Исследование антивирусов 6

XL · 12.03.2008, 22:38

Файл avz00001.dta (base***.dll) получен 2008.03.12 20:25:57 (CET)

Код:

AhnLab-V3	2008.3.12.0	2008.03.12	-
AntiVir	7.6.0.73	2008.03.12	HEUR/Crypted
Authentium	4.93.8	2008.03.11	-
Avast	4.7.1098.0	2008.03.11	-
AVG	7.5.0.516	2008.03.12	Agent.QGD
BitDefender	7.2	2008.03.12	Trojan.Agent.AGKK
CAT-QuickHeal	9.50	2008.03.12	Trojan.Agent.fxp
ClamAV	None	2008.03.12	-
DrWeb	4.44.0.09170	2008.03.12	-
eSafe	7.0.15.0	2008.03.09	-
eTrust-Vet	31.3.5608	2008.03.12	-
Ewido	4.0	2008.03.12	-
FileAdvisor	1	2008.03.12	-
Fortinet	3.14.0.0	2008.03.12	-
F-Prot	4.4.2.54	2008.03.11	-
F-Secure	6.70.13260.0	2008.03.12	-
Ikarus	T3.1.1.20	2008.03.12	Trojan.Agent.AGKK
Kaspersky	7.0.0.125	2008.03.12	-
McAfee	5249	2008.03.11	-
Microsoft	1.3301	2008.03.12	Trojan:Win32/Agent.ADH
NOD32v2	2942	2008.03.12	-
Norman	5.80.02	2008.03.12	-
Panda	9.0.0.4	2008.03.12	Suspicious file
Prevx1	V2	2008.03.12	Trojan.DoS.Win32.Opdos
Rising	20.35.22.00	2008.03.12	-
Sophos	4.27.0	2008.03.12	-
Sunbelt	3.0.930.0	2008.03.05	-
Symantec	10	2008.03.12	-
TheHacker	6.2.92.243	2008.03.12	-
VBA32	3.12.6.2	2008.03.05	-
VirusBuster	4.3.26:9	2008.03.12	Trojan.DL.BServ.Gen
Webwasher-Gateway	6.6.2	2008.03.12	Heuristic.Crypted
Дополнительная информация
File size: 24576 bytes
MD5: becadce37a1376c69e76ffc1254b42cc
SHA1: a5ccfe229f1e9a6f88261f875bbcdbc4df3ff7d6

скрипт Ric'а отработал по зверю без нареканий. Спасибо!

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**wise-wistful** · 16.03.2008, 14:08

Файл avz00001.dta получен 2008.03.16 11:45:00 (CET)

Код:

Антивирус	Версия	Обновление	Результат
AhnLab-V3	2008.3.15.0	2008.03.14	-
AntiVir	7.6.0.73	2008.03.14	TR/Crypt.XPACK.Gen
Authentium	4.93.8	2008.03.14	-
Avast	4.7.1098.0	2008.03.16	-
AVG	7.5.0.516	2008.03.15	Generic10.AUV
BitDefender	7.2	2008.03.16	-
CAT-QuickHeal	9.50	2008.03.14	-
ClamAV	0.92.1	2008.03.16	-
DrWeb	4.44.0.09170	2008.03.15	Trojan.Bsod
eSafe	7.0.15.0	2008.03.09	Suspicious File
eTrust-Vet	31.3.5616	2008.03.14	-
Ewido	4.0	2008.03.15	-
F-Prot	4.4.2.54	2008.03.15	-
F-Secure	6.70.13260.0	2008.03.14	-
FileAdvisor	1	2008.03.16	-
Fortinet	3.14.0.0	2008.03.16	-
Ikarus	T3.1.1.20	2008.03.16	Trojan.Crypt.XPACK
Kaspersky	7.0.0.125	2008.03.16	-
McAfee	5252	2008.03.14	-
Microsoft	1.3301	2008.03.16	-
NOD32v2	2949	2008.03.15	-
Norman	5.80.02	2008.03.14	W32/Smalltroj.DITU
Panda	9.0.0.4	2008.03.15	-
Prevx1	V2	2008.03.16	-
Rising	20.35.61.00	2008.03.16	-
Sophos	4.27.0	2008.03.16	-
Sunbelt	3.0.963.0	2008.03.14	-
Symantec	10	2008.03.16	-
TheHacker	6.2.92.247	2008.03.15	-
VBA32	3.12.6.2	2008.03.13	suspected of Trojan-PSW.Pinch.35 (paranoid heuristics)
VirusBuster	4.3.26:9	2008.03.15	-
Webwasher-Gateway	6.6.2	2008.03.14	Trojan.Crypt.XPACK.Gen

Дополнительная информация
File size: 15872 bytes
MD5: 48bd6013ca851b809a144d3f937d91d9
SHA1: a212538f1d4f9828babeb0fb0bc84b8608ff8150
PEiD: -

**wise-wistful** · 17.03.2008, 14:46

Файл avz00001.dta получен 2008.03.17 12:27:30 (CET)

Код:

Антивирус	Версия	Обновление	Результат
AhnLab-V3	2008.3.17.1	2008.03.17	-
AntiVir	7.6.0.73	2008.03.17	-
Authentium	4.93.8	2008.03.14	-
Avast	4.7.1098.0	2008.03.16	Win32:Small-JPM
AVG	7.5.0.516	2008.03.16	-
BitDefender	7.2	2008.03.17	-
CAT-QuickHeal	9.50	2008.03.14	-
ClamAV	0.92.1	2008.03.17	-
DrWeb	4.44.0.09170	2008.03.17	-
eSafe	7.0.15.0	2008.03.09	suspicious Trojan/Worm
eTrust-Vet	31.3.5621	2008.03.17	-
Ewido	4.0	2008.03.16	-
F-Prot	4.4.2.54	2008.03.16	W32/Downloader.F.gen!Eldorado
F-Secure	6.70.13260.0	2008.03.17	-
FileAdvisor	1	2008.03.17	-
Fortinet	3.14.0.0	2008.03.17	-
Ikarus	T3.1.1.20	2008.03.17	Trojan-Spy
Kaspersky	7.0.0.125	2008.03.17	-
McAfee	5252	2008.03.14	-
Microsoft	1.3301	2008.03.16	-
NOD32v2	2952	2008.03.17	-
Norman	5.80.02	2008.03.17	-
Panda	9.0.0.4	2008.03.16	-
Rising	20.36.02.00	2008.03.17	-
Sophos	4.27.0	2008.03.17	Sus/Dropper-A
Sunbelt	3.0.963.0	2008.03.14	-
Symantec	10	2008.03.17	-
TheHacker	6.2.92.247	2008.03.15	-
VBA32	3.12.6.2	2008.03.16	Trojan-Downloader.Win32.Agent.ktg
VirusBuster	4.3.26:9	2008.03.16	-
Webwasher-Gateway	6.6.2	2008.03.17	-

Дополнительная информация
File size: 40960 bytes
MD5: 4ab1fea4cf5d2cce81a79f1b6ba1432f
SHA1: 09b463e051dc93b6c62ccbe98d0adda7b885df4f
PEiD: UPX 2.93 - 3.00 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers: UPX
packers: UPX_LZMA

**Numb** · 17.03.2008, 18:15

Файл avz00001.dta получен 2008.03.17 15:47:04 (CET)
Оригинальное имя - C:\WINDOWS\svchost.exe

Код:

Антивирус	Версия	Обновление	Результат
AhnLab-V3	2008.3.18.0	2008.03.17	-
AntiVir	7.6.0.73	2008.03.17	-
Authentium	4.93.8	2008.03.14	-
Avast	4.7.1098.0	2008.03.16	-
AVG	7.5.0.516	2008.03.17	-
BitDefender	7.2	2008.03.17	BehavesLike:Trojan.StartPage
CAT-QuickHeal	9.50	2008.03.14	-
ClamAV	0.92.1	2008.03.17	-
DrWeb	4.44.0.09170	2008.03.17	Trojan.StartPage.origin
eSafe	7.0.15.0	2008.03.09	-
eTrust-Vet	31.3.5621	2008.03.17	-
Ewido	4.0	2008.03.17	-
F-Prot	4.4.2.54	2008.03.16	W32/StartPage.A.gen!Eldorado
F-Secure	6.70.13260.0	2008.03.17	W32/Malware
FileAdvisor	1	2008.03.17	-
Fortinet	3.14.0.0	2008.03.17	-
Ikarus	T3.1.1.20	2008.03.17	Trojan-Spy.Win32.Delf.gd
Kaspersky	7.0.0.125	2008.03.17	Heur.StartPage
McAfee	5252	2008.03.14	Generic StartPage
Microsoft	1.3301	2008.03.16	-
NOD32v2	2953	2008.03.17	a variant of Win32/StartPage
Norman	5.80.02	2008.03.17	W32/Malware
Panda	9.0.0.4	2008.03.16	Suspicious file
Prevx1	V2	2008.03.17	-
Rising	20.36.02.00	2008.03.17	-
Sophos	4.27.0	2008.03.17	Mal/DownLdr-O
Sunbelt	3.0.963.0	2008.03.14	-
Symantec	10	2008.03.17	Adware.MainSearch
TheHacker	6.2.92.247	2008.03.15	Trojan/StartPageAI
VBA32	3.12.6.2	2008.03.16	-
VirusBuster	4.3.26:9	2008.03.17	-
Webwasher-Gateway	6.6.2	2008.03.17	-

Дополнительная информация
File size: 25600 bytes
MD5: 48b2151f6a39851c34d27fe0b613013d
SHA1: 27f5adc91af9c278291289982b2bc3bedb3d7572
PEiD: -

