Исследование антивирусов 7

**valho** · 07.08.2009, 03:40

File 2b04b15c6dc0c9edef7465ed1bf017e1. received on 2009.08.06 23:27:21 (UTC)
Current status: finished
Result: 1/41 (2.44%)

a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 13248 bytes
MD5...: ea0f2de6ce677356786b3a67cb2596a9
SHA1..: 9e6c4a136c0eb9baebb52e55503a333af899a456
SHA256: 95401cfba6b4c34d077d3b8d90ff651f3f7a2b76a09bd5b033 37f66654243379
ssdeep: 192:ojs8orZws8oZs8oXs8orL7qWdrkjXE/p4b0jxQ8Oe8DKpHpeMlbaKWoC2Z:o
jYuYZYXYruE/iAje8Oe8DoIszWoHZ
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

File ajfv8x0.gif received on 2009.08.06 23:27:33 (UTC)
Current status: finished
Result: 10/41 (24.4%)

a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.JS.Small!IK
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 Trojan/JS.Agent
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 JS:Redirector-N
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 Trojan.Downloader.JS.Small.NBJ
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 Trojan-Downloader.JS.Agent.ehp
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 Trojan.Downloader.JS.Small.NBJ
Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.JS.Small
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 Trojan-Downloader.JS.Agent.ehp
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 -
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 Mal/JSRedir-A
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 JS_AGENT.AYCL
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 935 bytes
MD5...: d99614b0195a1e3491090d66ea6a6a20
SHA1..: 1224e11dfc4f88a71111605f1d2386df252bb8ee
SHA256: f3effcf48ba88e820ee32682a1fd346e8512b77977064561a8 4c0bb2c757e5cd
ssdeep: 24:xQdgdz/FsjtsbJYgIdrLujRRq62fmFn6RxNRQ5f:tt2tsbJudrLujRR0f en6b
Nmp
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

File allgood.html received on 2009.08.06 23:27:39 (UTC)
Current status: finished
Result: 1/41 (2.44%)

a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 1881 bytes
MD5...: a4be19704907b0c1c733697eb0553016
SHA1..: d57376f8a1110ab96a6e903341a82fff9f00bc8c
SHA256: d72cc17350fe4c78b37dfeb02b30ea39a22e6a3e505429ccff 435fc6fc549d97
ssdeep: 24:Wug+5+VXnI2879tLyIlfFu+8MRFnGplUl81qJjPGDbHpWFn GplUl81qJjPGhy
9sH:Ng+5WT8/RJFGpWu0RuXQFGpWu0RuVgLi
PEiD..: -
TrID..: File type identification
HyperText Markup Language with DOCTYPE (80.6%)
HyperText Markup Language (19.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

File conf.php received on 2009.08.06 23:27:44 (UTC)
Current status: finished
Result: 1/41 (2.44%)

a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.D
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 14305 bytes
MD5...: 139f99f9b013e39a0d58d073ffb138df
SHA1..: a3d140357b66fe49be8088b47dde917752dc7fed
SHA256: d1c1dfa510a42d745137e27641eb3558edfaf741f7a8f8434d b44c848d5c6b6d
ssdeep: 192://RIcQYaPAc4G8ycHmFHZjPg0H7QHYJHelEHDHMYcm0rexpHbgtT 9K911ZxF
AwOR:+xocf8yfDj4J5KvCns1PLjMmySWdOwFR
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Добавлено через 14 минут

File 12345 received on 2009.08.06 23:42:55 (UTC)
Current status: finished
Result: 7/41 (17.08%)

a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 HTML/Infected.WebPage.Gen
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 Trojan.JS.IFrame.ACM
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 JS.Agent.jy
eTrust-Vet 31.6.6662 2009.08.06 JS/Psyme!generic
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 Trojan.JS.IFrame.ACM
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.Script.Infected.WebPage
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 Mal_Hifrm-2
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 3576 bytes
MD5...: fd392a21cf8fa9ed0ebbd5a1780394ef
SHA1..: 7f1eda3a1d5e7ee511ec0d12583ce486eaf18cb9
SHA256: 29ad52546255df0264f9697470de50bdb81ee5d9b5f41e2f4b 93aef8009f15b5
ssdeep: 96:TsjE0GkRv1DMrA1B//Bu/tSJCmWVj7kI4:TPw4xma8
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

File 54321 received on 2009.08.06 23:43:02 (UTC)
Current status: finished
Result: 22/41 (53.66%)

a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.JS.Psyme!IK
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 HTML:IFrame-BN
AVG 8.5.0.406 2009.08.06 HTML/Framer
BitDefender 7.2 2009.08.07 Trojan.JS.IFrame.ACM
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 Trojan.Click.21021
eSafe 7.0.17.0 2009.08.06 JS.Agent.jy
eTrust-Vet 31.6.6662 2009.08.06 JS/Psyme!generic
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 Trojan-Clicker.HTML.IFrame.ey
Fortinet 3.120.0.0 2009.08.06 JS/PackObfuscated.B
GData 19 2009.08.07 Trojan.JS.IFrame.ACM
Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.JS.Psyme
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 Trojan-Clicker.HTML.IFrame.ey
McAfee 5700 2009.08.06 JS/Downloader.gen
McAfee+Artemis 5700 2009.08.06 JS/Downloader.gen
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A
Microsoft 1.4903 2009.08.06 TrojanDownloader:JS/Psyme.gen
NOD32 4313 2009.08.06 HTML/TrojanClicker.Iframe.GT.gen
Norman 6.01.09 2009.08.06 JS/Psyme.AE
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 Mal/ObfJS-AB
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 Downloader
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 Mal_Hifrm-2
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 4869 bytes
MD5...: 1d937f1928fd7baa18ed30945411c7d7
SHA1..: 63b27b4ecade032625c0dba3719e51d14c8258d7
SHA256: ec65f4c6875add70548464d1e15a1e4721617fd6ced4609cbe 21ffe581251082
ssdeep: 96:62XlGH9VXADsKtoBf1q3qSxTwo85QSBOpxoRvPArh5ItUV4 CPwUo9KjM28nG6
4Cs:9XlGdVw1tqf1q3qSxTw3OpxoRgrh5CCD
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

File test.html received on 2009.08.06 23:43:09 (UTC)
Current status: finished
Result: 2/41 (4.88%)

a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 JS/Dldr.Agent.njv
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 3138 bytes
MD5...: 9f67e572e494317269489ce607a4e064
SHA1..: befc2278ab801f562e14e0739834a07091571e9a
SHA256: 494f44e540afee905d4fb7721f9002e23c1984e2075fef8cfc 107f68a2775b5a
ssdeep: 48:09WdkX3R1sBqhMkSyNAdIcG6WF6WDyO3xyL3jBXItSnSlya 6L:4+O3/q1te6W
F6W+O3xyBXItSnSlya6L
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**Shu_b** · 07.08.2009, 16:00

File avz00006.dta received on 2009.08.07 11:04:57 (UTC)

Код:

Antivirus	Version	Last Update	Result
a-squared	4.5.0.24	2009.08.07	-
AhnLab-V3	5.0.0.2	2009.08.07	-
AntiVir	7.9.0.246	2009.08.07	-
Antiy-AVL	2.0.3.7	2009.08.07	-
Authentium	5.1.2.4	2009.08.07	-
Avast	4.8.1335.0	2009.08.06	-
AVG	8.5.0.406	2009.08.07	-
BitDefender	7.2	2009.08.07	-
CAT-QuickHeal	10.00	2009.08.07	-
ClamAV	0.94.1	2009.08.07	-
Comodo	1896	2009.08.07	-
DrWeb	5.0.0.12182	2009.08.07	-
eSafe	7.0.17.0	2009.08.06	-
eTrust-Vet	31.6.6662	2009.08.06	-
F-Prot	4.4.4.56	2009.08.07	-
F-Secure	8.0.14470.0	2009.08.07	-
Fortinet	3.120.0.0	2009.08.07	-
GData	19	2009.08.07	-
Ikarus	T3.1.1.64.0	2009.08.07	-
Jiangmin	11.0.800	2009.08.07	-
K7AntiVirus	7.10.812	2009.08.06	-
Kaspersky	7.0.0.125	2009.08.07	-
McAfee	5700	2009.08.06	-
McAfee+Artemis	5700	2009.08.06	-
McAfee-GW-Edition	6.8.5	2009.08.07	-
Microsoft	1.4903	2009.08.07	-
NOD32	4314	2009.08.07	a variant of Win32/LockScreen.AY
Norman	6.01.09	2009.08.07	-
nProtect	2009.1.8.0	2009.08.07	-
Panda	10.0.0.14	2009.08.06	-
PCTools	4.4.2.0	2009.08.06	-
Prevx	3.0	2009.08.07	-
Rising	21.41.43.00	2009.08.07	-
Sophos	4.44.0	2009.08.07	-
Sunbelt	3.2.1858.2	2009.08.07	-
Symantec	1.4.4.12	2009.08.07	-
TheHacker	6.3.4.3.377	2009.08.05	-
TrendMicro	8.950.0.1094	2009.08.07	-
VBA32	3.12.10.9	2009.08.07	-
ViRobot	2009.8.7.1873	2009.08.07	-
VirusBuster	4.6.5.0	2009.08.06	-

Additional information
File size: 406528 bytes
MD5   : 2a5e2bf462b0b00cb1700b3072b4d9ee

