs
VBA32 3.12.6.0 2008.02.07 -
VirusBuster 4.3.26:9 2008.02.07 JS.Agent.B
Webwasher-Gateway 6.6.2 2008.02.07 Heuristic.Exploit.HTML

Дополнительная информация
File size: 3203 bytes
MD5: f97aff745b816bcf995b274ee55bc94c
SHA1: 42460eeb33e41c47ad0df4280bd369640009cee8
PEiD: -
packers: Crypt.DCScript

Файл stroimdom_1_.htm получен 2008.02.08 04:28:48 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.07 -
Authentium 4.93.8 2008.02.08 -
Avast 4.7.1098.0 2008.02.07 -
AVG 7.5.0.516 2008.02.07 Downloader.Agent
BitDefender 7.2 2008.02.08 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.08 -
DrWeb 4.44.0.09170 2008.02.07 Worm.Sifiliz
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5520 2008.02.07 -
Ewido 4.0 2008.02.07 -
FileAdvisor 1 2008.02.08 -
Fortinet 3.14.0.0 2008.02.07 -
F-Prot 4.4.2.54 2008.02.07 -
F-Secure 6.70.13260.0 2008.02.08 Trojan-Downloader.JS.Remora.w
Ikarus T3.1.1.20 2008.02.08 -
Kaspersky 7.0.0.125 2008.02.08 Trojan-Downloader.JS.Remora.w
McAfee 5225 2008.02.07 -
Microsoft 1.3204 2008.02.07 -
NOD32v2 2857 2008.02.07 -
Norman 5.80.02 2008.02.07 -
Panda 9.0.0.4 2008.02.07 -
Prevx1 V2 2008.02.08 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.07 Mal/ObfJS-R
Sunbelt 2.2.907.0 2008.02.08 -
TheHacker 6.2.9.212 2008.02.07 -
VBA32 3.12.6.0 2008.02.07 -
VirusBuster 4.3.26:9 2008.02.07 -
Webwasher-Gateway 6.6.2 2008.02.07 -

Дополнительная информация
File size: 18746 bytes
MD5: 460a06f4ebe4145585139e9feadf64db
SHA1: 3d5e6b32fa1cc343ea0e554222821e15dbff844c
PEiD: -
Скидывал похожий http://virusinfo.info/showpost.php?p...&postcount=181 но изменился у Каспера?

**strawser** · 08.02.2008, 11:50

File NOD32.patch.rar received on 02.08.2008 09:44:37 (CET)
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.08 -
Authentium 4.93.8 2008.02.08 -
Avast 4.7.1098.0 2008.02.07 -
AVG 7.5.0.516 2008.02.07 -
BitDefender 7.2 2008.02.08 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.08 -
DrWeb 4.44.0.09170 2008.02.08 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5521 2008.02.08 -
Ewido 4.0 2008.02.07 -
FileAdvisor 1 2008.02.08 -
Fortinet 3.14.0.0 2008.02.08 -
F-Prot 4.4.2.54 2008.02.07 -
F-Secure 6.70.13260.0 2008.02.08 Trojan.Win32.Delf.aym
Ikarus T3.1.1.20 2008.02.08 -
Kaspersky 7.0.0.125 2008.02.08 Trojan.Win32.Delf.aym
McAfee 5225 2008.02.07 -
Microsoft 1.3204 2008.02.07 -
NOD32v2 2857 2008.02.07 -
Norman 5.80.02 2008.02.07 -
Panda 9.0.0.4 2008.02.07 Suspicious file
Prevx1 V2 2008.02.08 Heuristic: Suspicious File With Mass Email Capabilities
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.08 -
Sunbelt 2.2.907.0 2008.02.08 -
Symantec 10 2008.02.08 -
TheHacker 6.2.9.212 2008.02.07 -
VBA32 3.12.6.0 2008.02.07 -
VirusBuster 4.3.26:9 2008.02.07 -
Webwasher-Gateway 6.6.2 2008.02.08 -
Additional information
File size: 275308 bytes
MD5: 4d50ed5c1d0d9dd684e53d07e8e37f93
SHA1: e4ece7e90cb5b0eb472ad4dcc5809e290bde05ef
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...CC3B0006AAD80D

**ALEX(XX)** · 08.02.2008, 22:15

File keygen.exe received on 02.08.2008 20:05:21 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.08 HEUR/Crypted
Authentium 4.93.8 2008.02.08 -
Avast 4.7.1098.0 2008.02.07 -
AVG 7.5.0.516 2008.02.08 -
BitDefender 7.2 2008.02.08 DeepScan:Generic.PWStealer.A6978279
CAT-QuickHeal None 2008.02.08 (Suspicious) - DNAScan
ClamAV 0.92 2008.02.08 -
DrWeb 4.44.0.09170 2008.02.08 -
eSafe 7.0.15.0 2008.01.28 suspicious Trojan/Worm
eTrust-Vet 31.3.5521 2008.02.08 -
Ewido 4.0 2008.02.08 -
FileAdvisor 1 2008.02.08 -
Fortinet 3.14.0.0 2008.02.08 -
F-Prot 4.4.2.54 2008.02.08 W32/Heuristic-259!Eldorado
F-Secure 6.70.13260.0 2008.02.08 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.02.08 Trojan-PWS.Win32.LdPinch.bna
Kaspersky 7.0.0.125 2008.02.08 -
McAfee 5226 2008.02.08 -
Microsoft 1.3204 2008.02.08 -
NOD32v2 2860 2008.02.08 Win32/PSW.LdPinch.BFP
Norman 5.80.02 2008.02.08 -
Panda 9.0.0.4 2008.02.08 Suspicious file
Prevx1 V2 2008.02.08 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.08 Mal/Basine-C
Sunbelt 2.2.907.0 2008.02.08 Trojan-PWS.Pinch.gen (v)
Symantec 10 2008.02.08 Bloodhound.W32.EP
TheHacker 6.2.9.212 2008.02.07 -
VBA32 3.12.6.0 2008.02.07 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.26:9 2008.02.08 -
Webwasher-Gateway 6.6.2 2008.02.08 Heuristic.Crypted

Additional information
File size: 39412 bytes
MD5: 7c4e30ad66723bdd1a4668e6e456d6c0
SHA1: bfc60d80dd6667110124833660fe3ffb6b5b7fd6
PEiD: UnoPiX 1.03-1.10 -> BaGiE
packers: PE-Crypt.Unopix
packers: PE-Crypt.Unopix