**PavelA** · 18.03.2008, 14:12

из раздела "Помогите!"
Файл avz00001.dta получен 2008.03.18 10:58:40 (CET)Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.18.1 2008.03.18 -
AntiVir 7.6.0.73 2008.03.18 -
Authentium 4.93.8 2008.03.18 Possibly a new variant of W32/Swizzor-based!Maximus
Avast 4.7.1098.0 2008.03.18 -
AVG 7.5.0.516 2008.03.17 -
BitDefender 7.2 2008.03.18 -
CAT-QuickHeal 9.50 2008.03.14 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.03.18 -
DrWeb 4.44.0.09170 2008.03.18 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5623 2008.03.17 -
Ewido 4.0 2008.03.17 -
FileAdvisor 1 2008.03.18 -
Fortinet 3.14.0.0 2008.03.17 -
F-Prot 4.4.2.54 2008.03.18 W32/Swizzor-based!Maximus
F-Secure 6.70.13260.0 2008.03.18 Trojan-Downloader.Win32.Agent.lkt
Ikarus T3.1.1.20 2008.03.18 -
Kaspersky 7.0.0.125 2008.03.18 Trojan-Downloader.Win32.Agent.lkt
McAfee 5253 2008.03.17 -
Microsoft 1.3301 2008.03.18 -
NOD32v2 2954 2008.03.18 -
Norman 5.80.02 2008.03.17 -
Panda 9.0.0.4 2008.03.17 -
Prevx1 V2 2008.03.18 -
Rising 20.36.10.00 2008.03.18 -
Sophos 4.27.0 2008.03.18 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.18 -
TheHacker 6.2.92.248 2008.03.17 -
VBA32 3.12.6.3 2008.03.17 -
VirusBuster 4.3.26:9 2008.03.17 Trojan.DL.Swizzor.Gen!Pac.2
Webwasher-Gateway 6.6.2 2008.03.18 -

Дополнительная информация
File size: 489984 bytes
MD5: c64df13b4e78f58fa8791b26118884cf
SHA1: b59f0a0c9bfa6d0dbca7aa751e1e0c843e78b930
PEiD: Armadillo v1.71

**Биомеханик** · 18.03.2008, 22:06

Ещё парочку.

[ file data ]
* name: avz00071.rar
* size: 299027
* md5.: 2faa9b85ac14c75efa1ef78c5eb6c526
* sha1: eb1ed479da4a6655e4d0c92f919e2ff146fb08d4
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Agent.htt]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found nothing
AVG 7.5.0.516/20080318 found [Generic10.AEI]
BitDefender 7.2/20080318 found nothing
CAT-QuickHeal 9.50/20080314 found [Trojan.Agent.htt]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found [Trojan.DownLoader.50133]
eSafe 7.0.15.0/20080309 found [suspicious Trojan/Worm]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found [W32/Trojan2.AFRT]
F-Secure 6.70.13260.0/20080318 found [Trojan.Win32.Agent.htt]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found [W32/Agent.HTT!tr]
Ikarus T3.1.1.20/20080318 found [Virus.Trojan.Win32.Agent.htt]
Kaspersky 7.0.0.125/20080318 found [Trojan.Win32.Agent.htt]
McAfee 5253/20080317 found nothing
Microsoft 1.3301/20080318 found nothing
NOD32v2 2956/20080318 found [Win32/Agent.HTT]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found nothing
Prevx1 V2/20080318 found [Trojan.DoS.Win32.Opdos]
Rising 20.36.11.00/20080318 found nothing
Sophos 4.27.0/20080318 found [Mal/Generic-A]
Sunbelt 3.0.978.0/20080318 found nothing
Symantec 10/20080318 found nothing
TheHacker 6.2.92.248/20080317 found [Trojan/Agent.htt]
VBA32 3.12.6.3/20080317 found [Trojan.Win32.Agent.htt]
VirusBuster 4.3.26:9/20080317 found nothing
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Agent.htt]

[ notes ]
Prevx info: http://info.prevx.com/aboutprogramte...9F8F00E0322B91

[ file data ]
* name: avz00001.rar
* size: 28320
* md5.: f9ee56154b883084b091e316c23d05ea
* sha1: 05caca99a2320bf33c6b365672cbf6d7ad1a9d27
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Dldr.Ag.29696.A]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found nothing
AVG 7.5.0.516/20080318 found [Clicker.LYW]
BitDefender 7.2/20080318 found [Generic.Dld.HotLan.E167D5FD]
CAT-QuickHeal 9.50/20080314 found [TrojanClicker.Agent.lt]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found [Trojan.DownLoader.origin]
eSafe 7.0.15.0/20080309 found [suspicious Trojan/Worm]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found [Hijacker.Agent.lt]
F-Prot 4.4.2.54/20080318 found [W32/Trojan2.AEJY]
F-Secure 6.70.13260.0/20080318 found [Trojan-Clicker.Win32.Agent.lt]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found [Adware/Dloader]
Ikarus T3.1.1.20/20080318 found [Trojan-Clicker.Win32.Agent.lt]
Kaspersky 7.0.0.125/20080318 found [Trojan-Clicker.Win32.Agent.lt]
McAfee 5253/20080317 found [Downloader-BAR]
Microsoft 1.3301/20080318 found [TrojanDownloader:Win32/Slupim.A]
NOD32v2 2956/20080318 found [probably a variant of Win32/TrojanDownloader.Agent.BER]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Suspicious file]
Prevx1 V2/20080318 found [TROJAN.SOBAR]
Rising 20.36.11.00/20080318 found [Trojan.Clicker.Win32.Agent.lt]
Sophos 4.27.0/20080318 found [Troj/Slupim-Gen]
Sunbelt 3.0.978.0/20080318 found [Trojan-Clicker.Win32.Agent.lt]
Symantec 10/20080318 found nothing
TheHacker 6.2.92.248/20080317 found [Trojan/Clicker.Agent.lt]
VBA32 3.12.6.3/20080317 found [Trojan-Clicker.Win32.Agent.lt]
VirusBuster 4.3.26:9/20080317 found nothing
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Dldr.Ag.29696.A]

[ notes ]
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: http://info.prevx.com/aboutprogramte...E9CE0096B2A598

[ file data ]
* name: avz00013.rar
* size: 86221
* md5.: 823057474ef1e51121b455dd34851685
* sha1: 445d87aef77633ca4f07886b527b23d1d93e2f1e
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Rootkit.Gen]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found [Win32:Srizbi]
AVG 7.5.0.516/20080318 found [Generic10.BP]
BitDefender 7.2/20080318 found [Trojan.Srizbi.AX]
CAT-QuickHeal 9.50/20080314 found [Trojan.Srizbi.a]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found [Trojan.Sentinel]
eSafe 7.0.15.0/20080309 found nothing
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found [Trojan.Srizbi.j]
F-Prot 4.4.2.54/20080318 found [W32/Trojan2.UOG]
F-Secure 6.70.13260.0/20080318 found [Trojan.Win32.Srizbi.j]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Rootkit.Win32.Agent.ea]
Kaspersky 7.0.0.125/20080318 found [Trojan.Win32.Srizbi.j]
McAfee 5253/20080317 found [Srizbi.sys]
Microsoft 1.3301/20080318 found [Trojan:Win32/Srizbi.gen]
NOD32v2 2956/20080318 found [Win32/Agent.NRK]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Rootkit/Agent.IGL]
Prevx1 V2/20080318 found [TROJAN.ROOTKIT.I]
Rising 20.36.11.00/20080318 found [Trojan.Win32.Undef.czb]
Sophos 4.27.0/20080318 found [Troj/RKAgen-Fam]
Sunbelt 3.0.978.0/20080318 found [Trojan.Srizbi.AX]
Symantec 10/20080318 found [Trojan.Srizbi]
TheHacker 6.2.92.248/20080317 found [Trojan/Srizbi.j]
VBA32 3.12.6.3/20080317 found [Trojan.Win32.Srizbi.j]
VirusBuster 4.3.26:9/20080317 found [Rootkit.Srizbi.Gen]
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Rootkit.Gen]

[ notes ]
Prevx info: http://info.prevx.com/aboutprogramte...FB1D008FCC2009

[ file data ]
* name: avz00005.rar
* size: 13804
* md5.: 152087726706f38791a898abe16d2eff
* sha1: 951eae296253f0f631741f51cd0c4318844050b1
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Crypt.XDR.Gen]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found [Win32:Agent-OLI]
AVG 7.5.0.516/20080318 found [Downloader.Agent.ACTH]
BitDefender 7.2/20080318 found nothing
CAT-QuickHeal 9.50/20080314 found [TrojanDownloader.Small.ius]
ClamAV 0.92.1/20080318 found [Trojan.Downloader-26038]
DrWeb 4.44.0.09170/20080318 found [Trojan.DownLoader.49953]
eSafe 7.0.15.0/20080309 found [suspicious Trojan/Worm]
eTrust-Vet 31.3.5621/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found nothing
F-Secure 6.70.13260.0/20080318 found [Trojan-Downloader.Win32.Small.ius]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found [W32/Heuri.D!tr.dldr]
Ikarus T3.1.1.20/20080318 found [Virus.Win32.Agent.OLI]
Kaspersky 7.0.0.125/20080318 found [Trojan-Downloader.Win32.Small.ius]
McAfee 5253/20080317 found [Downloader.gen.a]
Microsoft 1.3301/20080318 found [Backdoor:Win32/Koceg.gen!A]
NOD32v2 2956/20080318 found [Win32/TrojanDownloader.Small.IUS]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Trj/Downloader.SXH]
Rising 20.36.11.00/20080318 found [Trojan.Win32.Undef.dtm]
Sophos 4.27.0/20080318 found [Mal/Heuri-D]
Sunbelt 3.0.978.0/20080318 found nothing
Symantec 10/20080318 found [Backdoor.Paproxy]
TheHacker 6.2.92.248/20080317 found [Trojan/Downloader.Small.ius]
VBA32 3.12.6.3/20080317 found [Trojan-Downloader.Win32.Small.ius]
VirusBuster 4.3.26:9/20080317 found nothing
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Crypt.XDR.Gen]