**valho** · 07.08.2009, 16:24

File n_1_.pdf received on 2009.08.07 12:05:50 (UTC)
Current status: finished
Result: 5/41 (12.2%)

a-squared 4.5.0.24 2009.08.07 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.06 JS:Packed-BV
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 JS.Obfuscated.Gen
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
GData 19 2009.08.07 JS.Obfuscated.Gen
Ikarus T3.1.1.64.0 2009.08.07 -
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 PDF/Exploit.Gen
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 Bloodhound.Exploit.213
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 16260 bytes
MD5...: 9d06e3dc3645d0ba8dee44717fd64e51
SHA1..: 13ccefd919c56a3b95b9b06e661ca7445ae03abc
SHA256: b48a0523f311a5916ab5df67d7a5d04d199ebc0b650daf4e4c 2c9fe654365045
ssdeep: 384:jDJz4ULMxLYwa/7SOe9Q9nDeKC+spv/vtzdp5Ls4KdyMQx/Q0r6ySWeG:jDp
/uA/7SNyiKOVtr0mp
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (100.0%)
PEInfo: -
PDFiD.: PDF Header: %PDF-1.3
obj 6
endobj 6
stream 1
endstream 1
xref 1
trailer 1
startxref 1
/Page 1
/Encrypt 0
/ObjStm 0
/JS 1(1)
/JavaScript 1(1)
/AA 0
/OpenAction 1(1)
/AcroForm 0
/JBIG2Decode 0
/RichMedia 0
RDS...: NSRL Reference Data Set

File n_1_.htm received on 2009.08.07 12:13:29 (UTC)
Current status: finished
Result: 4/41 (9.76%)

a-squared 4.5.0.24 2009.08.07 Virus.JS.Packed.H!IK
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.06 JS:Packed-BV
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
GData 19 2009.08.07 JS:Packed-BV
Ikarus T3.1.1.64.0 2009.08.07 Virus.JS.Packed.H
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 6215 bytes
MD5...: f1132074ccdb2675e8dab3d7895e3c60
SHA1..: 8cb4f528bd92ca25a1a155f5e8fdbe405dec1483
SHA256: 3e4a5abd5c2f9be75c437d8e1dae491d7b47f278ff0e20d6f9 842fe13a81f37a
ssdeep: 192:FD+ADJwIt6c+E6eq1bTBcYxkQxw6Q6rWOGgnDyFNx:FWcJ 6eq1SMtBBD4x
PEiD..: -
TrID..: File type identification
HyperText Markup Language with DOCTYPE (80.6%)
HyperText Markup Language (19.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
Украли название каталогов на диске D:\
:(

Добавлено через 9 минут

File in_1_.htm received on 2009.08.07 12:27:06 (UTC)
Current status: finished
Result: 4/41 (9.76%)

a-squared 4.5.0.24 2009.08.07 Virus.HTML.Framer!IK
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.06 HTML:Framer-inf
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6665 2009.08.07 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
GData 19 2009.08.07 HTML:Framer-inf
Ikarus T3.1.1.64.0 2009.08.07 Virus.HTML.Framer
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.07 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 93 bytes
MD5...: 34997809a927cdd2cc6061582e4bfe23
SHA1..: 336df54878b4f3af5f1b9a04358be62a9679c30b
SHA256: b4e3bbcd31a96c663404122645ad3b2879c9527708099a80b6 ac0ab763aa50ab
ssdeep: 3:qVZLE5jFHUi9hXGLZCLJuWK+cRH7ZVWA90Nu:qzLE5x0i9Bq 89LdyjWAB
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

Добавлено через 3 минуты

File n_1_ received on 2009.08.07 12:30:59 (UTC)
Current status: finished
Result: 2/41 (4.88%)

a-squared 4.5.0.24 2009.08.07 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.06 JS:Packed-BV
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6665 2009.08.07 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
GData 19 2009.08.07 JS:Packed-BV
Ikarus T3.1.1.64.0 2009.08.07 -
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.07 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -

Additional information
File size: 12434 bytes
MD5...: b04b01b871be8643d6e1b7f2c75bda80
SHA1..: aaac83703200b68e4dfb70df834d6bd14c38314f
SHA256: 701320a039bd1ef1eaf7a7ff265d82678e099360fcefc5df09 c15dcd77cdc01b
ssdeep: 192:Jd60GqodVWSRRB/AgKEnybY2hRdVoWXMqbcYtPX24ZUFTc00IPTNArKtAZ:z
60no7RB7ybxqWBfzUSfAsr
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

**valho** · 08.08.2009, 15:35

File PivimMiniInstall.exe received on 2009.08.08 11:20:56 (UTC)
Current status: finished
Result: 2/41 (4.88%)

a-squared 4.5.0.24 2009.08.08 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.248 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.07 -
AVG 8.5.0.406 2009.08.08 -
BitDefender 7.2 2009.08.08 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1908 2009.08.08 -
DrWeb 5.0.0.12182 2009.08.08 -
eSafe 7.0.17.0 2009.08.06 Suspicious File
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.08 -
Fortinet 3.120.0.0 2009.08.08 -
GData 19 2009.08.08 -
Ikarus T3.1.1.64.0 2009.08.08 -
Jiangmin 11.0.800 2009.08.08 -
K7AntiVirus 7.10.813 2009.08.07 -
Kaspersky 7.0.0.125 2009.08.08 -
McAfee 5702 2009.08.08 -
McAfee+Artemis 5702 2009.08.08 Suspect-29!38FBAD70A661
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.08 -
NOD32 4316 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.08 -
Panda 10.0.0.14 2009.08.07 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.08 -
Rising 21.41.52.00 2009.08.08 -
Sophos 4.44.0 2009.08.08 -
Sunbelt 3.2.1858.2 2009.08.08 -
Symantec 1.4.4.12 2009.08.08 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.07 -

Additional information
File size: 285696 bytes
MD5...: 38fbad70a6610a2555db2e4b1d2c34d5
SHA1..: ae9d919fe57d0588813c8a9252e4a4f93db3b7cd
SHA256: e5e189dcfc0e0f15b117ad30a702aa50b3d1cd8e8a229dbb19 7bdb9289081186
ssdeep: 6144:MsdFcFYy8XbFxrokvId2175zeeXrS4fEo:MpojvIdO5ze eXrSF
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xa6ff0
timedatestamp.....: 0x49c2133f (Thu Mar 19 09:41:19 2009)
machinetype.......: 0x14c (I386)

**valho** · 09.08.2009, 23:17

File casino.php received on 2009.08.09 18:54:41 (UTC)
Current status: finished
Result: 8/41 (19.52%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.Script.Crypted
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4319 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 29885 bytes
MD5...: 50283ac504205087e663d6024cda6df4
SHA1..: da8c3e7722d12978779954a9dc107acc2751e1be
SHA256: caa5980b1e0640cad0fc57774bee4501b5116a6a01bfb5abb0 318603a658a9fa
ssdeep: 384:rmHZmKqnZYHbajzX1iJwxoYJwxoYJwxoYJwxoYJwxoYJwx oYJwxoYJwxoiHr
HrHS:+v70MJwNJwNJwNJwNJwNJwNJwNJww
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File 1.html received on 2009.08.09 18:59:28 (UTC)
Current status: finished
Result: 1/41 (2.44%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 -
AVG 8.5.0.406 2009.08.09 -
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 -
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.LooksLike.JS.Suspicious.A
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 1942 bytes
MD5...: 4e0e2219f32f202d4f6f1eb8a4ce9b11
SHA1..: 4a12305f5f3ac3545e771a03b64682386878e90f
SHA256: 31b32a91999b9b837711901630aa07a8a0214bd592b17f5f46 d0e777bc30962c
ssdeep: 48:RHYFyTFqohgiesr1uJpFyTFqohgiesr1uJ6:ZeycohgieYe ycohgieYj
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File conf.php received on 2009.08.09 18:59:40 (UTC)
Current status: finished
Result: 5/39 (12.83%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 HTML:IFrame-EZ
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 17836 bytes
MD5...: 9f614e7433e13297008c37ec09051f62
SHA1..: 315631097c8fbe500da2eebee546fec7c6686ca0
SHA256: df9bb5cd00f2de548d416ac68ee750a73d9d8ba0a00b00f34b 9b053d5d132d54
ssdeep: 384:+xocf8yfDj4J5KvCns1PLjMmySKHrHrHrHG/9:96EMKRmySb
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File curl.php received on 2009.08.09 18:59:49 (UTC)
Current status: finished
Result: 8/39 (20.52%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 21797 bytes
MD5...: 9c1b1a22c8a692448359d1aff61bd266
SHA1..: 4b30f35ae51ea02901f060a585a09344d952a550
SHA256: 4cfcf9b7a1e4be09d92456401219dbd4a20f941bab84a4a6da 3c2673d6148bd6
ssdeep: 384:UV0+s0POFmg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJwx oiHrHrHrHG/9:U
a+XPVgelUrjQJwNJwNJwNJwNJwNJww
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File ftp_check.php received on 2009.08.09 18:59:59 (UTC)
Current status: finished
Result: 5/41 (12.2%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 HTML:IFrame-EZ
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 28016 bytes
MD5...: 9eeda8948b52b6e48d8610ac41736d54
SHA1..: 12c1d0a3a4bb06153addc3012c807a5c9d71cba4
SHA256: 6d4f7ea888ddde90627fe9f0f44ccaf3464918dfd732d8acdd 19bfa91ad442a5
ssdeep: 768:96EM/MTXkafbXBKVB5Vws628VvxTFTeGP:ZGa7oVCs8Vv9YGP
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File googleanalyticsru.html received on 2009.08.09 19:00:02 (UTC)
Current status: finished
Result: 9/41 (21.96%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-FX
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 Troj/Iframe-CF
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 22133 bytes
MD5...: 3ebbac23c4b0d221a24375cd06f198c9
SHA1..: eaf7dfb84f3b9aecb44f74dd2c9a1756c8498d7c
SHA256: 25af917f917e2e2dcfc804c4eb66df727a59fade299005a2d0 aea903e33ac165
ssdeep: 384:MAFVrJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoiH rHrHrHG/9:MA3J
wNJwNJwNJwNJwNJwNJwNJww
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File hifili2.php received on 2009.08.09 19:00:07 (UTC)
Current status: finished
Result: 12/41 (29.27%)