**ZhIV** · 12.02.2008, 05:20

Файл about.htm получен 2008.02.12 02:22:44 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.12.10 2008.02.11 -
AntiVir 7.6.0.62 2008.02.11 -
Authentium 4.93.8 2008.02.11 -
Avast 4.7.1098.0 2008.02.11 -
AVG 7.5.0.516 2008.02.11 -
BitDefender 7.2 2008.02.12 -
CAT-QuickHeal None 2008.02.11 -
ClamAV 0.92 2008.02.11 -
DrWeb 4.44.0.09170 2008.02.11 VBS.PackFor
eSafe 7.0.15.0 2008.02.11 -
eTrust-Vet 31.3.5529 2008.02.11 -
Ewido 4.0 2008.02.11 -
FileAdvisor 1 2008.02.12 -
Fortinet 3.14.0.0 2008.02.11 -
F-Prot 4.4.2.54 2008.02.11 -
F-Secure 6.70.13260.0 2008.02.11 DoS.JS.Dframe.n
Ikarus T3.1.1.20 2008.02.12 -
Kaspersky 7.0.0.125 2008.02.12 DoS.JS.Dframe.n
McAfee 5227 2008.02.11 Exploit-IFrame
Microsoft 1.3204 2008.02.11 -
NOD32v2 2866 2008.02.11 -
Norman 5.80.02 2008.02.11 -
Panda 9.0.0.4 2008.02.11 W32/Dowlod.A
Prevx1 V2 2008.02.12 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.12 Troj/Pintadd-A
Sunbelt 2.2.907.0 2008.02.09 -
Symantec 10 2008.02.12 -
TheHacker 6.2.9.217 2008.02.11 -
VBA32 3.12.6.0 2008.02.11 -
VirusBuster 4.3.26:9 2008.02.11 -
Webwasher-Gateway 6.6.2 2008.02.11 -

Дополнительная информация
File size: 27253 bytes
MD5: 1ebf12da5d67600b2dc441e8d9e96957
SHA1: da3092880c2752112399a5c5d0adbed9ac3f3793
PEiD: -

Добавлено через 23 минуты

Файл svc32_2.exe получен 2008.02.12 02:54:49 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.12.10 2008.02.11 -
AntiVir 7.6.0.62 2008.02.11 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.02.11 -
Avast 4.7.1098.0 2008.02.11 -
AVG 7.5.0.516 2008.02.11 Generic9.ATZP
BitDefender 7.2 2008.02.12 -
CAT-QuickHeal None 2008.02.11 TrojanDownloader.Agent.hvo
ClamAV 0.92 2008.02.11 Trojan.Downloader-21900
DrWeb 4.44.0.09170 2008.02.11 Trojan.Packed.147
eSafe 7.0.15.0 2008.02.11 -
eTrust-Vet 31.3.5529 2008.02.11 -
Ewido 4.0 2008.02.11 Downloader.Agent.hvo
FileAdvisor 1 2008.02.12 -
Fortinet 3.14.0.0 2008.02.11 -
F-Prot 4.4.2.54 2008.02.11 -
F-Secure 6.70.13260.0 2008.02.11 W32/Agent.EBCK
Ikarus T3.1.1.20 2008.02.12 -
Kaspersky 7.0.0.125 2008.02.12 Trojan-Downloader.Win32.Agent.ivn
McAfee 5227 2008.02.11 -
Microsoft 1.3204 2008.02.11 TrojanDownloader:Win32/Chepvil.C
NOD32v2 2866 2008.02.11 Win32/TrojanDownloader.Tiny.NDC
Norman 5.80.02 2008.02.11 W32/Agent.EBCK
Panda 9.0.0.4 2008.02.11 -
Prevx1 V2 2008.02.12 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.12 -
Sunbelt 2.2.907.0 2008.02.12 -
Symantec 10 2008.02.12 -
TheHacker 6.2.9.217 2008.02.11 -
VBA32 3.12.6.0 2008.02.11 Trojan-Downloader.Win32.Agent.hvo
VirusBuster 4.3.26:9 2008.02.11 Trojan.DL.Agent.CWOL
Webwasher-Gateway 6.6.2 2008.02.11 Trojan.Crypt.XPACK.Gen

Дополнительная информация
File size: 14297 bytes
MD5: 6711f411acb9a3e510a250295bc21a4e
SHA1: 77fae6ffc6448626d729f28ba7f0fb70fa53d354
PEiD: -

Добавлено через 13 минут

Файл x86emul.sys получен 2008.02.12 02:48:36 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.12.10 2008.02.11 -
AntiVir 7.6.0.62 2008.02.11 TR/Rootkit.Gen
Authentium 4.93.8 2008.02.11 W32/Goldun.gen3
Avast 4.7.1098.0 2008.02.11 Win32:Agent-RUC
AVG 7.5.0.516 2008.02.11 PSW.Generic5.AIAX
BitDefender 7.2 2008.02.12 -
CAT-QuickHeal None 2008.02.11 Rootkit.Agent.xq
ClamAV 0.92 2008.02.11 -
DrWeb 4.44.0.09170 2008.02.11 Trojan.NtRootKit.765
eSafe 7.0.15.0 2008.02.11 -
eTrust-Vet 31.3.5529 2008.02.11 Win32/ProcHide!generic
Ewido 4.0 2008.02.11 -
FileAdvisor 1 2008.02.12 -
Fortinet 3.14.0.0 2008.02.11 W32/Haxdor.XQ!tr.rkit
F-Prot 4.4.2.54 2008.02.11 W32/Goldun.gen3
F-Secure 6.70.13260.0 2008.02.11 W32/Rootkit.CYJ
Ikarus T3.1.1.20 2008.02.12 Rootkit.Win32.Agent.xq
Kaspersky 7.0.0.125 2008.02.12 Rootkit.Win32.Agent.xq
McAfee 5227 2008.02.11 Generic.dx
Microsoft 1.3204 2008.02.11 VirTool:WinNT/HideDrv.gen!A
NOD32v2 2866 2008.02.11 Win32/Spy.Goldun.NCL
Norman 5.80.02 2008.02.11 W32/Rootkit.CYJ
Panda 9.0.0.4 2008.02.11 Rootkit/Goldun.RP
Prevx1 V2 2008.02.12 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.12 Troj/Haxdor-Gen
Sunbelt 2.2.907.0 2008.02.12 -
Symantec 10 2008.02.12 -
TheHacker 6.2.9.217 2008.02.11 -
VBA32 3.12.6.0 2008.02.11 Trojan.NtRootKit.765
VirusBuster 4.3.26:9 2008.02.11 -
Webwasher-Gateway 6.6.2 2008.02.11 Trojan.Rootkit.Gen

Дополнительная информация
File size: 8512 bytes
MD5: 796ee2b24ea2621e25a61d4be3f20de7
SHA1: a68f203ada4b8e8ceabad88bb372aedf51983d79
PEiD: -