[ notes ]
packers: UPX
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX

[ file data ]
* name: avz00017.rar
* size: 86079
* md5.: b38d52437c8a02e9188418860ac3b1cb
* sha1: b9aeaf15847b34399570518606ea7ad9358d659f
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Rootkit.Gen]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found [Win32:Srizbi]
AVG 7.5.0.516/20080318 found [BackDoor.Generic9.WQY]
BitDefender 7.2/20080318 found [Trojan.Srizbi.AX]
CAT-QuickHeal 9.50/20080314 found [Trojan.Srizbi.a]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found [Trojan.Sentinel]
eSafe 7.0.15.0/20080309 found nothing
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found [Trojan.Srizbi.j]
F-Prot 4.4.2.54/20080318 found [W32/Trojan2.UOG]
F-Secure 6.70.13260.0/20080318 found [Rootkit.Win32.Agent.adm]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Rootkit.Win32.Agent.ea]
Kaspersky 7.0.0.125/20080318 found [Rootkit.Win32.Agent.adm]
McAfee 5253/20080317 found [Srizbi.sys]
Microsoft 1.3301/20080318 found [Trojan:Win32/Srizbi.gen]
NOD32v2 2956/20080318 found [Win32/Agent.NRK]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Rootkit/Agent.IGL]
Prevx1 V2/20080318 found [TROJAN.ROOTKIT.I]
Rising 20.36.11.00/20080318 found [Trojan.Win32.Undef.czb]
Sophos 4.27.0/20080318 found [Troj/RKAgen-Fam]
Sunbelt 3.0.978.0/20080318 found [Trojan.Srizbi.AX]
Symantec 10/20080318 found [Trojan.Srizbi]
TheHacker 6.2.92.248/20080317 found [Trojan/Agent.adm]
VBA32 3.12.6.3/20080317 found [Rootkit.Win32.Agent.adm]
VirusBuster 4.3.26:9/20080317 found [Rootkit.Srizbi.Gen]
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Rootkit.Gen]

[ notes ]
Prevx info: http://info.prevx.com/aboutprogramte...FB1D0071F9F28C

[ file data ]
* name: avz00002.rar
* size: 40959
* md5.: 4e299868bf1e56329fb5f6524041fe87
* sha1: 683b42223eb46c7cbb6a4cfdf367a91a9ee7df1a
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Drop.Agent.snu]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found [Win32:Agent-OLI]
AVG 7.5.0.516/20080318 found [Downloader.Agent.ACTH]
BitDefender 7.2/20080318 found nothing
CAT-QuickHeal 9.50/20080314 found [TrojanDownloader.Small.ius]
ClamAV 0.92.1/20080318 found [Trojan.Downloader-26038]
DrWeb 4.44.0.09170/20080318 found [Trojan.DownLoader.49953]
eSafe 7.0.15.0/20080309 found [suspicious Trojan/Worm]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found nothing
F-Secure 6.70.13260.0/20080318 found [Trojan-Downloader.Win32.Small.ius]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Virus.Win32.Agent.OLI]
Kaspersky 7.0.0.125/20080318 found [Trojan-Downloader.Win32.Small.ius]
McAfee 5253/20080317 found [Downloader.gen.a]
Microsoft 1.3301/20080318 found [Backdoor:Win32/Koceg.gen!A]
NOD32v2 2956/20080318 found [Win32/TrojanDownloader.Small.IUS]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Trj/Downloader.SXH]
Prevx1 V2/20080318 found [Downloader.Agent.ACTH]
Rising 20.36.11.00/20080318 found [Trojan.Win32.Undef.dtm]
Sophos 4.27.0/20080318 found [Mal/Heuri-D]
Sunbelt 3.0.978.0/20080318 found nothing
Symantec 10/20080318 found [Backdoor.Paproxy]
TheHacker 6.2.92.248/20080317 found [Trojan/Downloader.Small.ius]
VBA32 3.12.6.3/20080317 found [Trojan-Downloader.Win32.Small.ius]
VirusBuster 4.3.26:9/20080317 found nothing
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Drop.Agent.snu]

[ notes ]
packers: UPX
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: http://info.prevx.com/aboutprogramte...152E00712BFE69

[ file data ]
* name: avz00006.rar
* size: 145044
* md5.: d1d51615f8918b24a174eca57d3c7f6d
* sha1: a6d17d5d444bba7f4785eaa5d045d8776dd8539e
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Pakes.chf]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found nothing
AVG 7.5.0.516/20080318 found [Generic10.BKJ]
BitDefender 7.2/20080318 found [Trojan.Srizbi.BN]
CAT-QuickHeal 9.50/20080314 found [Trojan.Pakes.chf]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found nothing
eSafe 7.0.15.0/20080309 found [Suspicious File]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found [W32/Trojan2.ACEG]
F-Secure 6.70.13260.0/20080318 found [Trojan.Win32.Pakes.chf]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Trojan.Srizbi.BN]
Kaspersky 7.0.0.125/20080318 found [Trojan.Win32.Pakes.chf]
McAfee 5253/20080317 found nothing
Microsoft 1.3301/20080318 found nothing
NOD32v2 2956/20080318 found nothing
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found nothing
Prevx1 V2/20080318 found [Trojan.DoS.Win32.Opdos]
Rising 20.36.11.00/20080318 found nothing
Sophos 4.27.0/20080318 found [Mal/EncPk-CK]
Sunbelt 3.0.978.0/20080318 found nothing
Symantec 10/20080318 found nothing
TheHacker 6.2.92.248/20080317 found [Trojan/Pakes.chf]
VBA32 3.12.6.3/20080317 found [Trojan.Win32.Pakes.chf]
VirusBuster 4.3.26:9/20080317 found nothing
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Pakes.chf]

[ notes ]
Prevx info: http://info.prevx.com/aboutprogramte...213800E11080A8

Добавлено через 59 минут

Ещё

[ file data ]
* name: avz00016.rar
* size: 8507
* md5.: 853f9fdd79ba1857586417ce2ca60e3b
* sha1: 86693daa8c1c664ae50da177aab7487463af236c
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Qhost.Aes.19]
Authentium 4.93.8/20080318 found [Possibly a new variant of W32/Blocker-based!Maximus]
Avast 4.7.1098.0/20080318 found [Win32:Agent-OYI]
AVG 7.5.0.516/20080318 found [Downloader.Small.60.P]
BitDefender 7.2/20080318 found [Trojan.FakeAlert.PL]
CAT-QuickHeal 9.50/20080314 found [Trojan.Qhost.aes]
ClamAV 0.92.1/20080318 found [Trojan.Fakealert-85]
DrWeb 4.44.0.09170/20080318 found [Trojan.Fakealert.443]
eSafe 7.0.15.0/20080309 found [Win32.Qhost.aes]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found [Trojan.Qhost.aes]
F-Prot 4.4.2.54/20080318 found [W32/Blocker-based!Maximus]
F-Secure 6.70.13260.0/20080318 found [Trojan.Win32.Qhost.aes]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found [W32/Qhost.AES!tr]
Ikarus T3.1.1.20/20080318 found [not-a-virus:Hoax.Win32.Renos.aqn]
Kaspersky 7.0.0.125/20080318 found [Trojan.Win32.Qhost.aes]
McAfee 5253/20080317 found [Downloader-BHL]
Microsoft 1.3301/20080318 found [Trojan:Win32/Wantvi.C]
NOD32v2 2956/20080318 found [Win32/TrojanDownloader.FakeAlert.G]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Adware/VirusAlarma]
Prevx1 V2/20080318 found [Downloader.Small.60.P]
Rising 20.36.11.00/20080318 found [Trojan.Win32.QHost.aew]
Sophos 4.27.0/20080318 found [Mal/Emogen-G]
Sunbelt 3.0.978.0/20080318 found [Trojan.FakeAlert]
Symantec 10/20080318 found [Downloader.MisleadApp]
TheHacker 6.2.92.248/20080317 found [Trojan/Qhost.aes]
VBA32 3.12.6.3/20080317 found [Trojan.Win32.Qhost.aes]
VirusBuster 4.3.26:9/20080317 found [Trojan.Small.ADIF]
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Qhost.Aes.19]

[ notes ]
packers: UPX
packers: UPX
packers: UPX
packers: UPX
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=62EF118E002E746626BC00949 D384F00AA004B01