a-squared 4.5.0.24 2009.08.09 Backdoor.PHP.Agent!IK
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 Backdoor.PHP.Agent.cz
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 Backdoor.PHP.Agent
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 Backdoor.PHP.Agent.cz
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 23714 bytes
MD5...: 5f3fed663b64b6e091531346bb2a7288
SHA1..: fd83a01ae3cb58aa641ac19d58a4aea35d58a9bf
SHA256: 30ab1d0506dd8709cc9e396f1f9eb8fe8a93e637a1d275b46e 07340fe7c473f4
ssdeep: 384:PSiO/Orp8oAzMmuOizOFmg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJ wxoYJ
wxoo:PSiO/Orp8oAzMmuOiz/gelUrjQJwNJwc
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File htaccess.php received on 2009.08.09 19:00:12 (UTC)
Current status: finished
Result: 1/41 (2.44%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 -
AVG 8.5.0.406 2009.08.09 PHP/BackDoor.AB
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 -
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 -
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 83140 bytes
MD5...: 09ce93f06e2733c1d842f8a7c67c0d55
SHA1..: f3513a7fa2da02733f59898dd4e0795b3e477c9c
SHA256: dd7c327feab97b169c10179e24de0990264bc3755e9aad5505 2c4546b1c2d376
ssdeep: 1536:jQfl4ORQGmsPzCjvw9J6Ux+0PA6r4TRDVlpu9:jQfKWFm O+UxntEFBvu9
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File rinder1.php received on 2009.08.09 19:00:15 (UTC)
Current status: finished
Result: 12/41 (29.27%)

a-squared 4.5.0.24 2009.08.09 Backdoor.PHP.Agent!IK
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 Backdoor.PHP.Agent.cz
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 Backdoor.PHP.Agent
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 Backdoor.PHP.Agent.cz
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 23714 bytes
MD5...: 4a7e5314dbcee1200cf71c07292ab9a3
SHA1..: a5e2361fa137dcb495e1ceb8e86ba7c6dd497f51
SHA256: 4ee1c83d4a0487a71ecf1b18d9d3840a8292fcc9ee96b2d81b 94d38e302cbb4c
ssdeep: 384:sSiO/Orp8oAzMRuOizOFAg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJ wxoYJ
wxoo:sSiO/Orp8oAzMRuOizNgelUrjQJwNJwc
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File under.html received on 2009.08.09 19:00:19 (UTC)
Current status: finished
Result: 8/41 (19.52%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.174722
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.174722
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.Script.Crypted
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 16462 bytes
MD5...: f18c2899ef00796700c25ff3b6f64edd
SHA1..: bf4e0d7fa04501cba06875d669c24a783abc48ea
SHA256: 6bf30cb1259cd717bf24d08547c1f57a9073450462bbc5c6a1 511359f7558e65
ssdeep: 192:ND4eCWIv1sNl5NwkpRigrjAsKQR9wQR9MU2AJPd8N1kUu8 N1kUpIieYj:Nce
CWIdsNl5ukD923AJFHrHG9
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File xxx.php received on 2009.08.09 19:00:22 (UTC)
Current status: finished
Result: 9/40 (22.5%)

a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 Troj/Iframe-CF
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 18745 bytes
MD5...: 8116498557c4fcbee23caf7a3ffecd2f
SHA1..: b20d6a102780bccfb73e6b9967aa88412fd53b18
SHA256: cf3eda1e00e4eba9145c3171c4cd290a19c859cbb771cd38e8 e2e57b8bd99dfa
ssdeep: 384:TsJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoiHrHrHrHG/9:TsJwNJwNJwNJ
wNJwNJwNJww
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File zenis2e.php received on 2009.08.09 19:00:25 (UTC)
Current status: finished
Result: 12/40 (30%)

a-squared 4.5.0.24 2009.08.09 Backdoor.PHP.Agent!IK
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ
AVG 8.5.0.406 2009.08.09 HTML/Framer.CB
BitDefender 7.2 2009.08.09 Trojan.Script.126261
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 Trojan.JS-19
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 Backdoor.PHP.Agent.cz
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 Trojan.Script.126261
Ikarus T3.1.1.64.0 2009.08.09 Backdoor.PHP.Agent
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 Backdoor.PHP.Agent.cz
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -

Additional information
File size: 23714 bytes
MD5...: dcc13ba35e4ec2161d588a8dead05311
SHA1..: 179d0a5cc95104d6754f380cfc4a244b2dcde23b
SHA256: 77884187d53097f0e5c726dbb191aa3f9b92faf3b512d4213d eadbf199f06552
ssdeep: 384:SSiO/Orp8oAzMeuOizOFRg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJ wxoYJ
wxoo:SSiO/Orp8oAzMeuOizUgelUrjQJwNJwc
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

**valho** · 10.08.2009, 23:43

Это не ложное срабатывание
File boxedrecipes received on 2009.08.10 19:34:23 (UTC)
Current status: finished
Result: 2/41 (4.88%)

a-squared 4.5.0.24 2009.08.10 -
AhnLab-V3 5.0.0.2 2009.08.10 -
AntiVir 7.9.0.248 2009.08.10 HEUR/HTML.Malware
Antiy-AVL 2.0.3.7 2009.08.10 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.10 -
BitDefender 7.2 2009.08.10 -
CAT-QuickHeal 10.00 2009.08.10 -
ClamAV 0.94.1 2009.08.10 -
Comodo 1935 2009.08.10 -
DrWeb 5.0.0.12182 2009.08.10 -
eSafe 7.0.17.0 2009.08.10 -
eTrust-Vet 31.6.6670 2009.08.10 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.10 -
Fortinet 3.120.0.0 2009.08.10 -
GData 19 2009.08.10 -
Ikarus T3.1.1.64.0 2009.08.10 -
Jiangmin 11.0.800 2009.08.10 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.10 -
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
McAfee-GW-Edition 6.8.5 2009.08.10 Heuristic.HTML.Malware
Microsoft 1.4903 2009.08.10 -
NOD32 4323 2009.08.10 -
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.10 -
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.10 -
Prevx 3.0 2009.08.10 -
Rising 21.42.04.00 2009.08.10 -
Sophos 4.44.0 2009.08.10 -
Sunbelt 3.2.1858.2 2009.08.10 -
Symantec 1.4.4.12 2009.08.10 -
TheHacker 6.3.4.3.379 2009.08.10 -
TrendMicro 8.950.0.1094 2009.08.10 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.10.1877 2009.08.10 -
VirusBuster 4.6.5.0 2009.08.10 -

Additional information
File size: 9527 bytes
MD5...: f956120e95bf42c42b30ff52ef82def9
SHA1..: 69f7ee5e68d74cb87a4e32dd0aabec25f228b9a4
SHA256: 203296b914bbe04ccf39084daae0d6e6e44722639e942f4521 bff73dccd5cf4c
ssdeep: 192:iLzV3Jpi3dSN01S0KdLnz0h5E15+fO/C+iRC+JdS1xGy2:iN3XiNonz9KfOK
9EodS1UV
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

**senyak** · 11.08.2009, 01:04

Файл VK.rar получен 2009.08.10 21:04:35 (UTC)
Текущий статус: закончено
Результат: 13/40 (32.5%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.10 Trojan.BAT.Agent!IK
AhnLab-V3 5.0.0.2 2009.08.10 -
AntiVir 7.9.0.248 2009.08.10 -
Antiy-AVL 2.0.3.7 2009.08.10 -
Authentium 5.1.2.4 2009.08.10 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.10 -
BitDefender 7.2 2009.08.10 -
CAT-QuickHeal 10.00 2009.08.10 -
ClamAV 0.94.1 2009.08.10 -
Comodo 1936 2009.08.10 -
DrWeb 5.0.0.12182 2009.08.10 Trojan.Hosts.52
eTrust-Vet 31.6.6670 2009.08.10 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.10 Trojan.BAT.Qhost.eu
Fortinet 3.120.0.0 2009.08.10 -
GData 19 2009.08.10 -
Ikarus T3.1.1.64.0 2009.08.10 Trojan.BAT.Agent
Jiangmin 11.0.800 2009.08.10 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.10 Trojan.BAT.Qhost.eu
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 Artemis!FBB7DC2128C3
McAfee-GW-Edition 6.8.5 2009.08.10 Heuristic.BehavesLike.Win32.ModifiedUPX.B!88
Microsoft 1.4903 2009.08.10 Trojan:Win32/Qhost.AY
NOD32 4323 2009.08.10 -
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.10 -
Panda 10.0.0.14 2009.08.10 Trj/CI.A
PCTools 4.4.2.0 2009.08.10 -
Prevx 3.0 2009.08.10 -
Rising 21.42.04.00 2009.08.10 Dropper.Win32.Agent.zrh
Sophos 4.44.0 2009.08.10 Sus/Dropper-A
Sunbelt 3.2.1858.2 2009.08.10 -
Symantec 1.4.4.12 2009.08.10 -
TheHacker 6.3.4.3.379 2009.08.10 -
TrendMicro 8.950.0.1094 2009.08.10 PAK_Generic.001
VBA32 3.12.10.9 2009.08.10 Trojan-Dropper.Win32.B2E
ViRobot 2009.8.10.1877 2009.08.10 -
VirusBuster 4.6.5.0 2009.08.10 -