Файл admin.exe получен 2008.02.12 03:05:10 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.12.10 2008.02.11 -
AntiVir 7.6.0.62 2008.02.11 TR/Dldr.Tiny.ZZ
Authentium 4.93.8 2008.02.11 -
Avast 4.7.1098.0 2008.02.11 -
AVG 7.5.0.516 2008.02.11 Downloader.Small.BPL
BitDefender 7.2 2008.02.12 -
CAT-QuickHeal None 2008.02.11 TrojanDownloader.Tiny.agv
ClamAV 0.92 2008.02.11 -
DrWeb 4.44.0.09170 2008.02.11 Trojan.DownLoader.46195
eSafe 7.0.15.0 2008.02.11 -
eTrust-Vet 31.3.5529 2008.02.11 -
Ewido 4.0 2008.02.11 Downloader.Tiny.agv
FileAdvisor 1 2008.02.12 -
Fortinet 3.14.0.0 2008.02.11 -
F-Prot 4.4.2.54 2008.02.11 -
F-Secure 6.70.13260.0 2008.02.11 W32/Tiny.COK
Ikarus T3.1.1.20 2008.02.12 Trojan-Spy.Win32.Zbot.aft
Kaspersky 7.0.0.125 2008.02.12 Trojan-Downloader.Win32.Tiny.agv
McAfee 5227 2008.02.11 -
Microsoft 1.3204 2008.02.11 -
NOD32v2 2866 2008.02.11 Win32/TrojanDownloader.Tiny.NDD
Norman 5.80.02 2008.02.11 W32/Tiny.COK
Panda 9.0.0.4 2008.02.11 Trj/Downloader.SHV
Prevx1 V2 2008.02.12 Heuristic: Suspicious File With Bad Child Associations
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.12 Mal/Generic-A
Sunbelt 2.2.907.0 2008.02.12 Trojan-Downloader.Tiny.ZZ
Symantec 10 2008.02.12 Downloader
TheHacker 6.2.9.217 2008.02.11 -
VBA32 3.12.6.0 2008.02.11 Trojan-Downloader.Win32.Tiny.agv
VirusBuster 4.3.26:9 2008.02.11 Trojan.DL.Tiny.UB
Webwasher-Gateway 6.6.2 2008.02.11 Trojan.Dldr.Tiny.ZZ

Дополнительная информация
File size: 6656 bytes
MD5: 3d44f3381da2e000ae7caa2a2ada4d07
SHA1: 8db54305d2f30bcda07e4f49f010b76e906b36f0
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...04AE002109C37D

**NickGolovko** · 13.02.2008, 16:32

Файл avz00002.dta получен 2008.02.13 05:18:19 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.13.11 2008.02.13 -
AntiVir 7.6.0.65 2008.02.12 TR/Crypt.NSPM.Gen
Authentium 4.93.8 2008.02.13 -
Avast 4.7.1098.0 2008.02.12 -
AVG 7.5.0.516 2008.02.12 -
BitDefender 7.2 2008.02.13 Packer.Malware.NSAnti.K
CAT-QuickHeal None 2008.02.12 -
ClamAV 0.92 2008.02.12 -
DrWeb 4.44.0.09170 2008.02.12 modification of Win32.Besso
eSafe 7.0.15.0 2008.02.11 suspicious Trojan/Worm
eTrust-Vet 31.3.5532 2008.02.12 -
Ewido 4.0 2008.02.12 -
FileAdvisor 1 2008.02.13 -
Fortinet 3.14.0.0 2008.02.13 -
F-Prot 4.4.2.54 2008.02.12 -
F-Secure 6.70.13260.0 2008.02.13 -
Ikarus T3.1.1.20 2008.02.13 Packer.Malware.NSAnti.K
Kaspersky 7.0.0.125 2008.02.13 -
McAfee 5228 2008.02.12 -
Microsoft 1.3204 2008.02.12 VirTool:Win32/Obfuscator.T
NOD32v2 2870 2008.02.12 Win32/Pacex.Gen
Norman 5.80.02 2008.02.12 W32/NSAnti.GGV
Panda 9.0.0.4 2008.02.13 Suspicious file
Prevx1 V2 2008.02.13 Heuristic: Suspicious Self Modifying EXE
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.13 Mal/EncPk-CE
Sunbelt 2.2.907.0 2008.02.13 -
Symantec 10 2008.02.13 -
TheHacker 6.2.9.218 2008.02.12 -
VBA32 3.12.6.0 2008.02.11 -
VirusBuster 4.3.26:9 2008.02.12 -
Webwasher-Gateway 6.6.2 2008.02.12 Trojan.Crypt.NSPM.Gen
Дополнительная информация
File size: 40960 bytes
MD5: 194d05919c679b92511c74ab20dfa491
SHA1: e9db2cd817fdd98b68cc404ce2998a3e96df8118
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...CAB0004AED2E0A

**Shu_b** · 13.02.2008, 17:32

t-17985

Код:

File avz00001.dta received on 02.13.2008 15:22:24 (CET)
Antivirus	Version	Last Update	Result
AhnLab-V3	2008.2.13.11	2008.02.13	-
AntiVir	7.6.0.65	2008.02.13	TR/Vundo.gc
Authentium	4.93.8	2008.02.13	-
Avast	4.7.1098.0	2008.02.13	-
AVG	7.5.0.516	2008.02.13	Generic9.BAKO
BitDefender	7.2	2008.02.13	Trojan.Vundo.Gen.2
CAT-QuickHeal	None	2008.02.13	-
ClamAV	0.92	2008.02.13	-
DrWeb	4.44.0.09170	2008.02.13	-
eSafe	7.0.15.0	2008.02.11	-
eTrust-Vet	31.3.5533	2008.02.13	-
Ewido	4.0	2008.02.13	-
FileAdvisor	1	2008.02.13	-
Fortinet	3.14.0.0	2008.02.13	-
F-Prot	4.4.2.54	2008.02.12	W32/Virtumonde.G.gen!Eldorado
F-Secure	6.70.13260.0	2008.02.13	Vundo.gen55
Ikarus	T3.1.1.20	2008.02.13	Trojan.Vundo.Gen.2
Kaspersky	7.0.0.125	2008.02.13	-
McAfee	5228	2008.02.12	-
Microsoft	1.3204	2008.02.13	-
NOD32v2	2871	2008.02.13	-
Norman	5.80.02	2008.02.12	Vundo.gen55
Panda	9.0.0.4	2008.02.13	-
Prevx1	V2	2008.02.13	Trojan.Vundo
Rising	20.31.10.00	2008.02.13	-
Sophos	4.26.0	2008.02.13	Troj/Virtum-Gen
Sunbelt	2.2.907.0	2008.02.13	-
Symantec	10	2008.02.13	-
TheHacker	6.2.9.218	2008.02.12	-
VBA32	3.12.6.0	2008.02.11	-
VirusBuster	4.3.26:9	2008.02.12	-
Webwasher-Gateway	6.6.2	2008.02.13	Trojan.Vundo.gc
Additional information
File size: 334336 bytes