[ file data ]
* name: avz00158.rar
* size: 17651
* md5.: ffaba082255b020b4d589038cff366f9
* sha1: f881a3d141d2232f1cf61bdd8c711c55476cf69b
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Dropper.Gen]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found nothing
AVG 7.5.0.516/20080318 found [Dropper.Generic.WHV]
BitDefender 7.2/20080318 found nothing
CAT-QuickHeal 9.50/20080314 found [(Suspicious) - DNAScan]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found nothing
eSafe 7.0.15.0/20080309 found [Suspicious File]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found nothing
F-Secure 6.70.13260.0/20080318 found nothing
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Trojan-Clicker.Win32.Small.BG]
Kaspersky 7.0.0.125/20080318 found [Trojan-Clicker.Win32.Agent.wd]
McAfee 5253/20080317 found nothing
Microsoft 1.3301/20080318 found nothing
NOD32v2 2956/20080318 found nothing
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Suspicious file]
Prevx1 V2/20080318 found [E404Bho:Adware-a]
Rising 20.36.11.00/20080318 found nothing
Sophos 4.27.0/20080318 found [Mal/Generic-A]
Sunbelt 3.0.978.0/20080318 found nothing
Symantec 10/20080318 found nothing
TheHacker 6.2.92.248/20080317 found nothing
VBA32 3.12.6.3/20080317 found nothing
VirusBuster 4.3.26:9/20080317 found nothing
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Dropper.Gen]

[ notes ]
packers: embedded, PecBundle, PECompact
packers: PE_Patch.PECompact, PecBundle, PECompact, PE_Patch.PECompact, PecBundle, PECompact
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=3B89D88400329A8B4ECE00330 B164600CB55783D

[ file data ]
* name: avz00010.rar
* size: 12477
* md5.: ac601de0dd58a7e21b939bb30c0f0f36
* sha1: 7cac0d5048bd06bc6822b1d927164452d67d95c0
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [WORM/Zhelatin.Gen]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found nothing
AVG 7.5.0.516/20080318 found [I-Worm/Nuwar.N]
BitDefender 7.2/20080318 found [Trojan.Peed.JAL]
CAT-QuickHeal 9.50/20080314 found [Win32.Trojan-Downloader.Tibs.qt.4]
ClamAV 0.92.1/20080318 found [Trojan.Peed-154]
DrWeb 4.44.0.09170/20080318 found [Trojan.DownLoader.19256]
eSafe 7.0.15.0/20080309 found [Suspicious File]
eTrust-Vet 31.3.5621/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found [W32/Tibs.L.gen!Eldorado]
F-Secure 6.70.13260.0/20080318 found [Trojan-Downloader.Win32.Tibs.vz]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Trojan-Downloader.Win32.Tibs.vz]
Kaspersky 7.0.0.125/20080318 found [Trojan-Downloader.Win32.Tibs.vz]
McAfee 5253/20080317 found nothing
Microsoft 1.3301/20080318 found [Trojan:Win32/Tibs.FS]
NOD32v2 2956/20080318 found nothing
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Trj/Alanchum.XH]
Rising 20.36.11.00/20080318 found nothing
Sophos 4.27.0/20080318 found [Mal/EncPk-CS]
Sunbelt 3.0.978.0/20080318 found [Storm.Worm]
Symantec 10/20080318 found nothing
TheHacker 6.2.92.248/20080317 found [Trojan/Downloader.Tibs.vz]
VBA32 3.12.6.3/20080317 found [Trojan.Win32.Zhelatin]
VirusBuster 4.3.26:9/20080317 found [Trojan.Tibs.Gen!Pac.G]
Webwasher-Gateway 6.6.2/20080318 found [Worm.Zhelatin.Gen]

Добавлено через 2 часа 27 минут

И ещё

Complete scanning result of "avz00019.rar", processed in VirusTotal at 03/18/2008 13:50:21 (CET).

[ file data ]
* name: avz00019.rar
* size: 7888
* md5.: e4f5b71c1d3b6a60b3bce13fe5600614
* sha1: 6efb19c3eb1c4f61825267f2fd0d97ac7d550c26
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [WORM/Zhelatin.Gen]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found nothing
AVG 7.5.0.516/20080318 found [I-Worm/Nuwar.N]
BitDefender 7.2/20080318 found [Trojan.Peed.JBL]
CAT-QuickHeal 9.50/20080314 found [Win32.Email-Worm.Zhelatin.vy.4]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found [Trojan.Packed.375]
eSafe 7.0.15.0/20080309 found [Suspicious File]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found nothing
F-Prot 4.4.2.54/20080318 found [W32/Tibs.K.gen!Eldorado]
F-Secure 6.70.13260.0/20080318 found [Email-Worm.Win32.Zhelatin.vz]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found [W32/Tibs.VZ@mm]
Ikarus T3.1.1.20/20080318 found [Email-Worm.Win32.Zhelatin.vz]
Kaspersky 7.0.0.125/20080318 found [Email-Worm.Win32.Zhelatin.vz]
McAfee 5253/20080317 found nothing
Microsoft 1.3301/20080318 found [Trojan:Win32/Tibs.FT]
NOD32v2 2956/20080318 found [Win32/Nuwar.Gen]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found nothing
Prevx1 V2/20080318 found [Trojan.VXGAME]
Rising 20.36.11.00/20080318 found nothing
Sophos 4.27.0/20080318 found [Mal/TibsPk-A]
Sunbelt 3.0.978.0/20080318 found [Trojan.Vxgame.z]
Symantec 10/20080318 found nothing
TheHacker 6.2.92.248/20080317 found [W32/Zhelatin.vz]
VBA32 3.12.6.3/20080317 found [Email-Worm.Win32.Zhelatin.vz]
VirusBuster 4.3.26:9/20080317 found [Trojan.Tibs.Gen!Pac.G]
Webwasher-Gateway 6.6.2/20080318 found [Worm.Zhelatin.Gen]

[ notes ]
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=FC6B8267FC572072312D00829 B6F580043DBE32D

Complete scanning result of "avz00182.rar", processed in VirusTotal at 03/18/2008 13:39:32 (CET).

[ file data ]
* name: avz00182.rar
* size: 3138
* md5.: e43cedfda049055fe7c68fab4867b2ae
* sha1: e54903d251194fa330cf73ee09352bcc78fd90b2
* peid..: -

[ scan result ]
AhnLab-V3 2008.3.18.1/20080318 found nothing
AntiVir 7.6.0.73/20080318 found [TR/Dldr.Tiny.agx.2]
Authentium 4.93.8/20080318 found nothing
Avast 4.7.1098.0/20080318 found [Win32:Blindeye]
AVG 7.5.0.516/20080318 found [Downloader.Generic6.AMDQ]
BitDefender 7.2/20080318 found [Trojan.Downloader.Tipikit.E]
CAT-QuickHeal 9.50/20080314 found [TrojanDownloader.Winlagons.ak]
ClamAV 0.92.1/20080318 found nothing
DrWeb 4.44.0.09170/20080318 found [Trojan.DownLoader.origin]
eSafe 7.0.15.0/20080309 found [suspicious Trojan/Worm]
eTrust-Vet 31.3.5623/20080317 found nothing
Ewido 4.0/20080318 found [Downloader.Winlagons.ak]
F-Prot 4.4.2.54/20080318 found [W32/OnlineGames.W.gen!Eldorado]
F-Secure 6.70.13260.0/20080318 found [Trojan-Downloader.Win32.Winlagons.ak]
FileAdvisor 1/20080318 found nothing
Fortinet 3.14.0.0/20080317 found nothing
Ikarus T3.1.1.20/20080318 found [Virus.Win32.Blindeye]
Kaspersky 7.0.0.125/20080318 found [Trojan-Downloader.Win32.Winlagons.ak]
McAfee 5253/20080317 found [Downloader.gen.a]
Microsoft 1.3301/20080318 found nothing
NOD32v2 2956/20080318 found [a variant of Win32/TrojanDownloader.Tiny.NJ]
Norman 5.80.02/20080318 found nothing
Panda 9.0.0.4/20080317 found [Trj/Downloader.SXP]
Prevx1 V2/20080318 found [TROJAN.MKTROJAN.A]
Rising 20.36.11.00/20080318 found nothing
Sophos 4.27.0/20080318 found [Troj/Tipiki-Gen]
Sunbelt 3.0.978.0/20080318 found [VIPRE.Suspicious]
Symantec 10/20080318 found [Downloader]
TheHacker 6.2.92.248/20080317 found [Trojan/Downloader.Winlagons.ak]
VBA32 3.12.6.3/20080317 found [Trojan-Downloader.Win32.Winlagons.ak]
VirusBuster 4.3.26:9/20080317 found [Packed/FSG]
Webwasher-Gateway 6.6.2/20080318 found [Trojan.Dldr.Tiny.agx.2]

[ notes ]
packers: FSG
packers: FSG
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=CB262748E50A1E060CE500032 AF2DE00B79BCD14

Добавлено через 57 минут

Antivirus Version Last Update Result
AhnLab-V3 2008.3.18.1 2008.03.18 -
AntiVir 7.6.0.75 2008.03.18 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.03.18 -
Avast 4.7.1098.0 2008.03.18 -
AVG 7.5.0.516 2008.03.18 -
BitDefender 7.2 2008.03.18 MemScan:Trojan.Spy.Wsnpoem.AK
CAT-QuickHeal 9.50 2008.03.14 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.03.18 Trojan.Crypted-13
DrWeb 4.44.0.09170 2008.03.18 -
eSafe 7.0.15.0 2008.03.18 -
eTrust-Vet 31.3.5623 2008.03.17 -
Ewido 4.0 2008.03.18 -
F-Prot 4.4.2.54 2008.03.18 -
F-Secure 6.70.13260.0 2008.03.18 Trojan-Spy.Win32.Zbot.amj
FileAdvisor 1 2008.03.18 -
Fortinet 3.14.0.0 2008.03.17 -
Ikarus T3.1.1.20 2008.03.18 -
Kaspersky 7.0.0.125 2008.03.18 Trojan-Spy.Win32.Zbot.amj
McAfee 5254 2008.03.18 -
Microsoft 1.3301 2008.03.18 -
NOD32v2 2957 2008.03.18 -
Norman 5.80.02 2008.03.18 -
Panda 9.0.0.4 2008.03.17 -
Rising 20.36.12.00 2008.03.18 -
Sophos 4.27.0 2008.03.18 Mal/Zbot-A
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.18 Infostealer.Notos!gen
TheHacker 6.2.92.248 2008.03.17 -
VBA32 3.12.6.3 2008.03.17 Trojan-Spy.Win32.Bancos.aam
VirusBuster 4.3.26:9 2008.03.18 -
Webwasher-Gateway 6.6.2 2008.03.18 Trojan.Crypt.XPACK.Gen
Additional information
File size: 396548 bytes
MD5: 98c0f6602b85a9de339a4cfd7b256494
SHA1: e7aeefe603d05359c3497421acc83644557575ad
PEiD: -