Дополнительная информация
File size: 17114 bytes
MD5...: a5ac97253bab1e3986992b68ade2d3bd
SHA1..: f670f88a6f47259145db659d8cc16dfeeedaebb0
SHA256: b45f71cd1ffa30bf4a7947433121cc2bfdcc54ee717aa0dfb6 85910423ba2ac4
ssdeep: 384:E0GzagWk8MiWhCiIi5C8zdoiStaHdgvLRZotKyxs4JizlU PJoG0sz:E0DgWk
8Mv8ydoil9gv9oKyHxxoFsz
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): UPX
packers (F-Prot): embedded, UPX_LZMA

http://www.virustotal.com/ru/analisi...ac4-1249938275

**ALEX(XX)** · 11.08.2009, 10:04

очередное пандо
Файл sdra64.exe получен 2009.08.11 06:08:31 (UTC)

Код:

Антивирус    Версия    Обновление    Результат
a-squared    4.5.0.24    2009.08.11    -
AhnLab-V3    5.0.0.2    2009.08.11    -
AntiVir    7.9.0.248    2009.08.10    TR/Dropper.Gen
Antiy-AVL    2.0.3.7    2009.08.11    -
Authentium    5.1.2.4    2009.08.11    -
Avast    4.8.1335.0    2009.08.10    -
AVG    8.5.0.406    2009.08.10    FakeAlert.LW
BitDefender    7.2    2009.08.11    -
CAT-QuickHeal    10.00    2009.08.11    -
ClamAV    0.94.1    2009.08.10    -
Comodo    1938    2009.08.11    -
DrWeb    5.0.0.12182    2009.08.11    -
eSafe    7.0.17.0    2009.08.10    -
eTrust-Vet    31.6.6670    2009.08.10    -
F-Prot    4.4.4.56    2009.08.10    -
F-Secure    8.0.14470.0    2009.08.10    -
Fortinet    3.120.0.0    2009.08.11    -
GData    19    2009.08.11    -
Ikarus    T3.1.1.64.0    2009.08.11    -
Jiangmin    11.0.800    2009.08.10    -
K7AntiVirus    7.10.815    2009.08.10    -
Kaspersky    7.0.0.125    2009.08.11    Trojan-Spy.Win32.Zbot.aacg
McAfee    5705    2009.08.10    -
McAfee+Artemis    5705    2009.08.10    -
McAfee-GW-Edition    6.8.5    2009.08.10    Trojan.Dropper.Gen
Microsoft    1.4903    2009.08.10    PWS:Win32/Zbot.PG
NOD32    4324    2009.08.11    -
Norman    6.01.09    2009.08.10    -
nProtect    2009.1.8.0    2009.08.11    -
Panda    10.0.0.14    2009.08.10    -
PCTools    4.4.2.0    2009.08.10    -
Prevx    3.0    2009.08.11    -
Rising    21.42.10.00    2009.08.11    Unknown Win32 Virus
Sophos    4.44.0    2009.08.11    Mal/BredoPk-B
Sunbelt    3.2.1858.2    2009.08.11    Trojan-Downloader.Win32.Bredolab.x (v)
Symantec    1.4.4.12    2009.08.11    -
TheHacker    6.3.4.3.380    2009.08.11    -
TrendMicro    8.950.0.1094    2009.08.11    -
VBA32    3.12.10.9    2009.08.10    -
ViRobot    2009.8.11.1878    2009.08.11    -
VirusBuster    4.6.5.0    2009.08.10    -

Дополнительная информация
File&nbsp;size: 458752 bytes
MD5&nbsp;&nbsp;&nbsp;: a0edc08552c1a53ac3d0932e102f80c4
SHA1&nbsp;&nbsp;: 0b16a02f43a472cd2d547b548a94f9c4e8ef0ac9
SHA256: ec84d000e490df3301f07a0176b281e0878187a0748da47f037309d9980ff143
PEInfo: PE Structure information<br>    <br>    ( base data )<br>    entrypointaddress.: 0x172D2<br>    timedatestamp.....: 0x487D2B3C (Wed Jul 16 00:57:00 2008)<br>    machinetype.......: 0x14C (Intel I386)<br>    <br>    ( 3 sections )<br>    name viradd virsiz rawdsiz ntrpy md5<br>    .text 0x1000 0x19000 0x18E00 5.94 d2ddd11b5a13ce478a1a2e7843aac8f2<br>.rdata 0x1A000 0x1000 0xE00 4.90 0d4d1e52b63a4b3025bb8d424c87cdf2<br>.rsrc 0x1B000 0x1000 0x400 2.71 654901af9774ee40de8b8f213a508432<br>    <br>    ( 2 imports )<br>    <br>&gt; kernel32.dll: VirtualProtect, GetVersionExA, GetModuleFileNameA, FreeLibrary, CreateThread, lstrcmpiW, DeleteCriticalSection, VirtualAlloc, InitializeCriticalSection, GetModuleHandleA, SetLastError, InterlockedExchange, InterlockedIncrement, CreateThread, QueryPerformanceCounter, LoadLibraryA, InitializeCriticalSection, CreateThread, VirtualProtect, DeleteCriticalSection, GetModuleFileNameA, InterlockedDecrement, VirtualProtect, Sleep, GetModuleHandleW, VirtualProtect, LoadLibraryW, CloseHandle, EnterCriticalSection, QueryPerformanceCounter, UnhandledExceptionFilter, GetCurrentThreadId, CreateThread, HeapFree, EnterCriticalSection, CreateFileW, HeapAlloc, CreateThread, MultiByteToWideChar, HeapAlloc, DeleteCriticalSection, GetLastError, GetCurrentThreadId, GetModuleHandleW, InterlockedIncrement, GetModuleHandleA, SetLastError, InterlockedExchange, UnhandledExceptionFilter, EnterCriticalSection, VirtualAlloc, VirtualProtect, GetTickCount, CreateEventW, HeapFree, lstrcmpiW, GetSystemTimeAsFileTime, SetLastError, GetSystemTimeAsFileTime, HeapFree, HeapFree, LoadLibraryA<br>&gt; user32.dll: CreateWindowExW, SendDlgItemMessageW, PostQuitMessage, LoadCursorW, DispatchMessageW, wsprintfA, EndDialog, SendDlgItemMessageW, ShowWindow, LoadIconW, GetWindowLongW, GetWindowLongW, GetClientRect, BeginPaint, LoadStringW, SetWindowLongW, LoadStringW, ReleaseDC, PostMessageW, IsWindow, EndPaint, SetTimer, CreateWindowExW, SetForegroundWindow, SendMessageW, SetWindowTextW, wsprintfA, LoadIconW, CreateWindowExW, SetWindowLongW, LoadIconW, GetFocus, LoadCursorW, ShowWindow, SetWindowPos, SetForegroundWindow, EndPaint, DispatchMessageW, GetParent, LoadStringW, DispatchMessageW, LoadCursorW, SendMessageW, EnableWindow, SetCursor, SetWindowPos, GetDesktopWindow, GetWindowLongW, SetWindowTextW, InvalidateRect, GetFocus, CharNextW, CreateWindowExW, DefWindowProcW, CharNextW, GetSysColor, GetFocus, DefWindowProcW, GetDC, SendDlgItemMessageW, CharNextW, CreateWindowExW, GetSystemMetrics, SendDlgItemMessageW, MessageBoxW, DestroyWindow, PostMessageW, TranslateMessage, SetForegroundWindow, PeekMessageW<br>    <br>    ( 0 exports )<br>    
TrID&nbsp;&nbsp;: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 6144:HQUUvgSyiklE7v0jOyRhr9+r2Q+cfwWGb8ByDQ7NsOdPNleJd:HEEiT0jOyRhZmTlUDANsnJd
PEiD&nbsp;&nbsp;: -
RDS&nbsp;&nbsp;&nbsp;: NSRL Reference Data Set<br>-