**ZhIV** · 14.02.2008, 11:26

Файл winAIdtEM.exe получен 2008.02.14 08:44:43 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.14.11 2008.02.14 -
AntiVir 7.6.0.65 2008.02.14 -
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.13 -
AVG 7.5.0.516 2008.02.13 -
BitDefender 7.2 2008.02.14 -
CAT-QuickHeal None 2008.02.13 -
ClamAV 0.92 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.13 -
eSafe 7.0.15.0 2008.02.13 -
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.13 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.13 -
F-Secure 6.70.13260.0 2008.02.14 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.02.14 -
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5229 2008.02.13 -
Microsoft 1.3204 2008.02.14 Trojan:Win32/Chksyn.gen!A
NOD32v2 2873 2008.02.13 -
Norman 5.80.02 2008.02.13 -
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 -
Rising 20.31.10.00 2008.02.13 -
Sophos 4.26.0 2008.02.14 -
Sunbelt 2.2.907.0 2008.02.14 -
Symantec 10 2008.02.14 -
TheHacker 6.2.9.219 2008.02.13 -
VBA32 3.12.6.1 2008.02.14 -
VirusBuster 4.3.26:9 2008.02.13 -
Webwasher-Gateway 6.6.2 2008.02.14 Win32.Malware.gen (suspicious)

Дополнительная информация
File size: 7661 bytes
MD5: ad7865025a2723267e197d1ca237828f
SHA1: 496ea693d32877f24205569119ad9aea1ae91d2f
PEiD: -
packers: PE_Patch

Файл svc32_3.exe получен 2008.02.14 08:39:51 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.14.11 2008.02.14 Win-Trojan/Agent.506952
AntiVir 7.6.0.65 2008.02.14 TR/Dldr.Logsnif.1
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.13 Win32:BZub-KY
AVG 7.5.0.516 2008.02.13 -
BitDefender 7.2 2008.02.14 -
CAT-QuickHeal None 2008.02.13 TrojanProxy.Small.it
ClamAV 0.92 2008.02.14 PUA.Packed.UPack-2
DrWeb 4.44.0.09170 2008.02.13 -
eSafe 7.0.15.0 2008.02.13 Suspicious File
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.13 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.13 W32/Heuristic-162!Eldorado
F-Secure 6.70.13260.0 2008.02.14 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.02.14 MalwareScope.Trojan-Spy.BZub.2
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5229 2008.02.13 Proxy-Agent.ai
Microsoft 1.3204 2008.02.14 Trojan:Win32/Dopip.A
NOD32v2 2873 2008.02.13 -
Norman 5.80.02 2008.02.13 W32/Suspicious_U.gen
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 -
Rising 20.31.10.00 2008.02.13 -
Sophos 4.26.0 2008.02.14 Mal/Packer
Sunbelt 2.2.907.0 2008.02.14 VIPRE.Suspicious
Symantec 10 2008.02.14 -
TheHacker 6.2.9.219 2008.02.13 W32/Behav-Heuristic-060
VBA32 3.12.6.1 2008.02.14 MalwareScope.Trojan-Spy.BZub.2
VirusBuster 4.3.26:9 2008.02.13 Packed/Upack
Webwasher-Gateway 6.6.2 2008.02.14 Trojan.Dldr.Logsnif.1

Дополнительная информация
File size: 509500 bytes
MD5: 52310f521d47e08b2515df83d9a95446
SHA1: 5e760a864bfa3bc9f6ed50fbe6b68c97611dddeb
PEiD: -
packers: UPack
packers: PE_Patch, UPack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Файл 12.exe получен 2008.02.14 08:28:44 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.14.11 2008.02.14 -
AntiVir 7.6.0.65 2008.02.14 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.13 -
AVG 7.5.0.516 2008.02.13 Dropper.Agent.9.Q
BitDefender 7.2 2008.02.14 -
CAT-QuickHeal None 2008.02.13 (Suspicious) - DNAScan
ClamAV 0.92 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.13 -
eSafe 7.0.15.0 2008.02.13 Suspicious File
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.13 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.13 -
F-Secure 6.70.13260.0 2008.02.14 -
Ikarus T3.1.1.20 2008.02.14 -
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5229 2008.02.13 -
Microsoft 1.3204 2008.02.14 -
NOD32v2 2873 2008.02.13 -
Norman 5.80.02 2008.02.13 -
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 -
Rising 20.31.10.00 2008.02.13 -
Sophos 4.26.0 2008.02.14 Sus/UnkPacker
Sunbelt 2.2.907.0 2008.02.14 Trojan.Crypt.XPACK.Gen
Symantec 10 2008.02.14 -
TheHacker 6.2.9.219 2008.02.13 -
VBA32 3.12.6.1 2008.02.14 -
VirusBuster 4.3.26:9 2008.02.13 -
Webwasher-Gateway 6.6.2 2008.02.14 Trojan.Crypt.XPACK.Gen

Дополнительная информация
File size: 159744 bytes
MD5: 7ab8773907e5f0ef5d9ceb338dc2b2f8
SHA1: 0ac46a74574f56f188543d16eac8be08b74bcbbd
PEiD: -

Файл 1.exe получен 2008.02.14 08:25:39 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.14.11 2008.02.14 -
AntiVir 7.6.0.65 2008.02.14 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.13 -
AVG 7.5.0.516 2008.02.13 -
BitDefender 7.2 2008.02.14 Trojan.PWS.LdPinch.TGB
CAT-QuickHeal None 2008.02.13 (Suspicious) - DNAScan
ClamAV 0.92 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.13 -
eSafe 7.0.15.0 2008.02.13 -
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.13 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.13 -
F-Secure 6.70.13260.0 2008.02.14 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.02.14 Trojan-PWS.LDPinch.TGB
Kaspersky 7.0.0.125 2008.02.14 -
McAfee 5229 2008.02.13 -
Microsoft 1.3204 2008.02.14 PWS:Win32/Ldpinch
NOD32v2 2873 2008.02.13 -
Norman 5.80.02 2008.02.13 -
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 Heuristic: Suspicious File With Outbound Communications
Rising 20.31.10.00 2008.02.13 -
Sophos 4.26.0 2008.02.14 Mal/TibsPak
Sunbelt 2.2.907.0 2008.02.14 Trojan-PWS.LdPinch.TGB
Symantec 10 2008.02.14 -
TheHacker 6.2.9.219 2008.02.13 -
VBA32 3.12.6.1 2008.02.14 -
VirusBuster 4.3.26:9 2008.02.13 -
Webwasher-Gateway 6.6.2 2008.02.14 Trojan.Crypt.XPACK.Gen