Добавлено через 1 минуту

Antivirus Version Last Update Result
AhnLab-V3 2008.3.18.1 2008.03.18 -
AntiVir 7.6.0.75 2008.03.18 TR/Pakes.cif
Authentium 4.93.8 2008.03.18 -
Avast 4.7.1098.0 2008.03.18 -
AVG 7.5.0.516 2008.03.18 SHeur.AXVA
BitDefender 7.2 2008.03.18 Trojan.Srizbi.BP
CAT-QuickHeal 9.50 2008.03.14 Trojan.Pakes.cif
ClamAV 0.92.1 2008.03.18 -
DrWeb 4.44.0.09170 2008.03.18 Trojan.Sentinel
eSafe 7.0.15.0 2008.03.18 Win32.Pakes.cif
eTrust-Vet 31.3.5623 2008.03.17 -
Ewido 4.0 2008.03.18 -
F-Prot 4.4.2.54 2008.03.18 -
F-Secure 6.70.13260.0 2008.03.18 Trojan.Win32.Pakes.cif
FileAdvisor 1 2008.03.18 -
Fortinet 3.14.0.0 2008.03.17 W32/Pakes.CIF!tr
Ikarus T3.1.1.20 2008.03.18 Virus.Trojan.Win32.Pakes.cif
Kaspersky 7.0.0.125 2008.03.18 Trojan.Win32.Pakes.cif
McAfee 5254 2008.03.18 -
Microsoft 1.3301 2008.03.18 -
NOD32v2 2957 2008.03.18 -
Norman 5.80.02 2008.03.18 -
Panda 9.0.0.4 2008.03.17 -
Prevx1 V2 2008.03.18 Trojan.DoS.Win32.Opdos
Rising 20.36.12.00 2008.03.18 -
Sophos 4.27.0 2008.03.18 Mal/EncPk-CK
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.18 Trojan.Srizbi
TheHacker 6.2.92.248 2008.03.17 Trojan/Pakes.cif
VBA32 3.12.6.3 2008.03.17 Trojan.Win32.Pakes.cif
VirusBuster 4.3.26:9 2008.03.18 -
Webwasher-Gateway 6.6.2 2008.03.18 Trojan.Pakes.cif
Additional information
File size: 134511 bytes
MD5: 1de80de6156c7b23534182100538f909
SHA1: dba416dd67c4d8692dfe0ff78a354842df4be71b
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...6CC300AC9DABA2

Добавлено через 1 минуту

Antivirus Version Last Update Result
AhnLab-V3 2008.3.18.1 2008.03.18 -
AntiVir 7.6.0.75 2008.03.18 TR/Agent.hqy
Authentium 4.93.8 2008.03.18 -
Avast 4.7.1098.0 2008.03.18 -
AVG 7.5.0.516 2008.03.18 Agent.QWY
BitDefender 7.2 2008.03.18 Trojan.Agent.AHGT
CAT-QuickHeal 9.50 2008.03.14 -
ClamAV 0.92.1 2008.03.18 -
DrWeb 4.44.0.09170 2008.03.18 -
eSafe 7.0.15.0 2008.03.18 Win32.Agent.hqy
eTrust-Vet 31.3.5623 2008.03.17 -
Ewido 4.0 2008.03.18 -
F-Prot 4.4.2.54 2008.03.18 -
F-Secure 6.70.13260.0 2008.03.18 Trojan.Win32.Agent.hqy
FileAdvisor 1 2008.03.18 -
Fortinet 3.14.0.0 2008.03.17 W32/Agent.HQY!tr
Ikarus T3.1.1.20 2008.03.18 Virus.Trojan.Win32.Agent.hqy
Kaspersky 7.0.0.125 2008.03.18 Trojan.Win32.Agent.hqy
McAfee 5254 2008.03.18 -
Microsoft 1.3301 2008.03.18 Virus:Win32/Grum.G
NOD32v2 2957 2008.03.18 -
Norman 5.80.02 2008.03.18 -
Panda 9.0.0.4 2008.03.17 -
Prevx1 V2 2008.03.18 Generic.Malware
Rising 20.36.12.00 2008.03.18 -
Sophos 4.27.0 2008.03.18 Mal/Generic-A
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.18 -
TheHacker 6.2.92.248 2008.03.17 Trojan/Agent.hqy
VBA32 3.12.6.3 2008.03.17 Trojan.Win32.Agent.hqy
VirusBuster 4.3.26:9 2008.03.18 -
Webwasher-Gateway 6.6.2 2008.03.18 Trojan.Agent.hqy
Additional information
File size: 85201 bytes
MD5: 84f702e646f156dfa72693969854a2e6
SHA1: c701003ad2f6be1ff82520a0f76454389c50d96f
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...E96C0034848D54

**ialnik** · 19.03.2008, 21:38

Файл a3g3.bat-1 получен 2008.03.14 21:10:07 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.15.0 2008.03.14 Win-Trojan/MalPacked.Gen
AntiVir 7.6.0.73 2008.03.14 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.03.14 -
Avast 4.7.1098.0 2008.03.13 -
AVG 7.5.0.516 2008.03.14 PSW.OnlineGames.AGWA
BitDefender 7.2 2008.03.14 Packer.Malware.NSAnti.R
CAT-QuickHeal 9.50 2008.03.14 Win32.Packed.NSAnti.r
ClamAV 0.92.1 2008.03.14 -
DrWeb 4.44.0.09170 2008.03.14 Trojan.MulDrop.6474
eSafe 7.0.15.0 2008.03.09 Win32.OnLineGames.te
eTrust-Vet 31.3.5614 2008.03.14 -
Ewido 4.0 2008.03.14 -
FileAdvisor 1 2008.03.14 -
Fortinet 3.14.0.0 2008.03.14 LegMir.K!tr.pws
F-Prot 4.4.2.54 2008.03.13 -
F-Secure 6.70.13260.0 2008.03.14 Trojan-PSW.Win32.OnLineGames.teh
Ikarus T3.1.1.20 2008.03.14 Packer.Malware.NSAnti.R
Kaspersky 7.0.0.125 2008.03.14 Trojan-PSW.Win32.OnLineGames.teh
McAfee 5252 2008.03.14 PWS-LegMir.gen.k
Microsoft 1.3301 2008.03.14 VirTool:Win32/Obfuscator.T
NOD32v2 2948 2008.03.14 Win32/PSW.OnLineGames.NLI
Norman 5.80.02 2008.03.14 W32/NSAnti.GWN
Panda 9.0.0.4 2008.03.13 W32/Autorun.LD.worm
Prevx1 V2 2008.03.14 KAVKOP:Trojan-A
Rising 20.35.42.00 2008.03.14 Packer.Win32.Mian007.a
Sophos 4.27.0 2008.03.14 Mal/Behav-164
Sunbelt 3.0.963.0 2008.03.14 -
Symantec 10 2008.03.14 W32.Gammima.AG
TheHacker 6.2.92.245 2008.03.14 Trojan/OnlineGames.gen
VBA32 3.12.6.2 2008.03.13 Trojan-PSW.Win32.OnLineGames.teh
VirusBuster 4.3.26:9 2008.03.14 Trojan.Lineage.Gen!Pac.3
Webwasher-Gateway 6.6.2 2008.03.14 Trojan.Crypt.XPACK.Gen

Дополнительная информация
Tamano archivo: 107849 bytes
MD5: 023098022530c4fa3d7a96204e24b9ac
SHA1: 6b8af2c1dc60b06bdaaa48adc4e505595532311e
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...A3A7005BAE302E

**yu_mor** · 20.03.2008, 16:27

Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.20.2 2008.03.20 -
AntiVir 7.6.0.75 2008.03.20 -
Authentium 4.93.8 2008.03.20 -
Avast 4.7.1098.0 2008.03.20 -
AVG 7.5.0.516 2008.03.20 -
BitDefender 7.2 2008.03.20 -
CAT-QuickHeal 9.50 2008.03.20 -
ClamAV 0.92.1 2008.03.20 Trojan.Downloader-24586
DrWeb 4.44.0.09170 2008.03.20 Trojan.Packed.140
eSafe 7.0.15.0 2008.03.18 Suspicious File
eTrust-Vet 31.3.5629 2008.03.20 -
Ewido 4.0 2008.03.20 -
F-Prot 4.4.2.54 2008.03.19 -
F-Secure 6.70.13260.0 2008.03.20 Suspicious:W32/Malware!Gemini
FileAdvisor 1 2008.03.20 -
Fortinet 3.14.0.0 2008.03.20 -
Ikarus T3.1.1.20 2008.03.20 -
Kaspersky 7.0.0.125 2008.03.20 -
McAfee 5255 2008.03.20 -
Microsoft 1.3301 2008.03.20 -
NOD32v2 2963 2008.03.20 -
Norman 5.80.02 2008.03.20 -
Panda 9.0.0.4 2008.03.20 Suspicious file
Prevx1 V2 2008.03.20 Prevx Database Unreachable
Rising 20.36.32.00 2008.03.20 -
Sophos 4.27.0 2008.03.20 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.20 -
TheHacker 6.2.92.250 2008.03.19 -
VBA32 3.12.6.3 2008.03.17 -
VirusBuster 4.3.26:9 2008.03.19 -
Webwasher-Gateway 6.6.2 2008.03.20 Win32.Malware.gen (suspicious)
Дополнительная информация
File size: 34210 bytes
MD5: ee046d391d121f4759c0742fe7f6a521
SHA1: 05d063e02f25c6c681d86f5ebf634e74b85ddfe1
PEiD: -
packers: PE_Patch