**senyak** · 11.08.2009, 16:11

Это все было в моем сельсовете

Это все там и осталось

Файл avz00001.dta получен 2009.08.11 12:07:41 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.0.248 2009.08.11 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 Trojan.FakeAv.OT
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 TrojWare.Win32.FraudTool.Agent.~IPX
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.10 -
eTrust-Vet 31.6.6672 2009.08.11 Win32/SystemSecurity!generic
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 Trojan.FakeAv.OT
Ikarus T3.1.1.64.0 2009.08.11 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5705 2009.08.10 FakeAlert-CO
McAfee+Artemis 5705 2009.08.10 FakeAlert-CO
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.LooksLike.Trojan.Dropper.J
Microsoft 1.4903 2009.08.11 Trojan:Win32/Winwebsec
NOD32 4325 2009.08.11 -
Norman 6.01.09 2009.08.10 W32/FakeAV.E!genr
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.13.00 2009.08.11 Unknown Win32 Virus
Sophos 4.44.0 2009.08.11 Mal/FakeAV-AD
Sunbelt 3.2.1858.2 2009.08.11 FraudTool.Win32.RogueSecurity (v)
Symantec 1.4.4.12 2009.08.11 Trojan.Fakeavalert
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.10 -

Дополнительная информация
File size: 708666 bytes
MD5...: e29f12b00cb94f48a507a8f41ee20391
SHA1..: cdcfb115b7dfb354368bb4e3948c9823ded07298
SHA256: f960a5f8b86fd357e0a44ae685bae08ae9d3ebd8a3f9bec560 4fcc81a7d3f146
ssdeep: 12288:shmExIsZ79wE7PUo/uP+isheAbp0S1e7ACuQH6ZbESJU98v7:NE2qSuplp
0S1et3GbzCw7
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...146-1249992461

Файл avz00002.dta получен 2009.08.11 12:07:33 (UTC)
Текущий статус: закончено
Результат: 23/41 (56.1%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.11 Gen.Win32!IK
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.0.248 2009.08.11 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 Win32:Sality
AVG 8.5.0.406 2009.08.11 Win32/Heur
BitDefender 7.2 2009.08.11 Gen:Win32.Sality.Dam
CAT-QuickHeal 10.00 2009.08.11 W32.Sality.R
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 modification of Win32.Sector.5
eSafe 7.0.17.0 2009.08.10 Suspicious File
eTrust-Vet 31.6.6672 2009.08.11 Win32/Sality.AA
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 W32/Sality.AA
GData 19 2009.08.11 Gen:Win32.Sality.Dam
Ikarus T3.1.1.64.0 2009.08.11 Gen.Win32
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 Virus.Win32.Sality.AA
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
McAfee-GW-Edition 6.8.5 2009.08.11 Trojan.Crypt.ZPACK.Gen
Microsoft 1.4903 2009.08.11 Virus:Win32/Sality.gen
NOD32 4325 2009.08.11 a variant of Win32/Sality
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.10 W32/Sality.AK
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 Medium Risk Malware
Rising 21.42.13.00 2009.08.11 Win32.KUKU.GEN
Sophos 4.44.0 2009.08.11 W32/Sality-AM
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 Mal_Sality
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 Win32.Sality.K
VirusBuster 4.6.5.0 2009.08.10 Win32.Sality.AO.Gen

Дополнительная информация
File size: 110592 bytes
MD5...: 9c90148ade85235638250dbc2b94fa82
SHA1..: 56de25ebaab6d07dcffb56d77ea0b8e91f5396d2
SHA256: 9bd75793523ce079eeb854306c1689d4729ebb467b5f369f80 5828848a07315b
ssdeep: 3072:YrIz4tSbwoF1j5xC8CDz+DLM4zSxcnJiHdwCt0v2F1mtZ W:YrQwo1khDCDL
M4zfnU2M0eCrW
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...15b-1249992453

Файл avz.exe получен 2009.08.11 12:07:40 (UTC)
Текущий статус: закончено
Результат: 17/41 (41.47%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.11 Virus.Win32.Virut!IK
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.0.248 2009.08.11 W32/Virut.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 Win32:Vitro
AVG 8.5.0.406 2009.08.11 Win32/Virut
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.10 Suspicious File
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 Win32:Vitro
Ikarus T3.1.1.64.0 2009.08.11 Virus.Win32.Virut
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5705 2009.08.10 New Malware.bj
McAfee+Artemis 5705 2009.08.10 New Malware.bj
McAfee-GW-Edition 6.8.5 2009.08.11 Win32.Virut.Gen
Microsoft 1.4903 2009.08.11 -
NOD32 4325 2009.08.11 Win32/Virut.NBP
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.10 W32/Sality.AO
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.13.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 Mal/HckPk-A
Sunbelt 3.2.1858.2 2009.08.11 Virus.Win32.Virut.ce (v)
Symantec 1.4.4.12 2009.08.11 W32.Virut.CF
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 PE_VIRUX.F
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.10 Win32.Virut.Y.Gen

Дополнительная информация
File size: 756736 bytes
MD5...: ac841553c785139c05f0c9729d1083e1
SHA1..: f83688de87f96ae4f243a64a238bf8e19b4cad3d
SHA256: 0030935072726e61d403a4d71c2da3e1400bd73691c267544d 67ebcfdca23e31
ssdeep: 12288:SiOpgP8Dom/fzLqUP9XoW7VypyI6L9QQp+nE16ZQmReJ7LBiXW9fB5N:SP
pg0ksfN9XH7kpQpMA6ZteJRio5N
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...e31-1249992460

Файл avz00012.dta получен 2009.08.11 12:12:37 (UTC)
Текущий статус: закончено
Результат: 8/41 (19.52%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.11 Trojan.Win32.Smardf!IK
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.0.248 2009.08.11 DR/Delphi.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.10 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
Ikarus T3.1.1.64.0 2009.08.11 Trojan.Win32.Smardf
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.BehavesLike.Win32.Dropper.B
Microsoft 1.4903 2009.08.11 Trojan:Win32/Delf.gen!C
NOD32 4325 2009.08.11 -
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.11 Trojan/W32.Smardf.124416.D
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 High Risk Fraudulent Security Program
Rising 21.42.13.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 -
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 Downloader
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.10 -

Дополнительная информация
File size: 124416 bytes
MD5...: 33508d9ebc8cf3c04dc2b310027f28a5
SHA1..: 6416dfb7bdf8588b2f3b1c58be098b345cc7a048
SHA256: faf58e0a62a38e9f2cd77811d9a5806fd2e69099f38bca8b6f f137c660144530
ssdeep: 1536:wIq+E53FXSNRPV+w8hcqLNhrgIvNSFC/6MIvcg9BkQmwTvaDTfNWtHiG7E9
6RXUg

aFCNRPV+wycOSFNmwTvaDUHFELS9xcC
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...530-1249992757

**valho** · 12.08.2009, 08:25

File ey.js received on 2009.08.12 02:51:17 (UTC)
Current status: finished
Result: 13/41 (31.71%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 JS:Redirector-H7
AVG 8.5.0.406 2009.08.12 -
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 Trojan-Downloader.JS.Gumblar.a
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 JS:Redirector-H7
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 Trojan-Downloader.JS.Gumblar.a
McAfee 5706 2009.08.11 Obfuscated Script.f.gen.a
McAfee+Artemis 5706 2009.08.11 Obfuscated Script.f.gen.a
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.Script.Crypted
Microsoft 1.4903 2009.08.11 Trojan:JS/Gamburl.gen!A
NOD32 4327 2009.08.11 JS/TrojanDownloader.Agent.NQB.gen
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 JS/Gumbler.A
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 Troj/JSRedir-R
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 JS.Crypt.BQK