Дополнительная информация
File size: 45056 bytes
MD5: 1ca8a8b2002437786c84c0688e3daf3d
SHA1: fc4eb32b7ddb15847dfeb6f041a8284532112811
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...2E0700FDC72907

Файл avz00001.dta получен 2008.02.14 08:15:40 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.14.11 2008.02.14 -
AntiVir 7.6.0.65 2008.02.13 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.02.14 -
Avast 4.7.1098.0 2008.02.13 Win32:Trojan-gen {Other}
AVG 7.5.0.516 2008.02.13 Generic7.HNF
BitDefender 7.2 2008.02.14 Trojan.Spy.Agent.NEB
CAT-QuickHeal None 2008.02.13 Trojan.PolyCrypt.d
ClamAV 0.92 2008.02.14 -
DrWeb 4.44.0.09170 2008.02.13 Trojan.Packed.170
eSafe 7.0.15.0 2008.02.13 -
eTrust-Vet 31.3.5536 2008.02.14 -
Ewido 4.0 2008.02.13 -
FileAdvisor 1 2008.02.14 -
Fortinet 3.14.0.0 2008.02.14 -
F-Prot 4.4.2.54 2008.02.13 W32/Trojan2.PT
F-Secure 6.70.13260.0 2008.02.14 Packed.Win32.PolyCrypt.d
Ikarus T3.1.1.20 2008.02.14 Trojan-Downloader.Win32.Small.cyn
Kaspersky 7.0.0.125 2008.02.14 Packed.Win32.PolyCrypt.d
McAfee 5229 2008.02.13 PolyCrypt-Packed
Microsoft 1.3204 2008.02.14 VirTool:Win32/Obfuscator.O
NOD32v2 2873 2008.02.13 probably a variant of Win32/Obfuscated
Norman 5.80.02 2008.02.13 -
Panda 9.0.0.4 2008.02.14 -
Prevx1 V2 2008.02.14 -
Rising 20.31.10.00 2008.02.13 Trojan.Win32.PolyCrypt.d
Sophos 4.26.0 2008.02.14 Mal/Zbot-A
Sunbelt 2.2.907.0 2008.02.14 VIPRE.Suspicious
Symantec 10 2008.02.14 Infostealer.Notos!gen
TheHacker 6.2.9.219 2008.02.13 Trojan/PolyCrypt.d
VBA32 3.12.6.1 2008.02.14 Trojan.Packed.170
VirusBuster 4.3.26:9 2008.02.13 -
Webwasher-Gateway 6.6.2 2008.02.13 Trojan.Crypt.XPACK.Gen

Дополнительная информация
File size: 294127 bytes
MD5: e417ab28f4824d656c8b7f75e097bbf4
SHA1: f34f6eae137e82025492b3345e6ba6165377a1fc
PEiD: -
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

**rubin** · 15.02.2008, 15:16

Файл avz00002.dta получен 2008.02.15 13:06:30 (CET)
Текущий статус: закончено
Результат: 23/32 (71.88%)

Код:

AhnLab-V3	2008.2.15.11	2008.02.15	Win-Trojan/Agent.506952
AntiVir	7.6.0.65	2008.02.15	TR/Dldr.Logsnif.1
Authentium	4.93.8	2008.02.15	-
Avast	4.7.1098.0	2008.02.14	Win32:BZub-KY
AVG	7.5.0.516	2008.02.15	Downloader.Generic_c.KP
BitDefender	7.2	2008.02.15	Trojan.Agent.AGRM
CAT-QuickHeal	None	2008.02.14	TrojanProxy.Small.it
ClamAV	0.92.1	2008.02.15	PUA.Packed.UPack-2
DrWeb	4.44.0.09170	2008.02.15	Trojan.Roro
eSafe	7.0.15.0	2008.02.14	Suspicious File
eTrust-Vet	31.3.5539	2008.02.15	Win32/EtelPWS.A
Ewido	4.0	2008.02.15	-
FileAdvisor	1	2008.02.15	-
Fortinet	3.14.0.0	2008.02.15	-
F-Prot	4.4.2.54	2008.02.14	W32/Heuristic-162!Eldorado
F-Secure	6.70.13260.0	2008.02.15	W32/Agent.EDKM
Ikarus	T3.1.1.20	2008.02.15	MalwareScope.Trojan-Spy.BZub.2
Kaspersky	7.0.0.125	2008.02.15	-
McAfee	5230	2008.02.14	Proxy-Agent.ai
Microsoft	1.3204	2008.02.14	Trojan:Win32/Dopip.A
NOD32v2	2878	2008.02.15	Win32/Agent.NIV
Norman	5.80.02	2008.02.14	W32/Agent.EDKM
Panda	9.0.0.4	2008.02.15	-
Prevx1	V2	2008.02.15	-
Rising	20.31.30.00	2008.02.14	-
Sophos	4.26.0	2008.02.15	Mal/Packer
Sunbelt	2.2.907.0	2008.02.14	VIPRE.Suspicious
Symantec	10	2008.02.15	-
TheHacker	6.2.9.220	2008.02.14	W32/Behav-Heuristic-060
VBA32	3.12.6.1	2008.02.14	MalwareScope.Trojan-Spy.BZub.2
VirusBuster	4.3.26:9	2008.02.14	Packed/Upack
Webwasher-Gateway	6.6.2	2008.02.15	Trojan.Dldr.Logsnif.1

File size: 507000 bytes
MD5: a8fa6757b2136fbc730af466101ca952
SHA1: 60af3ae683be74765cc3aaf0fd5c58c63e18dea9
PEiD: -
packers: UPack
packers: PE_Patch, UPack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Файл avz00003.dta получен 2008.02.15 13:06:14 (CET)
Текущий статус: закончено
Результат: 9/32 (28.13%)

Код:

AhnLab-V3	2008.2.15.11	2008.02.15	-
AntiVir	7.6.0.65	2008.02.15	TR/Drop.Age.A.32768
Authentium	4.93.8	2008.02.15	-
Avast	4.7.1098.0	2008.02.14	-
AVG	7.5.0.516	2008.02.15	SHeur.AKAG
BitDefender	7.2	2008.02.15	-
CAT-QuickHeal	None	2008.02.14	-
ClamAV	0.92.1	2008.02.15	-
DrWeb	4.44.0.09170	2008.02.15	Trojan.Packed.147
eSafe	7.0.15.0	2008.02.14	-
eTrust-Vet	31.3.5539	2008.02.15	-
Ewido	4.0	2008.02.15	-
FileAdvisor	1	2008.02.15	-
Fortinet	3.14.0.0	2008.02.15	-
F-Prot	4.4.2.54	2008.02.14	-
F-Secure	6.70.13260.0	2008.02.15	Suspicious:W32/Malware!Gemini
Ikarus	T3.1.1.20	2008.02.15	Trojan-Dropper.Age.A.32768
Kaspersky	7.0.0.125	2008.02.15	-
McAfee	5230	2008.02.14	-
Microsoft	1.3204	2008.02.14	-
NOD32v2	2878	2008.02.15	probably unknown NewHeur_PE virus
Norman	5.80.02	2008.02.14	-
Panda	9.0.0.4	2008.02.15	-
Prevx1	V2	2008.02.15	SystemPoser:Trojan-All Variants
Rising	20.31.30.00	2008.02.14	-
Sophos	4.26.0	2008.02.15	-
Sunbelt	2.2.907.0	2008.02.14	Trojan-Dropper.Age.A.3
Symantec	10	2008.02.15	-
TheHacker	6.2.9.220	2008.02.14	-
VBA32	3.12.6.1	2008.02.14	-
VirusBuster	4.3.26:9	2008.02.14	-
Webwasher-Gateway	6.6.2	2008.02.15	Trojan.Drop.Age.A.32768

File size: 32768 bytes
MD5: eedd12ecb28bfc652c39dc6c587e2f2a
SHA1: b15bec428350afcdf4e5f3d5e8fc94c687d56cca
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...0C290077399D8A

**rubin** · 16.02.2008, 21:59

Файл SoftDll.dll получен 2008.02.16 19:08:58 (CET)

Код:

AhnLab-V3	2008.2.16.10	2008.02.15	-
AntiVir	7.6.0.67	2008.02.15	TR/Delphi.Downloader.Gen
Authentium	4.93.8	2008.02.15	-
Avast	4.7.1098.0	2008.02.15	-
AVG	7.5.0.516	2008.02.16	-
BitDefender	7.2	2008.02.16	Win32.Worm.Autoruner.BQ
CAT-QuickHeal	None	2008.02.16	-
ClamAV	0.92.1	2008.02.16	-
DrWeb	4.44.0.09170	2008.02.16	Win32.HLLW.Autoruner.279
eSafe	7.0.15.0	2008.02.14	-
eTrust-Vet	31.3.5541	2008.02.15	Win32/VMalum.JZV
Ewido	4.0	2008.02.16	-
FileAdvisor	1	2008.02.16	-
Fortinet	3.14.0.0	2008.02.16	Heuri.E
F-Prot	4.4.2.54	2008.02.15	-
F-Secure	6.70.13260.0	2008.02.15	-
Ikarus	T3.1.1.20	2008.02.16	MalwareScope.Worm.Viking.4
Kaspersky	7.0.0.125	2008.02.16	-
McAfee	5231	2008.02.15	PWS-OnlineGames.h
Microsoft	1.3204	2008.02.16	-
NOD32v2	2880	2008.02.15	-
Norman	5.80.02	2008.02.15	-
Panda	9.0.0.4	2008.02.16	Trj/QQPass.QV
Prevx1	V2	2008.02.16	Heuristic: Suspicious File With Bad Parent Associations
Rising	20.31.50.00	2008.02.16	Trojan.Win32.Agent.pox
Sophos	4.26.0	2008.02.16	Mal/Heuri-E
Sunbelt	2.2.907.0	2008.02.16	Worm.Win32.Autoruner.BQ
Symantec	10	2008.02.16	W32.SillyFDC
TheHacker	6.2.9.222	2008.02.16	-
VBA32	3.12.6.1	2008.02.14	Win32.HLLW.Autoruner.279
VirusBuster	4.3.26:9	2008.02.15	-
Webwasher-Gateway	6.6.2	2008.02.15	Trojan.Delphi.Downloader.Gen

File size: 29184 bytes
MD5: 9c1e6e500daac57c58fa103db572cb61
SHA1: 2b57f8c569ecf177aafe6662b8cc757c89da93df
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...CC55001A54505A

Добавлено через 42 минуты

c:\windows\system32\bim\svchost.exe
Файл avz00005.dta получен 2008.02.16 19:49:30 (CET)

Код:

AhnLab-V3	2008.2.16.10	2008.02.15	-
AntiVir	7.6.0.67	2008.02.15	TR/Delphi.Downloader.Gen
Authentium	4.93.8	2008.02.15	Possibly a new variant of W32/new-malware!Maximus
Avast	4.7.1098.0	2008.02.16	Win32:Delf-EQM
AVG	7.5.0.516	2008.02.16	-
BitDefender	7.2	2008.02.16	Dropped:Trojan.Proxy.Fackemo.A
CAT-QuickHeal	None	2008.02.16	(Suspicious) - DNAScan
ClamAV	0.92.1	2008.02.16	-
DrWeb	4.44.0.09170	2008.02.16	DLOADER.Trojan
eSafe	7.0.15.0	2008.02.14	suspicious Trojan/Worm
eTrust-Vet	31.3.5541	2008.02.15	-
Ewido	4.0	2008.02.16	-
FileAdvisor	1	2008.02.16	-
Fortinet	3.14.0.0	2008.02.16	-
F-Prot	4.4.2.54	2008.02.15	W32/Downloader.F.gen!Eldorado
F-Secure	6.70.13260.0	2008.02.15	Suspicious_F.gen.dropper
Ikarus	T3.1.1.20	2008.02.16	-
Kaspersky	7.0.0.125	2008.02.16	Heur.Trojan.Generic
McAfee	5231	2008.02.15	-
Microsoft	1.3204	2008.02.16	-
NOD32v2	2880	2008.02.15	-
Norman	5.80.02	2008.02.15	Suspicious_F.gen
Panda	9.0.0.4	2008.02.16	Suspicious file
Prevx1	V2	2008.02.16	-
Rising	20.31.50.00	2008.02.16	-
Sophos	4.26.0	2008.02.16	Mal/Packer
Sunbelt	2.2.907.0	2008.02.16	VIPRE.Suspicious
Symantec	10	2008.02.16	-
TheHacker	6.2.9.222	2008.02.16	-
VBA32	3.12.6.1	2008.02.14	-
VirusBuster	4.3.26:9	2008.02.15	Packed/FSG
Webwasher-Gateway	6.6.2	2008.02.15	Trojan.Delphi.Downloader.Gen