**Numb** · 21.03.2008, 17:35

Из темы http://virusinfo.info/showthread.php?t=20241
оригинальное имя - %userprofile%\Local Settings\Temp\sv32_4.exe

Код:

Файл avz00001.dta получен 2008.03.21 15:16:46 (CET)

Антивирус	Версия	Обновление	Результат
AhnLab-V3	2008.3.20.2	2008.03.21	Win-Trojan/Agent.506952
AntiVir	7.6.0.75	2008.03.20	TR/Dldr.Logsnif.1
Authentium	4.93.8	2008.03.20	-
Avast	4.7.1098.0	2008.03.21	Win32:BZub-KY
AVG	7.5.0.516	2008.03.21	-
BitDefender	7.2	2008.03.21	-
CAT-QuickHeal	9.50	2008.03.20	TrojanProxy.Small.it
ClamAV	0.92.1	2008.03.21	PUA.Packed.UPack-2
DrWeb	4.44.0.09170	2008.03.21	-
eSafe	7.0.15.0	2008.03.18	Suspicious File
eTrust-Vet	31.3.5631	2008.03.21	-
Ewido	4.0	2008.03.21	-
F-Prot	4.4.2.54	2008.03.20	W32/Heuristic-162!Eldorado
F-Secure	6.70.13260.0	2008.03.21	Suspicious:W32/Malware!Gemini
FileAdvisor	1	2008.03.21	-
Fortinet	3.14.0.0	2008.03.21	-
Ikarus	T3.1.1.20	2008.03.21	MalwareScope.Trojan-Spy.BZub.2
Kaspersky	7.0.0.125	2008.03.21	-
McAfee	5256	2008.03.20	Proxy-Agent.ai
Microsoft	1.3301	2008.03.21	Trojan:Win32/Dopip.A
NOD32v2	2966	2008.03.21	-
Norman	5.80.02	2008.03.20	W32/Suspicious_U.gen
Panda	9.0.0.4	2008.03.20	-
Prevx1	V2	2008.03.21	-
Rising	20.36.42.00	2008.03.21	-
Sophos	4.27.0	2008.03.21	Mal/Packer
Sunbelt	3.0.978.0	2008.03.18	VIPRE.Suspicious
Symantec	10	2008.03.21	-
TheHacker	6.2.92.250	2008.03.19	W32/Behav-Heuristic-060
VBA32	3.12.6.3	2008.03.21	MalwareScope.Trojan-Spy.BZub.2
VirusBuster	4.3.26:9	2008.03.20	Packed/Upack
Webwasher-Gateway	6.6.2	2008.03.21	Trojan.Dldr.Logsnif.1
Дополнительная информация
File size: 509728 bytes
MD5: 07f51b0f791844c530e34587c24810ac
SHA1: a815cd0859ed4a3e49988dfc9b41d6e650a016ae
PEiD: -
packers: UPack
packers: PE_Patch, UPack

**ISO** · 22.03.2008, 19:15

Очередной "патч" icq.
File Patch_1.0.34.2.exe received on 03.22.2008 17:01:22 (CET)
Current status: finished
Result: 8/32 (25%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2008.3.22.1 2008.03.21 -
AntiVir 7.6.0.75 2008.03.21 HEUR/Crypted
Authentium 4.93.8 2008.03.22 -
Avast 4.7.1098.0 2008.03.22 -
AVG 7.5.0.516 2008.03.21 -
BitDefender 7.2 2008.03.22 Trojan.PWS.Agent.SBY
CAT-QuickHeal 9.50 2008.03.21 -
ClamAV None 2008.03.22 -
DrWeb 4.44.0.09170 2008.03.22 Trojan.PWS.LDPinch.1941
eSafe 7.0.15.0 2008.03.18 -
eTrust-Vet 31.3.5633 2008.03.21 -
Ewido 4.0 2008.03.22 -
F-Prot 4.4.2.54 2008.03.22 -
F-Secure 6.70.13260.0 2008.03.21 Suspicious:W32/Malware!Gemini
FileAdvisor 1 2008.03.22 -
Fortinet 3.14.0.0 2008.03.21 -
Ikarus T3.1.1.20 2008.03.22 -
Kaspersky 7.0.0.125 2008.03.22 Trojan-PSW.Win32.LdPinch.ghw
McAfee 5257 2008.03.21 -
Microsoft 1.3301 2008.03.22 -
NOD32v2 2967 2008.03.21 -
Norman 5.80.02 2008.03.20 -
Panda 9.0.0.4 2008.03.22 -
Prevx1 V2 2008.03.22 Heuristic: Suspicious Self Modifying File
Rising 20.36.42.00 2008.03.21 -
Sophos 4.27.0 2008.03.22 Mal/Basine-C
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.22 -
TheHacker 6.2.92.250 2008.03.19 -
VBA32 3.12.6.3 2008.03.21 -
VirusBuster 4.3.26:9 2008.03.21 -
Webwasher-Gateway 6.6.2 2008.03.22 Heuristic.Crypted
Additional information
File size: 53248 bytes
MD5: 2b6e216358d18d8f6d1656624375ecc9
SHA1: 4afaf0a4ddbe1547714c61afdc2d7b75b3f83259
PEiD: -
Prevx info: http://info.prevx.com/aboutprogramte...B18800A04CE3B1

**Kuzz** · 23.03.2008, 18:48

Код:

Антивирус 	Версия 	Обновление 	Результат
AhnLab-V3 	2008.3.22.1 	2008.03.21 	-
AntiVir 	7.6.0.75 	2008.03.22 	-
Authentium 	4.93.8 	2008.03.22 	-
Avast 	4.7.1098.0 	2008.03.22 	-
AVG 	7.5.0.516 	2008.03.22 	-
BitDefender 	7.2 	2008.03.22 	-
CAT-QuickHeal 	9.50 	2008.03.21 	-
ClamAV 	0.92.1 	2008.03.22 	-
DrWeb 	4.44.0.09170 	2008.03.22 	-
eSafe 	7.0.15.0 	2008.03.18 	-
eTrust-Vet 	31.3.5633 	2008.03.21 	-
Ewido 	4.0 	2008.03.22 	-
FileAdvisor 	1 	2008.03.22 	-
Fortinet 	3.14.0.0 	2008.03.22 	-
F-Prot 	4.4.2.54 	2008.03.22 	-
F-Secure 	6.70.13260.0 	2008.03.21 	-
Ikarus 	T3.1.1.20 	2008.03.22 	-
Kaspersky 	7.0.0.125 	2008.03.22 	-
McAfee 	5257 	2008.03.21 	-
Microsoft 	1.3301 	2008.03.22 	-
NOD32v2 	2967 	2008.03.21 	-
Norman 	5.80.02 	2008.03.20 	-
Panda 	9.0.0.4 	2008.03.22 	-
Prevx1 	V2 	2008.03.22 	-
Rising 	20.36.60.00 	2008.03.22 	-
Sophos 	4.27.0 	2008.03.22 	Mal/VB-F
Sunbelt 	3.0.978.0 	2008.03.18 	-
Symantec 	10 	2008.03.22 	-
TheHacker 	6.2.92.252 	2008.03.22 	-
VBA32 	3.12.6.3 	2008.03.21 	-
VirusBuster 	4.3.26:9 	2008.03.22 	-
Webwasher-Gateway 	6.6.2 	2008.03.22 	-

Дополнительная информация
File size: 86016 bytes
MD5: 5f6f25ea590825bebf0c8ef36a5667c7
SHA1: 584e17e56f917419fd6524b07f64ea3be3b00baf
PEiD: -

ЗЫ. 22.03.2008 (в тот-же день) мне ответили:
Kaspersky 7.0.0.125 2008.03.23 Trojan.Win32.VB.cjs

**drongo** · 23.03.2008, 19:09

T=20311

Код:

Файл avz00002.dta получен 2008.03.23 16:46:46 (CET)
Антивирус	Версия	Обновление	Результат
AhnLab-V3	2008.3.22.1	2008.03.21	-
AntiVir	7.6.0.75	2008.03.22	TR/Dldr.Swizzor.Gen
Authentium	4.93.8	2008.03.22	Possibly a new variant of W32/Swizzor-based!Maximus
Avast	4.7.1098.0	2008.03.23	-
AVG	7.5.0.516	2008.03.22	Downloader.Swizzor
BitDefender	7.2	2008.03.23	-
CAT-QuickHeal	9.50	2008.03.21	-
ClamAV	0.92.1	2008.03.23	-
DrWeb	4.44.0.09170	2008.03.23	-
eSafe	7.0.15.0	2008.03.18	-
eTrust-Vet	31.3.5633	2008.03.21	-
Ewido	4.0	2008.03.23	-
F-Prot	4.4.2.54	2008.03.22	W32/Swizzor-based!Maximus
F-Secure	6.70.13260.0	2008.03.21	-
FileAdvisor	1	2008.03.23	-
Fortinet	3.14.0.0	2008.03.23	-
Ikarus	T3.1.1.20	2008.03.23	-
Kaspersky	7.0.0.125	2008.03.23	-
McAfee	5257	2008.03.21	-
Microsoft	1.3301	2008.03.23	-
NOD32v2	2967	2008.03.21	-
Norman	5.80.02	2008.03.20	-
Panda	9.0.0.4	2008.03.23	Suspicious file
Prevx1	V2	2008.03.23	-
Rising	20.36.62.00	2008.03.23	-
Sophos	4.27.0	2008.03.23	Mal/Swizzor-C
Sunbelt	3.0.978.0	2008.03.18	-
Symantec	10	2008.03.23	-
TheHacker	6.2.92.252	2008.03.22	-
VBA32	3.12.6.3	2008.03.21	-
VirusBuster	4.3.26:9	2008.03.22	-
Webwasher-Gateway	6.6.2	2008.03.23	Trojan.Dldr.Swizzor.Gen
Дополнительная информация
File size: 249344 bytes
MD5: 1fbc511d0e0fca1f6202b0d6052965d2
SHA1: 5902b9921ad2698d3e8ea4f11a71072e8df43f39
PEiD: Armadillo v1.71

**Kuzz** · 27.03.2008, 19:42

Код:

Антивирус  	Версия  	Обновление  	Результат
AhnLab-V3	2008.3.26.0	2008.03.27	-
AntiVir	7.6.0.75	2008.03.27	-
Authentium	4.93.8	2008.03.27	-
Avast	4.7.1098.0	2008.03.27	-
AVG	7.5.0.516	2008.03.27	Downloader.Zlob.12.P
BitDefender	7.2	2008.03.27	-
CAT-QuickHeal	9.50	2008.03.26	-
ClamAV	0.92.1	2008.03.27	Trojan.Dropper-2529
DrWeb	4.44.0.09170	2008.03.27	-
eSafe	7.0.15.0	2008.03.18	-
eTrust-Vet	31.3.5648	2008.03.27	-
Ewido	4.0	2008.03.27	-
F-Prot	4.4.2.54	2008.03.27	-
F-Secure	6.70.13260.0	2008.03.27	-
FileAdvisor	1	2008.03.27	-
Fortinet	3.14.0.0	2008.03.27	-
Ikarus	T3.1.1.20	2008.03.27	-
Kaspersky	7.0.0.125	2008.03.27	-
McAfee	5260	2008.03.26	-
Microsoft	1.3301	2008.03.27	-
NOD32v2	2978	2008.03.27	Win32/TrojanDownloader.Zlob.BSK
Norman	5.80.02	2008.03.26	-
Panda	9.0.0.4	2008.03.26	-
Prevx1	V2	2008.03.27	-
Rising	20.37.32.00	2008.03.27	-
Sophos	4.27.0	2008.03.27	-
Sunbelt	3.0.978.0	2008.03.18	-
Symantec	10	2008.03.27	-
TheHacker	6.2.92.256	2008.03.27	-
VBA32	3.12.6.3	2008.03.25	suspected of Downloader.Zlob.3
VirusBuster	4.3.26:9	2008.03.27	-
Webwasher-Gateway	6.6.2	2008.03.27	-
Дополнительная информация
File size: 79105 bytes
MD5: 1be640dd5ef61c26011f1cfe70789ad0
SHA1: cc5df9085fae1b4b7a6513043accdbe85bc783d7
PEiD: -

Код:

Антивирус  	Версия  	Обновление  	Результат
AhnLab-V3	2008.3.26.0	2008.03.27	-
AntiVir	7.6.0.75	2008.03.27	DR/Delphi.Gen
Authentium	4.93.8	2008.03.27	W32/Dropper.LAZ
Avast	4.7.1098.0	2008.03.27	-
AVG	7.5.0.516	2008.03.27	Dropper.Delf.5.AN
BitDefender	7.2	2008.03.27	Trojan.Delf.Inject.H
CAT-QuickHeal	9.50	2008.03.26	-
ClamAV	0.92.1	2008.03.27	-
DrWeb	4.44.0.09170	2008.03.27	-
eSafe	7.0.15.0	2008.03.18	-
eTrust-Vet	31.3.5648	2008.03.27	-
Ewido	4.0	2008.03.27	-
F-Prot	4.4.2.54	2008.03.27	W32/Trojan2.AFNQ
F-Secure	6.70.13260.0	2008.03.27	Smalldrp.gen4
FileAdvisor	1	2008.03.27	-
Fortinet	3.14.0.0	2008.03.27	Dropper.AV!tr
Ikarus	T3.1.1.20	2008.03.27	Virus.Win32.Zapchast.DA
Kaspersky	7.0.0.125	2008.03.27	Trojan-Downloader.Win32.Injecter.kc
McAfee	5260	2008.03.26	Generic Dropper.av
Microsoft	1.3301	2008.03.27	-
NOD32v2	2978	2008.03.27	Win32/TrojanDownloader.Small.OAY
Norman	5.80.02	2008.03.26	Smalldrp.gen4
Panda	9.0.0.4	2008.03.26	-
Prevx1	V2	2008.03.27	-
Rising	20.37.32.00	2008.03.27	Trojan.DL.Win32.Agent.bxw
Sophos	4.27.0	2008.03.27	Mal/Dropper-T
Sunbelt	3.0.978.0	2008.03.18	-
Symantec	10	2008.03.27	-
TheHacker	6.2.92.256	2008.03.27	-
VBA32	3.12.6.3	2008.03.25	-
VirusBuster	4.3.26:9	2008.03.27	-
Webwasher-Gateway	6.6.2	2008.03.27	Trojan.Dropper.Delphi.Gen
Дополнительная информация
File size: 24064 bytes
MD5: 252d25ff311d0f45c3d07ab16d4516bc
SHA1: f75556e3e74ed49927dcd58d97c4791a3b302220
PEiD: -

**Karlson** · 27.03.2008, 20:02

Файл sv32_1.exe получен 2008.03.27 15:49:55 (CET)
Текущий статус: закончено

Результат: 6/32 (18.75%)

Код:

АнтивирусВерсияОбновлениеРезультат
AhnLab-V32008.3.26.02008.03.27-
AntiVir7.6.0.752008.03.27TR/Drop.Agent.kla
Authentium4.93.82008.03.27-
Avast4.7.1098.02008.03.26-
AVG7.5.0.5162008.03.27SHeur.AWTZ
BitDefender7.22008.03.27-
CAT-QuickHeal9.502008.03.26(Suspicious) - DNAScan
ClamAV0.92.12008.03.27-
DrWeb4.44.0.091702008.03.27-
eSafe7.0.15.02008.03.18Suspicious File
eTrust-Vet31.3.56482008.03.27-
Ewido4.02008.03.27-
F-Prot4.4.2.542008.03.27-
F-Secure6.70.13260.02008.03.27-
FileAdvisor12008.03.27-
Fortinet3.14.0.02008.03.27-
IkarusT3.1.1.202008.03.27-
Kaspersky7.0.0.1252008.03.27-
McAfee52602008.03.26-
Microsoft1.33012008.03.27-
NOD32v229782008.03.27-
Norman5.80.022008.03.26-
Panda9.0.0.42008.03.26-
Prevx1V22008.03.27-
Rising20.37.32.002008.03.27-
Sophos4.27.02008.03.27Mal/EncPk-CK
Sunbelt3.0.978.02008.03.18-
Symantec102008.03.27-
TheHacker6.2.92.2562008.03.27-
VBA323.12.6.32008.03.25-
VirusBuster4.3.26:92008.03.26-
Webwasher-Gateway6.6.22008.03.27Trojan.Drop.Agent.kla

Дополнительная информация

File size: 147456 bytes
MD5: c0893091514363d0fb03550eb2931ff8
SHA1: 5a3ed6420489687b8d65e3c27336bd34f76cb7f7
PEiD: -

**Биомеханик** · 27.03.2008, 22:06

AhnLab-V3 2008.3.26.0 2008.03.27 -
AntiVir 7.6.0.75 2008.03.27 PCK/UPACK
Authentium 4.93.8 2008.03.27 -
Avast 4.7.1098.0 2008.03.27 -
AVG 7.5.0.516 2008.03.27 -
BitDefender 7.2 2008.03.27 MemScan:Trojan.PWS.LDPinch.TJR
CAT-QuickHeal 9.50 2008.03.26 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.03.27 PUA.Packed.UPack-2
DrWeb 4.44.0.09170 2008.03.27 -
eSafe 7.0.15.0 2008.03.18 Suspicious File
eTrust-Vet 31.3.5648 2008.03.27 -
Ewido 4.0 2008.03.27 -
FileAdvisor 1 2008.03.27 -
Fortinet 3.14.0.0 2008.03.27 -
F-Prot 4.4.2.54 2008.03.27 W32/Heuristic-162!Eldorado
F-Secure 6.70.13260.0 2008.03.27 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.03.27 -
Kaspersky 7.0.0.125 2008.03.27 -
McAfee 5261 2008.03.27 New Malware.aj
Microsoft 1.3301 2008.03.27 Trojan:Win32/Alureon.gen!H
NOD32v2 2979 2008.03.27 -
Norman 5.80.02 2008.03.26 W32/Suspicious_U.gen
Panda 9.0.0.4 2008.03.26 Suspicious file
Prevx1 V2 2008.03.27 -
Rising 20.37.32.00 2008.03.27 -
Sophos 4.27.0 2008.03.27 Mal/Packer
Sunbelt 3.0.978.0 2008.03.18 VIPRE.Suspicious
Symantec 10 2008.03.27 -
TheHacker 6.2.92.256 2008.03.27 W32/Behav-Heuristic-060
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.03.27 Packed/Upack
Webwasher-Gateway 6.6.2 2008.03.27 Packer.UPACK
Additional information
File size: 100000 bytes
MD5: cd7b6d2574dbca18c7b383c820dcf947
SHA1: 1df2ebc3b70660f1ef531f1883d6582c38ad6798
PEiD: Upack V0.37 -> Dwing
packers: UPack
packers: PE_Patch, UPack