Additional information
File size: 2766 bytes
MD5...: d963565b1dbb10b354a309df74603292
SHA1..: 449a8352f21257d8cefec9f974a7dd10fa2c94b4
SHA256: fc53ffb981ce44a55a08dd6c7b5d5ac996335dc0a5bca6fb52 1517f4e2653a5d
ssdeep: 48:qHfHB0VrKxHhSWHzbHNjRHg9BHJhPHIHlHGHwT5s68/rW4lkal:8vB0EBhSAz
jNjhg9xJh/6dQw9s68/HCy
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File glupoe.htm received on 2009.08.12 02:51:29 (UTC)
Current status: finished
Result: 11/41 (26.83%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG
AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 HTML:IFrame-FG
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 JS/Downloader.gen
McAfee+Artemis 5706 2009.08.11 JS/Downloader.gen
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.ZKit.gen
Microsoft 1.4903 2009.08.11 TrojanDownloader:JS/Psyme.gen
NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 979 bytes
MD5...: 808d85bc894ccb50e10139649d2a7151
SHA1..: c1c43e0ebcd5a4fb0b23ffb9ea96c5471fb40742
SHA256: 6d14ca48ff0b9ca3da13832c1102f11341fbb18f32ec34c7af e5c1876e399738
ssdeep: 12:COeqJmrL9vBCYJU4X9qPf9QBLEHL+REkPwIHMU80Wk5XWvr RH8SojLZVIcsvg
b:CmC9vBF1X9of9oLN520Wk5cenP8Yb
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File gmail.htm received on 2009.08.12 02:51:33 (UTC)
Current status: finished
Result: 3/41 (7.32%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 -
BitDefender 7.2 2009.08.12 Trojan.Script.10715
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 Trojan.Script.10715
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.BehavesLike.JS.CodeUnfolding.A
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 5110 bytes
MD5...: 752f9cd890981a8d92e4c019bd6246c0
SHA1..: f114c9c85141d830a96bdaf057acfa4058df3e32
SHA256: bf3a1392053c57b41d87d5f077fff883b5dc485d312d5743f4 ba32e0d0fe1f12
ssdeep: 96:VJzGJRYHX6SKwbZF11xZbOZwMDKPWUfKyAKjZpaVkOUPBfK yAKjZpaVYScF8:
VZSYHX6SKOjOSWVGjZpuU8GjZpacF8
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File pechal-naya.htm received on 2009.08.12 02:52:37 (UTC)
Current status: finished
Result: 10/41 (24.4%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG
AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 HTML:IFrame-FG
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 Exploit-IFrame
McAfee+Artemis 5706 2009.08.11 Exploit-IFrame
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.Script.Crypted
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 1581 bytes
MD5...: afa0df5f240682c62f54c84fe6323754
SHA1..: 08b2b4957d5d7cf9c5aa40d7a059a1d2325a7cf9
SHA256: 117f3cf08a6c4a632fb6b27e4ff4aca92f29bfeb33569cdca9 0e7fd4395e137f
ssdeep: 24:CNRRdnEtLyGVyNERRFNVRRPRRCN3RRPVB0i4YnjN3wd6CC8 R90Wk5cenFE8Yb
:glRGVcEXVbM3fV3CT90Wk5cenFs
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File TSepey.htm received on 2009.08.12 02:53:14 (UTC)
Current status: finished
Result: 14/41 (34.15%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG
AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent
BitDefender 7.2 2009.08.12 Trojan.IFrame.DD
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 Trojan-Downloader.JS.Iframe.as
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 Trojan.IFrame.DD
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 Trojan-Downloader.JS.Iframe.as
McAfee 5706 2009.08.11 JS/Downloader.gen
McAfee+Artemis 5706 2009.08.11 JS/Downloader.gen
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.ZKit.gen
Microsoft 1.4903 2009.08.11 TrojanDownloader:JS/Psyme.gen
NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 819 bytes
MD5...: 4ff723787eec5a99c47891d480c4439c
SHA1..: 2c5742b1e6186333012c0b8a85446aee240ce18d
SHA256: 1e0c3fee9ea45036ace417b5922678e9999b145b1a0fdd4f53 932734951281ed
ssdeep: 12:3wEJsXbotYoCpXm8BX4YmUSHWWYmHi7mM+JwmLdqIvmmewn pCXu080Wk5XWvr
RHS:niX0KX4x2M5p9eHXG0Wk5cenyYb
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File usage.php received on 2009.08.12 02:53:21 (UTC)
Current status: finished
Result: 3/40 (7.5%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 Trojan/Linux.Prl
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 -
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 Trojan-Dropper.Linux.Prl.c
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 -
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 Trojan-Dropper.Linux.Prl.c
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 31634 bytes
MD5...: e0d4b54d790d14f82e9516860a1998bf
SHA1..: bc6557beff41f4f56008520a542aa4295ecf3a5f
SHA256: d082812e6c9ef66bd1bd9f7cf45483a9a990c5782bc96e5c0c 0f6b373fbeb1bb
ssdeep: 768:TPUB30rcBMf5ko00FvLicmc5rCtBsDm8FUhcRleaC44otb :TUd0gGvFvLiC5
rCXsDmg1RleXTC
PEiD..: -
TrID..: File type identification
ELF Executable and Linkable format (generic) (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File vnyat.htm received on 2009.08.12 02:53:24 (UTC)
Current status: finished
Result: 13/41 (31.71%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG
AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 Trojan-Clicker.HTML.IFrame.gv
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 HTML:IFrame-FG
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 Trojan-Clicker.HTML.IFrame.gv
McAfee 5706 2009.08.11 JS/Downloader.gen
McAfee+Artemis 5706 2009.08.11 JS/Downloader.gen
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.BehavesLike.JS.InfectedPage.A
Microsoft 1.4903 2009.08.11 TrojanDownloader:JS/Psyme.gen
NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 2655 bytes
MD5...: c0834d65c23ca005ab9263d908dc4d6c
SHA1..: c74dce0106b6d40ab8256c85cfa35de6edb3be1e
SHA256: b7099557ba119e10338367a488a08c208693e44d400f66d5e6 0ce7ee2b217d26
ssdeep: 48:glRGVcEXVbM37lN33eWnnzp3+t+60Wk5ceneS:FcwWnzsmp neS
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

Добавлено через 1 час 18 минут

File install.exe received on 2009.08.12 04:20:48 (UTC)
Current status: finished
Result: 5/41 (12.2%)

a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 Downloader.Generic8.BEKZ
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.12 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 -
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.LooksLike.Win32.NewMalware.J
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 W32/DLoader.SAUZ
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 Trj/Downloader.WEX
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 Medium Risk Malware
Rising 21.42.20.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Additional information
File size: 534773 bytes
MD5...: 9ce4cc68d579428db7670ec9d69d780a
SHA1..: b19191c6e64fb599523014a50b18fc1adf668cc4
SHA256: c998f4989f9820415fdc77cfc82717d684d78d8f2c509d4678 fbd5d6c9150f69
ssdeep: 12288:zeTfTY/bO18VVhckZzyDaI0J9fMAJsyIKBnNzlEXSst1:ArKOOV3ckZm+ p
EAdIKBNzlsSw
PEiD..: BobSoft Mini Delphi -> BoB / BobSoft
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x6b834
timedatestamp.....: 0x4a5caa12 (Tue Jul 14 15:53:54 2009)
machinetype.......: 0x14c (I386)
Prevx info: http://info.prevx.com/aboutprogramte...512700976D7FF5

**byrik** · 12.08.2009, 11:05

Файл CORELDRW.EXE получен 2009.08.12 06:18:26 (UTC)
Текущий статус: закончено
Результат: 24/41 (58.54%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.12 Virus.Win32.Virut!IK
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 W32/Virut.Gen
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 W32/Virut.AI!Generic
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 Win32/Virut
BitDefender 7.2 2009.08.12 Win32.Virtob.Gen.12
CAT-QuickHeal 10.00 2009.08.12 W32.Virut.G
ClamAV 0.94.1 2009.08.12 -
Comodo 1951 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 W32/Virut.AI!Generic
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 W32/Virut.CE
GData 19 2009.08.12 Win32.Virtob.Gen.12
Ikarus T3.1.1.64.0 2009.08.12 Virus.Win32.Virut
Jiangmin 11.0.800 2009.08.12 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 W32/Virut.n.gen
McAfee+Artemis 5706 2009.08.11 W32/Virut.n.gen
McAfee-GW-Edition 6.8.5 2009.08.11 Win32.Virut.Gen
Microsoft 1.4903 2009.08.12 Virus:Win32/Virut.gen!O
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 W32/Virut.CM
nProtect 2009.1.8.0 2009.08.12 Virus/W32.Virut.F
Panda 10.0.0.14 2009.08.11 W32/Sality.AO
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.20.00 2009.08.12 Win32.Virut.bm
Sophos 4.44.0 2009.08.12 W32/Scribble-B
Sunbelt 3.2.1858.2 2009.08.12 Virus.Win32.Virut.ce (v)
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 PE_VIRUX.GEN-2
VBA32 3.12.10.9 2009.08.12 Virus.Win32.Virut.X5
ViRobot 2009.8.12.1880 2009.08.12 Win32.Virut.AL
VirusBuster 4.6.5.0 2009.08.11 Win32.Virut.Y.Gen

Дополнительная информация
File size: 217088 bytes
MD5 : a15c187553cfe51c326d350690db2e04
SHA1 : a1c0255cc7f19e91d4ea68bf3d922a66616aec45
SHA256: 27174347e1fbca38576f979135cd18212767f7d2cce5aa988d 38c368b4ae4c9d
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x534D
timedatestamp.....: 0x3FCED9B6 (Thu Dec 4 07:52:38 2003)
machinetype.......: 0x14C (Intel I386)

**ISO** · 12.08.2009, 11:09

Файл new1.exe получен 2009.08.12 07:01:39 (UTC)
Результат: 21/41 (51.22%)

Код:

Антивирус 	Версия 	Обновление 	Результат
a-squared	4.5.0.24	2009.08.12	P2P-Worm.Win32.Palevo!IK
AhnLab-V3	5.0.0.2	2009.08.11	Win-Trojan/Buzus.37376.AD
AntiVir	7.9.1.0	2009.08.11	-
Antiy-AVL	2.0.3.7	2009.08.12	Trojan/Win32.Buzus.gen
Authentium	5.1.2.4	2009.08.12	W32/Palevo.A.gen!Eldorado
Avast	4.8.1335.0	2009.08.11	Win32:Delf-MKW
AVG	8.5.0.406	2009.08.12	-
BitDefender	7.2	2009.08.12	Backdoor.IRCBot.ACTN
CAT-QuickHeal	10.00	2009.08.12	-
ClamAV	0.94.1	2009.08.12	-
Comodo	1951	2009.08.12	TrojWare.Win32.Trojan.Delf.~T
DrWeb	5.0.0.12182	2009.08.12	Trojan.Flood.22022
eSafe	7.0.17.0	2009.08.11	Win32.TrjBuzus.Ha
eTrust-Vet	31.6.6672	2009.08.11	-
F-Prot	4.4.4.56	2009.08.11	W32/Palevo.A.gen!Eldorado
F-Secure	8.0.14470.0	2009.08.12	-
Fortinet	3.120.0.0	2009.08.12	PossibleThreat
GData	19	2009.08.12	Backdoor.IRCBot.ACTN
Ikarus	T3.1.1.64.0	2009.08.12	P2P-Worm.Win32.Palevo
Jiangmin	11.0.800	2009.08.12	-
K7AntiVirus	7.10.816	2009.08.11	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2009.08.12	-
McAfee	5706	2009.08.11	-
McAfee+Artemis	5706	2009.08.11	-
McAfee-GW-Edition	6.8.5	2009.08.11	-
Microsoft	1.4903	2009.08.12	Worm:Win32/Hamweq.A
NOD32	4327	2009.08.11	a variant of Win32/Injector.VW
Norman	6.01.09	2009.08.11	-
nProtect	2009.1.8.0	2009.08.12	Trojan/W32.Agent.37376.DG
Panda	10.0.0.14	2009.08.11	Trj/Buzus.HA
PCTools	4.4.2.0	2009.08.11	-
Prevx	3.0	2009.08.12	-
Rising	21.42.20.00	2009.08.12	Worm.Win32.DownLoader.ic
Sophos	4.44.0	2009.08.12	-
Sunbelt	3.2.1858.2	2009.08.12	-
Symantec	1.4.4.12	2009.08.12	Suspicious.MH690.A
TheHacker	6.3.4.3.381	2009.08.11	-
TrendMicro	8.950.0.1094	2009.08.12	-
VBA32	3.12.10.9	2009.08.12	Trojan.Win32.Buzus.brxz
ViRobot	2009.8.12.1880	2009.08.12	-
VirusBuster	4.6.5.0	2009.08.11	-