File size: 17257 bytes
MD5: 0e6741e9dafd2c3c1f96e64af0a9743e
SHA1: 95f71cf9f9e9f961381a6b6f6bd0e18450712fa8
PEiD: FSG v2.0 -> bart/xt
packers: FSG
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

C:\WINDOWS\system32\sysfldr.dll
Файл avz00003.dta получен 2008.02.16 19:49:41 (CET)

Код:

AhnLab-V3	2008.2.16.10	2008.02.15	-
AntiVir	7.6.0.67	2008.02.15	BDS/Backdoor.Gen
Authentium	4.93.8	2008.02.15	-
Avast	4.7.1098.0	2008.02.16	-
AVG	7.5.0.516	2008.02.16	-
BitDefender	7.2	2008.02.16	Backdoor.SDBot.DFCV
CAT-QuickHeal	None	2008.02.16	-
ClamAV	0.92.1	2008.02.16	-
DrWeb	4.44.0.09170	2008.02.16	-
eSafe	7.0.15.0	2008.02.14	suspicious Trojan/Worm
eTrust-Vet	31.3.5541	2008.02.15	-
Ewido	4.0	2008.02.16	-
FileAdvisor	1	2008.02.16	-
Fortinet	3.14.0.0	2008.02.16	-
F-Prot	4.4.2.54	2008.02.15	-
F-Secure	6.70.13260.0	2008.02.15	-
Ikarus	T3.1.1.20	2008.02.16	Trojan-Proxy.Win32.Webber.U
Kaspersky	7.0.0.125	2008.02.16	-
McAfee	5231	2008.02.15	-
Microsoft	1.3204	2008.02.16	-
NOD32v2	2880	2008.02.15	-
Norman	5.80.02	2008.02.15	-
Panda	9.0.0.4	2008.02.16	Suspicious file
Prevx1	V2	2008.02.16	Lop.BG
Rising	20.31.50.00	2008.02.16	-
Sophos	4.26.0	2008.02.16	Mal/Emogen-G
Sunbelt	2.2.907.0	2008.02.16	-
Symantec	10	2008.02.16	-
TheHacker	6.2.9.222	2008.02.16	-
VBA32	3.12.6.1	2008.02.14	-
VirusBuster	4.3.26:9	2008.02.15	-
Webwasher-Gateway	6.6.2	2008.02.15	Trojan.Backdoor.Backdoor.Gen

File size: 14336 bytes
MD5: e284bd5036c382d0d4241c10aaedfed4
SHA1: 7f9faa655a73874fd2325588f5be9ea09d4547c9
PEiD: -
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: http://info.prevx.com/aboutprogramte...362500B40A2B8E

**Синауридзе Александр** · 18.02.2008, 01:11

Файл BACKINF.TAB получен 2008.02.17 22:59:27 (CET)

AhnLab-V3 2008.2.16.10 2008.02.15 -
AntiVir 7.6.0.67 2008.02.15 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.17 -
AVG 7.5.0.516 2008.02.17 -
BitDefender 7.2 2008.02.17 Win32.Worm.VB.TB
CAT-QuickHeal None 2008.02.16 -
ClamAV 0.92.1 2008.02.17 -
DrWeb 4.44.0.09170 2008.02.17 Win32.HLLW.Autoruner
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5541 2008.02.15 INF/Cacfu
Ewido 4.0 2008.02.17 -
FileAdvisor 1 2008.02.17 -
Fortinet 3.14.0.0 2008.02.17 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.17 BAT/Autorun.O
Ikarus T3.1.1.20 2008.02.17 Worm.Win32.AutoRun.sb
Kaspersky 7.0.0.125 2008.02.17 Worm.Win32.AutoRun.sb
McAfee 5231 2008.02.15 -
Microsoft 1.3204 2008.02.17 -
NOD32v2 2881 2008.02.17 INF/Autorun
Norman 5.80.02 2008.02.15 BAT/Autorun.O
Panda 9.0.0.4 2008.02.17 Trj/Autorun.KZ
Prevx1 V2 2008.02.17 -
Rising 20.31.50.00 2008.02.16 -
Sophos 4.26.0 2008.02.17 Mal/AutoInf-A
Sunbelt 2.2.907.0 2008.02.16 -
Symantec 10 2008.02.17 -
TheHacker 6.2.9.222 2008.02.16 Trojan/Small.autorun
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.17 -
Webwasher-Gateway 6.6.2 2008.02.15 -

Дополнительная информация
File size: 99 bytes
MD5: 9a69f8ac723c11800bb3ad8186f2ace2
SHA1: 75f67392687644486c4550faf4e000ddbbb6738e
PEiD: -

**rubin** · 18.02.2008, 19:10

Файл avz00004.dta получен 2008.02.18 16:56:20 (CET)

Код:

AhnLab-V3	2008.2.18.0	2008.02.18	-
AntiVir	7.6.0.67	2008.02.18	-
Authentium	4.93.8	2008.02.17	-
Avast	4.7.1098.0	2008.02.18	-
AVG	7.5.0.516	2008.02.18	Spam
BitDefender	7.2	2008.02.18	Generic.Malware.dld!!.B10C0968
CAT-QuickHeal	9.50	2008.02.16	-
ClamAV	0.92.1	2008.02.18	-
DrWeb	4.44.0.09170	2008.02.18	-
eTrust-Vet	31.3.5546	2008.02.18	-
Ewido	4.0	2008.02.18	-
FileAdvisor	1	2008.02.18	-
Fortinet	3.14.0.0	2008.02.18	-
F-Prot	4.4.2.54	2008.02.17	-
F-Secure	6.70.13260.0	2008.02.18	-
Ikarus	T3.1.1.20	2008.02.18	-
Kaspersky	7.0.0.125	2008.02.18	-
McAfee	5231	2008.02.15	-
Microsoft	1.3204	2008.02.18	-
NOD32v2	2883	2008.02.18	-
Norman	5.80.02	2008.02.15	-
Panda	9.0.0.4	2008.02.17	Suspicious file
Rising	20.32.02.00	2008.02.18	-
Sophos	4.26.0	2008.02.18	-
Sunbelt	3.0.884.0	2008.02.18	-
Symantec	10	2008.02.18	-
TheHacker	6.2.9.222	2008.02.16	-
VBA32	3.12.6.1	2008.02.17	-
VirusBuster	4.3.26:9	2008.02.18	Trojan.DL.Wigon.Gen.6
Webwasher-Gateway	6.6.2	2008.02.18	-

File size: 7168 bytes
MD5: 04ddf6bc6c4d382a3a17fc946569634a
SHA1: 81411883f0b8b81f7d80eb26130a125d34cb05ca
PEiD: -