Antivirus Version Last Update Result
AhnLab-V3 2008.3.26.0 2008.03.27 -
AntiVir 7.6.0.75 2008.03.27 -
Authentium 4.93.8 2008.03.27 -
Avast 4.7.1098.0 2008.03.27 Win32:Vasor
AVG 7.5.0.516 2008.03.27 Worm/Vasor
BitDefender 7.2 2008.03.27 Win32.Worm.Vasor.C
CAT-QuickHeal 9.50 2008.03.26 -
ClamAV 0.92.1 2008.03.27 W32.Vasor
DrWeb 4.44.0.09170 2008.03.27 Win32.Jakky
eSafe 7.0.15.0 2008.03.18 -
eTrust-Vet 31.3.5648 2008.03.27 -
Ewido 4.0 2008.03.27 -
F-Prot 4.4.2.54 2008.03.27 -
F-Secure 6.70.13260.0 2008.03.27 -
FileAdvisor 1 2008.03.27 -
Fortinet 3.14.0.0 2008.03.27 -
Ikarus T3.1.1.20 2008.03.27 -
Kaspersky 7.0.0.125 2008.03.27 -
McAfee 5261 2008.03.27 -
Microsoft 1.3301 2008.03.27 -
NOD32v2 2979 2008.03.27 -
Norman 5.80.02 2008.03.26 -
Panda 9.0.0.4 2008.03.26 -
Prevx1 V2 2008.03.27 -
Rising 20.37.32.00 2008.03.27 -
Sophos 4.27.0 2008.03.27 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.27 -
TheHacker 6.2.92.256 2008.03.27 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.03.27 -
Webwasher-Gateway 6.6.2 2008.03.27 -

**Shu_b** · 31.03.2008, 12:39

Подобьём март.

**Surfer** · 31.03.2008, 17:10

File video.exe received on 03.31.2008 14:55:32 (CET)

Result: 13/31 (41.94%)

AhnLab-V3 2008.3.29.0 2008.03.31 Win-Trojan/Downloader.62976.L
AntiVir 7.6.0.78 2008.03.31 -
Authentium 4.93.8 2008.03.30 -
Avast 4.7.1098.0 2008.03.30 -
AVG 7.5.0.516 2008.03.31 Agent.RLT
BitDefender 7.2 2008.03.31 Trojan.Downloader.JJSB
CAT-QuickHeal 9.50 2008.03.28 -
ClamAV 0.92.1 2008.03.31 Trojan.Downloader-27278
DrWeb 4.44.0.09170 2008.03.31 Trojan.DownLoader.50204
eSafe 7.0.15.0 2008.03.30 Suspicious File
eTrust-Vet 31.3.5658 2008.03.31 Win32/Collet.Z
Ewido 4.0 2008.03.31 -
F-Prot 4.4.2.54 2008.03.30 -
F-Secure 6.70.13260.0 2008.03.31 Suspicious:W32/Malware!Gemini
FileAdvisor 1 2008.03.31 -
Fortinet 3.14.0.0 2008.03.31 W32/PolyZlob!tr.dldr
Ikarus T3.1.1.20 2008.03.31 -
Kaspersky 7.0.0.125 2008.03.31 -
McAfee 5262 2008.03.28 -
Microsoft 1.3301 2008.03.31 TrojanDownloader:Win32/Cbeplay.B
NOD32v2 2986 2008.03.31 Win32/Agent.ETH
Norman 5.80.02 2008.03.28 -
Panda 9.0.0.4 2008.03.31 -
Rising 20.38.01.00 2008.03.31 -
Sophos 4.28.0 2008.03.31 Troj/Tibs-UE
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.31 -
TheHacker 6.2.92.259 2008.03.30 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.03.31 Trojan.DL.Zlob.Gen!Pac.46
Webwasher-Gateway 6.6.2 2008.03.31 -

http://www.virustotal.com/analisis/6...9ebc803dbad254

Опять кто-то выпал, не могу понять кто =)

**Shu_b** · 03.04.2008, 09:07

Добавляю график по итогам первого квартала года:

**maXmo** · 03.04.2008, 12:28

воевал сегодня вот с этим товарищем; свой файл лочит, зараза.
http://www.virustotal.com/analisis/c...f8a84703122a0b
File ntos.exe received on 04.03.2008 10:16:05 (CET)
Result: 7/32 (21.88%)

AhnLab-V3 2008.4.1.2 2008.04.03 -
AntiVir 7.6.0.80 2008.04.03 TR/Drop.Small.bgy
Authentium 4.93.8 2008.04.03 -
Avast 4.7.1098.0 2008.04.02 -
AVG 7.5.0.516 2008.04.02 Generic10.BUS
BitDefender 7.2 2008.04.03 -
CAT-QuickHeal 9.50 2008.04.02 -
ClamAV 0.92.1 2008.04.02 -
DrWeb 4.44.0.09170 2008.04.03 -
eSafe 7.0.15.0 2008.04.01 -
eTrust-Vet 31.3.5666 2008.04.02 -
Ewido 4.0 2008.04.02 -
F-Prot 4.4.2.54 2008.04.02 -
F-Secure 6.70.13260.0 2008.04.03 Suspicious:W32/Malware!Gemini
FileAdvisor 1 2008.04.03 -
Fortinet 3.14.0.0 2008.04.03 -
Ikarus T3.1.1.20 2008.04.03 Trojan-Spy.Win32.Zbot.aft
Kaspersky 7.0.0.125 2008.04.03 -
McAfee 5265 2008.04.02 -
Microsoft 1.3408 2008.04.03 -
NOD32v2 2996 2008.04.03 -
Norman 5.80.02 2008.04.02 W32/Smalltroj.CTZB
Panda 9.0.0.4 2008.04.02 Trj/Sinowal.ABN
Prevx1 V2 2008.04.03 -
Rising 20.38.22.00 2008.04.02 -
Sophos 4.28.0 2008.04.03 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.04.03 -
TheHacker 6.2.92.263 2008.04.03 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.04.02 -
Webwasher-Gateway 6.6.2 2008.04.03 Trojan.Drop.Small.bgy

Additional information
File size: 409600 bytes
MD5: bbf52692e3a8240db57dbf27f69d0672
SHA1: 7bf013472655edd22b4099f27394301e7a6b1667

**DoSTR** · 04.04.2008, 06:27

t=21000
C:\WINDOWS\system32\drivers\oreans32.sys
(Добавлено: ЛК сказала, ничего вредоносного не обнаружено, т.е. ложняк.
Dr.Web: Это был не вирус. Присланный Вами файл является драйвером упаковщика Themida)

Файл oreans32.sys получен 2008.04.04 04:09:23 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2008.4.3.3 2008.04.03 -
AntiVir 7.6.0.80 2008.04.03 -
Authentium 4.93.8 2008.04.03 W32/Sdbot.AEFT
Avast 4.7.1098.0 2008.04.04 -
AVG 7.5.0.516 2008.04.04 -
BitDefender 7.2 2008.04.04 -
CAT-QuickHeal 9.50 2008.04.02 Rootkit.Agent.ad
ClamAV 0.92.1 2008.04.04 -
DrWeb 4.44.0.09170 2008.04.03 -
eSafe 7.0.15.0 2008.04.01 -
eTrust-Vet 31.3.5669 2008.04.03 -
Ewido 4.0 2008.04.03 -
F-Prot 4.4.2.54 2008.04.03 W32/Sdbot.AEFT
F-Secure 6.70.13260.0 2008.04.04 -
FileAdvisor 1 2008.04.04 -
Fortinet 3.14.0.0 2008.04.03 -
Ikarus T3.1.1.20 2008.04.04 -
Kaspersky 7.0.0.125 2008.04.04 -
McAfee 5266 2008.04.03 -
Microsoft 1.3408 2008.04.03 -
NOD32v2 3001 2008.04.04 -
Norman 5.80.02 2008.04.03 -
Panda 9.0.0.4 2008.04.04 -
Prevx1 V2 2008.04.04 -
Rising 20.38.60.00 2008.04.03 -
Sophos 4.28.0 2008.04.04 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.04.04 -
TheHacker 6.2.92.264 2008.04.04 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.04.03 -
Webwasher-Gateway 6.6.2 2008.04.03 -
Дополнительная информация
File size: 33952 bytes
MD5: aad837bf3b475092fd515cd0842334e9
SHA1: 2f845acac30e40d5aea3ccf8d02f5226089366a5
PEiD: -

Исследование антивирусов 6

Опции темы

Похожие темы

Исследование антивирусов 7

Исследование антивирусов 5

Исследование антивирусов 4

Исследование антивирусов 3

Исследование антивирусов 2

Ваши права в разделе