Дополнительная информация
File size: 37376 bytes
MD5...: d52d7b632dec3a89bc96a91b506dfa7e
SHA1..: 0f8b0b0258548ee0b04fd2e6fa516abf1f3ca5b3
SHA256: 2f31696cd9938d12b3cd436828faa5499790fed4d535158eb9 0e6a71dea0a4d4
ssdeep: 384:jqyuzDkUySFy8yoXVbft55r74rr7JPy+DQtlawEAzyvvZQ tdogXr+giT2p2B
azXw:jAM8yoXV7T5rM4Gw5yvvEj7mPBazXw3
PEiD..: -

Файл svchos.exe получен 2009.08.12 07:11:18 (UTC)
Текущий статус: закончено
Результат: 20/40 (50.00%)

Код:

Антивирус 	Версия 	Обновление 	Результат
a-squared 	4.5.0.24 	2009.08.12 	Trojan.Win32.Refroso!IK
AhnLab-V3 	5.0.0.2 	2009.08.11 	-
AntiVir 	7.9.1.0 	2009.08.11 	-
Antiy-AVL 	2.0.3.7 	2009.08.12 	Worm/Win32.Carrier.gen
Authentium 	5.1.2.4 	2009.08.12 	W32/Injector.J.gen!Eldorado
Avast 	4.8.1335.0 	2009.08.11 	Win32:PoisonIvy-IT
AVG 	8.5.0.406 	2009.08.12 	Generic14.PND
BitDefender 	7.2 	2009.08.12 	-
CAT-QuickHeal 	10.00 	2009.08.12 	-
ClamAV 	0.94.1 	2009.08.12 	-
Comodo 	1951 	2009.08.12 	-
DrWeb 	5.0.0.12182 	2009.08.12 	Trojan.MulDrop.30762
eSafe 	7.0.17.0 	2009.08.11 	-
eTrust-Vet 	31.6.6672 	2009.08.11 	-
F-Prot 	4.4.4.56 	2009.08.11 	W32/Injector.J.gen!Eldorado
F-Secure 	8.0.14470.0 	2009.08.12 	-
Fortinet 	3.120.0.0 	2009.08.12 	PossibleThreat
GData 	19 	2009.08.12 	Win32:PoisonIvy-IT
Ikarus 	T3.1.1.64.0 	2009.08.12 	Trojan.Win32.Refroso
Jiangmin 	11.0.800 	2009.08.12 	Trojan/Refroso.eh
K7AntiVirus 	7.10.816 	2009.08.11 	Trojan.Win32.Malware.1
Kaspersky 	7.0.0.125 	2009.08.12 	-
McAfee 	5706 	2009.08.11 	Backdoor-EBM
McAfee+Artemis 	5706 	2009.08.11 	Backdoor-EBM
McAfee-GW-Edition 	6.8.5 	2009.08.11 	-
Microsoft 	1.4903 	2009.08.12 	VirTool:Win32/Injector.gen!AC
NOD32 	4327 	2009.08.11 	probably a variant of Win32/Injector.VD
Norman 	6.01.09 	2009.08.11 	-
nProtect 	2009.1.8.0 	2009.08.12 	-
Panda 	10.0.0.14 	2009.08.11 	Generic Malware
PCTools 	4.4.2.0 	2009.08.11 	-
Rising 	21.42.20.00 	2009.08.12 	-
Sophos 	4.44.0 	2009.08.12 	-
Sunbelt 	3.2.1858.2 	2009.08.12 	-
Symantec 	1.4.4.12 	2009.08.12 	-
TheHacker 	6.3.4.3.381 	2009.08.11 	-
TrendMicro 	8.950.0.1094 	2009.08.12 	Cryp_Neb-2
VBA32 	3.12.10.9 	2009.08.12 	Trojan.Win32.Refroso.btv
ViRobot 	2009.8.12.1880 	2009.08.12 	Trojan.Win32.Downloader.26624.ED
VirusBuster 	4.6.5.0 	2009.08.11 	-

Дополнительная информация
File size: 68608 bytes
MD5 : 2329293297b6b593981e12b4877fe167
SHA1 : 009fc124ae022b41b3d0ba92a64c039ffbfb8be1
SHA256: 9f555faa47a4452529402049514296212ae498a2583dc7cb1a a953e04e441008
PEInfo: PE Structure information

Файл djdgfjdjd.exe получен 2009.08.12 07:15:19 (UTC)
Текущий статус:
Результат: 3/41 (7.32%)

Код:

Антивирус 	Версия 	Обновление 	Результат
a-squared	4.5.0.24	2009.08.12	-
AhnLab-V3	5.0.0.2	2009.08.11	-
AntiVir	7.9.1.0	2009.08.11	-
Antiy-AVL	2.0.3.7	2009.08.12	-
Authentium	5.1.2.4	2009.08.12	-
Avast	4.8.1335.0	2009.08.11	-
AVG	8.5.0.406	2009.08.12	-
BitDefender	7.2	2009.08.12	-
CAT-QuickHeal	10.00	2009.08.12	Trojan.Agent.ATV
ClamAV	0.94.1	2009.08.12	-
Comodo	1951	2009.08.12	-
DrWeb	5.0.0.12182	2009.08.12	-
eSafe	7.0.17.0	2009.08.11	Suspicious File
eTrust-Vet	31.6.6672	2009.08.11	-
F-Prot	4.4.4.56	2009.08.11	-
F-Secure	8.0.14470.0	2009.08.12	-
Fortinet	3.120.0.0	2009.08.12	-
GData	19	2009.08.12	-
Ikarus	T3.1.1.64.0	2009.08.12	-
Jiangmin	11.0.800	2009.08.12	-
K7AntiVirus	7.10.816	2009.08.11	-
Kaspersky	7.0.0.125	2009.08.12	-
McAfee	5706	2009.08.11	-
McAfee+Artemis	5706	2009.08.11	Suspect-29!1CE551A37CBC
McAfee-GW-Edition	6.8.5	2009.08.11	-
Microsoft	1.4903	2009.08.12	-
NOD32	4327	2009.08.11	-
Norman	6.01.09	2009.08.11	-
nProtect	2009.1.8.0	2009.08.12	-
Panda	10.0.0.14	2009.08.11	-
PCTools	4.4.2.0	2009.08.11	-
Prevx	3.0	2009.08.12	-
Rising	21.42.21.00	2009.08.12	-
Sophos	4.44.0	2009.08.12	-
Sunbelt	3.2.1858.2	2009.08.12	-
Symantec	1.4.4.12	2009.08.12	-
TheHacker	6.3.4.3.381	2009.08.11	-
TrendMicro	8.950.0.1094	2009.08.12	-
VBA32	3.12.10.9	2009.08.12	-
ViRobot	2009.8.12.1880	2009.08.12	-
VirusBuster	4.6.5.0	2009.08.11	-

Дополнительная информация
File size: 32768 bytes
MD5...: 1ce551a37cbc38a1c151b014cc526bc6
SHA1..: 4b1299a4e892764be130ed56e1fbcc2edb797188
SHA256: 79eaa20b688609ce419d3411f07c5d6e1c675d80cfffdeed3a cc3598423ed230
ssdeep: 768:C52qyKxcia7J37AepFr7RYt4zFWfbMIFCET18AM:e2qyK6 nJ3TpvWzt7p8AM
PEiD..: -

**Kuzz** · 12.08.2009, 15:31

Файл sdra64.exe получен 2009.08.12 11:36:21 (UTC)
Антивирус Версия Обновление Результат