Файл avz00001.dta получен 2008.02.18 16:57:38 (CET)

Код:

AhnLab-V3	2008.2.18.0	2008.02.18	Win-Trojan/Agent.506952
AntiVir	7.6.0.67	2008.02.18	TR/Dldr.Logsnif.1
Authentium	4.93.8	2008.02.17	-
Avast	4.7.1098.0	2008.02.18	Win32:BZub-KY
AVG	7.5.0.516	2008.02.18	Downloader.Generic_c.MQ
BitDefender	7.2	2008.02.18	-
CAT-QuickHeal	9.50	2008.02.16	TrojanProxy.Small.it
ClamAV	0.92.1	2008.02.18	PUA.Packed.UPack-2
DrWeb	4.44.0.09170	2008.02.18	Trojan.Roro
eSafe	7.0.15.0	2008.02.17	Suspicious File
eTrust-Vet	31.3.5546	2008.02.18	-
Ewido	4.0	2008.02.18	-
FileAdvisor	1	2008.02.18	-
Fortinet	3.14.0.0	2008.02.18	-
F-Prot	4.4.2.54	2008.02.17	W32/Heuristic-162!Eldorado
F-Secure	6.70.13260.0	2008.02.18	Suspicious:W32/Malware!Gemini
Ikarus	T3.1.1.20	2008.02.18	MalwareScope.Trojan-Spy.BZub.2
Kaspersky	7.0.0.125	2008.02.18	-
McAfee	5231	2008.02.15	Proxy-Agent.ai
Microsoft	1.3204	2008.02.18	Trojan:Win32/Dopip.A
NOD32v2	2883	2008.02.18	-
Norman	5.80.02	2008.02.15	W32/Suspicious_U.gen
Panda	9.0.0.4	2008.02.17	-
Prevx1	V2	2008.02.18	-
Rising	20.32.02.00	2008.02.18	-
Sophos	4.26.0	2008.02.18	Mal/Packer
Sunbelt	3.0.884.0	2008.02.18	VIPRE.Suspicious
Symantec	10	2008.02.18	-
TheHacker	6.2.9.222	2008.02.16	W32/Behav-Heuristic-060
VBA32	3.12.6.1	2008.02.17	MalwareScope.Trojan-Spy.BZub.2
VirusBuster	4.3.26:9	2008.02.18	Packed/Upack
Webwasher-Gateway	6.6.2	2008.02.18	Trojan.Dldr.Logsnif.1

File size: 509512 bytes
MD5: 02a5bc893cbeee7561a9e778b812baa4
SHA1: cac73b45639bcb64f8973e06f77aa6c432251e8b
PEiD: -
packers: UPack
packers: PE_Patch, UPack

**asterrX** · 18.02.2008, 23:24

Файл ***.exe получен 2008.02.18 20:33:18 (CET)

Код:

AhnLab-V3 	2008.2.18.0 	2008.02.18 	-
AntiVir 	7.6.0.67 	2008.02.18 	HEUR/Crypted
Authentium 	4.93.8 	2008.02.17 	-
Avast 	4.7.1098.0 	2008.02.18 	-
AVG 	7.5.0.516 	2008.02.18 	PSW.Ldpinch.11.AS
BitDefender 	7.2 	2008.02.18 	-
CAT-QuickHeal 	9.50 	2008.02.16 	(Suspicious) - DNAScan
ClamAV 	0.92.1 	2008.02.18 	-
DrWeb 	4.44.0.09170 	2008.02.18 	Trojan.PWS.LDPinch.1941
eSafe 	7.0.15.0 	2008.02.17 	-
eTrust-Vet 	31.3.5546 	2008.02.18 	-
Ewido 	4.0 	2008.02.18 	-
FileAdvisor 	1 	2008.02.18 	-
Fortinet 	3.14.0.0 	2008.02.18 	W32/Basine.C!tr.pws
F-Prot 	4.4.2.54 	2008.02.17 	-
F-Secure 	6.70.13260.0 	2008.02.18 	LdPinch.gen1
Ikarus 	T3.1.1.20 	2008.02.18 	-
Kaspersky 	7.0.0.125 	2008.02.18 	Trojan-PSW.Win32.LdPinch.fvf
McAfee 	5232 	2008.02.18 	-
Microsoft 	1.3204 	2008.02.18 	-
NOD32v2 	2883 	2008.02.18 	-
Norman 	5.80.02 	2008.02.15 	LdPinch.gen1
Panda 	9.0.0.4 	2008.02.17 	-
Prevx1 	V2 	2008.02.18 	Heuristic: Suspicious Self Modifying File
Rising 	20.32.02.00 	2008.02.18 	-
Sophos 	4.26.0 	2008.02.18 	Mal/Basine-C
Sunbelt 	3.0.884.0 	2008.02.18 	VIPRE.Suspicious
Symantec 	10 	2008.02.18 	-
TheHacker 	6.2.9.223 	2008.02.18 	-
VBA32 	3.12.6.1 	2008.02.17 	-
VirusBuster 	4.3.26:9 	2008.02.18 	-
Webwasher-Gateway 	6.6.2 	2008.02.18 	Heuristic.Crypted

**Groft** · 19.02.2008, 02:34

Файл daemon.tools.pro.patch.rar получен 2008.02.19 00:25:22 (CET)
Текущий статус: закончено
Результат: 8/32 (25%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 HEUR/Crypted
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 Win32:Horse-BK
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.18 -
ClamAV 0.92.1 2008.02.19 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.19 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.18 -
F-Secure 6.70.13260.0 2008.02.18 W32/Malware.AVTN
Ikarus T3.1.1.20 2008.02.18 Backdoor.Pigeon.6620
Kaspersky 7.0.0.125 2008.02.19 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2884 2008.02.18 -
Norman 5.80.02 2008.02.18 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.19 Heuristic: Suspicious Self Modifying EXE
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 Trojan Horse
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 Backdoor.Win32.Rbot.gnm
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 Heuristic.Crypted
Дополнительная информация
File size: 609821 bytes
MD5: 38da4121a0daa01e09f2c500e58f6eda
SHA1: 115865d5e9b8cc89ae3099a6d047ceb0515e5444
PEiD: -
packers: PecBundle, PECompact
packers: PE_Patch.PECompact, PecBundle, PECompact
Prevx info: http://info.prevx.com/aboutprogramte...49080042E22203

Исследование антивирусов 6

Опции темы

Похожие темы

Исследование антивирусов 7

Исследование антивирусов 5

Исследование антивирусов 4

Исследование антивирусов 3

Исследование антивирусов 2

Ваши права в разделе