Код:

a-squared	4.5.0.24	2009.08.12	-
AhnLab-V3	5.0.0.2	2009.08.12	Win-Trojan/Zbot.90624.D
AntiVir	7.9.1.0	2009.08.12	TR/Crypt.ZPACK.Gen
Antiy-AVL	2.0.3.7	2009.08.12	Trojan/Win32.Bancos.gen
Authentium	5.1.2.4	2009.08.12	-
Avast	4.8.1335.0	2009.08.11	Win32:Wali
AVG	8.5.0.406	2009.08.12	Win32/Cryptor
BitDefender	7.2	2009.08.12	-
CAT-QuickHeal	10.00	2009.08.12	TrojanBanker.Bancos.ezp
ClamAV	0.94.1	2009.08.12	-
Comodo	1953	2009.08.12	-
DrWeb	5.0.0.12182	2009.08.12	Trojan.PWS.Panda.122
eSafe	7.0.17.0	2009.08.11	-
eTrust-Vet	31.6.6673	2009.08.12	-
F-Prot	4.4.4.56	2009.08.11	-
F-Secure	8.0.14470.0	2009.08.12	-
Fortinet	3.120.0.0	2009.08.12	-
GData	19	2009.08.12	Win32:Wali
Ikarus	T3.1.1.64.0	2009.08.12	-
Jiangmin	11.0.800	2009.08.12	-
K7AntiVirus	7.10.816	2009.08.11	Trojan-Banker.Win32.Bancos.ezp
Kaspersky	7.0.0.125	2009.08.12	-
McAfee	5706	2009.08.11	-
McAfee+Artemis	5706	2009.08.11	Suspect-29!662BCDC96EE8
McAfee-GW-Edition	6.8.5	2009.08.12	Trojan.Crypt.ZPACK.Gen
Microsoft	1.4903	2009.08.12	PWS:Win32/Zbot.gen!R
NOD32	4328	2009.08.12	Win32/Spy.Zbot.TY
Norman	6.01.09	2009.08.11	-
nProtect	2009.1.8.0	2009.08.12	-
Panda	10.0.0.14	2009.08.11	-
PCTools	4.4.2.0	2009.08.11	-
Prevx	3.0	2009.08.12	-
Rising	21.42.23.00	2009.08.12	-
Sophos	4.44.0	2009.08.12	-
Sunbelt	3.2.1858.2	2009.08.12	Trojan-Downloader.Tibs.gen (v)
Symantec	1.4.4.12	2009.08.12	Packed.Generic.232
TheHacker	6.3.4.3.381	2009.08.11	-
TrendMicro	8.950.0.1094	2009.08.12	-
VBA32	3.12.10.9	2009.08.12	Trojan-Banker.Win32.Bancos.ezp
ViRobot	2009.8.12.1881	2009.08.12	-
VirusBuster	4.6.5.0	2009.08.11	-

Дополнительная информация
File size: 283136 bytes
MD5...: 662bcdc96ee813d04c7e6fb08534f079
SHA1..: 9c33adfdfcb435e46192c8823ae64170deb6c338
SHA256: f02ea121555317f95bd3dcccef51176b6ba4641314593d9b88 9f50528ced8f17
ssdeep: 6144:SNp5OsvTSj21dL7J3egClQBq0cP6amj+aLWxM8VSwtpHz N9DM:+OceO06Bn amjcxMAtpTNdM 
PEiD..: -
TrID..: File type identification Win32 Executable MS Visual C++ (generic) (53.1%) Windows Screen Saver (18.4%) Win32 Executable Generic (12.0%) Win32 Dynamic Link Library (generic) (10.6%) Generic Win/DOS Executable (2.8%)

**senyak** · 12.08.2009, 20:10

Файл avz00003.dta получен 2009.08.12 15:43:13 (UTC)
Текущий статус: закончено
Результат: 15/41 (36.59%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.12 Win-Trojan/SpamMailer.27525
AntiVir 7.9.1.0 2009.08.12 -
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.12 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.12 Win32/Heur
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.12 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1955 2009.08.12 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.12 Trojan.MulDrop.33201
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6673 2009.08.12 -
F-Prot 4.4.4.56 2009.08.12 -
F-Secure 8.0.14470.0 2009.08.12 -
Fortinet 3.120.0.0 2009.08.12 PossibleThreat
GData 19 2009.08.12 Win32:Trojan-gen {Other}
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.12 -
K7AntiVirus 7.10.817 2009.08.12 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 Artemis!CB074F6549DA
McAfee-GW-Edition 6.8.5 2009.08.12 -
Microsoft 1.4903 2009.08.12 Trojan:Win32/Meredrop
NOD32 4329 2009.08.12 a variant of Win32/Wigon.LW
Norman 6.01.09 2009.08.12 -
nProtect 2009.1.8.0 2009.08.12 Trojan/W32.Agent.27525.B
Panda 10.0.0.14 2009.08.11 Suspicious file
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.12 -
Rising 21.42.23.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 Trojan Horse
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.12.1881 2009.08.12 Dropper.Agent.27526
VirusBuster 4.6.5.0 2009.08.12 -

Дополнительная информация
File size: 27525 bytes
MD5...: cb074f6549dadd76904adcb6f509024c
SHA1..: 484a209b1c3e43d27d2089713fa34167a8f67510
SHA256: 469c7ce301e82a12c8736480b2dea062cc2c28756b37be73e6 7caa56460ddea7
ssdeep: 384:/0sk4SQSkBwgyn9MdwjFZ6CrcSdFWj3dAW4hd2NgMyOb2rg8kk//+fQceVFb
RgnO:/0sqR/jFZ1rPCrdvNgM4wkefQhbRgTp8
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...ea7-1250091793

Файл jrsfzxgd.exe получен 2009.08.12 16:15:51 (UTC)
Текущий статус: закончено
Результат: 25/41 (60.98%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.12 Trojan-Proxy.Win32.Verind!IK
AhnLab-V3 5.0.0.2 2009.08.12 Win-Trojan/amGfauxhsX.5120
AntiVir 7.9.1.0 2009.08.12 BDS/Backdoor.Gen
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 W32/Trojan-Sml-SDCW!Eldorado
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.12 Generic13.CADV
BitDefender 7.2 2009.08.12 Gen:Trojan.Heur.PT.amGfaK!uLCl
CAT-QuickHeal 10.00 2009.08.12 Trojan.Agent.ATV
ClamAV 0.94.1 2009.08.12 -
Comodo 1955 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 Trojan.Proxy.origin
eSafe 7.0.17.0 2009.08.11 Suspicious File
eTrust-Vet 31.6.6673 2009.08.12 Win32/Fifibe!generic
F-Prot 4.4.4.56 2009.08.12 W32/Trojan-Sml-SDCW!Eldorado
F-Secure 8.0.14470.0 2009.08.12 Suspicious:W32/Malware!Gemini
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 Gen:Trojan.Heur.PT.amGfaK!uLCl
Ikarus T3.1.1.64.0 2009.08.12 Trojan-Proxy.Win32.Verind
Jiangmin 11.0.800 2009.08.12 -
K7AntiVirus 7.10.817 2009.08.12 Virus.Win32.Sality.AA
Kaspersky 7.0.0.125 2009.08.12 Heur.Trojan.Generic
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 Suspect-29!0C87865D034A
McAfee-GW-Edition 6.8.5 2009.08.12 Heuristic.LooksLike.Win32.Suspicious.H!81
Microsoft 1.4903 2009.08.12 TrojanProxy:Win32/Verind.A
NOD32 4329 2009.08.12 a variant of Win32/Small.BB
Norman 6.01.09 2009.08.12 W32/Malware
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.12 Trj/Downloader.MDW
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.12 -
Rising 21.42.23.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 BehavesLike.Win32.Malware (v)
Symantec 1.4.4.12 2009.08.12 Backdoor.Trojan
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 PAK_Generic.001
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.12.1881 2009.08.12 -
VirusBuster 4.6.5.0 2009.08.12 -

Дополнительная информация
File size: 5120 bytes
MD5...: 0c87865d034ab936b0be86532f5b4300
SHA1..: 69b3b452008de61d4cb08e43d999d2e52e90dc3f
SHA256: eb4f25b6c964065da80fe52d805d6723dfcd7a7474ebb4bfaf a5baa9995ad2b0
ssdeep: 96:QQXJ8vfYA2/NU3az+pKM+kYgXMHP1AfEheKCR:9uIA2nz+8MxnaWfeeP
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...2b0-1250093751

**valho** · 13.08.2009, 16:29

File i.php received on 2009.08.13 11:38:44 (UTC)
Current status: finished
Result: 6/41 (14.64%)

a-squared 4.5.0.24 2009.08.13 -
AhnLab-V3 5.0.0.2 2009.08.12 -
AntiVir 7.9.1.1 2009.08.13 EXP/SWF.28992
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
Avast 4.8.1335.0 2009.08.12 SWFownloader-G
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1964 2009.08.13 -
DrWeb 5.0.0.12182 2009.08.13 Exploit.SWF.115
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.12 -
F-Secure 8.0.14470.0 2009.08.13 -
Fortinet 3.120.0.0 2009.08.13 -
GData 19 2009.08.13 SWFownloader-G
Ikarus T3.1.1.64.0 2009.08.13 -
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 -
McAfee 5707 2009.08.12 -
McAfee+Artemis 5707 2009.08.12 -
McAfee-GW-Edition 6.8.5 2009.08.13 Exploit.SWF.28992
Microsoft 1.4903 2009.08.13 TrojanDownloader:Win32/Swif.I
NOD32 4331 2009.08.13 -
Norman 6.01.09 2009.08.12 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 -
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 -
Rising 21.42.32.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -

Additional information
File size: 8235 bytes
MD5...: 8fc7f1182c56f9508ae27fdfd1b7f0cc
SHA1..: 403fa78b76444d091fecfb910f72a79d36ed290d
SHA256: 1f72afd5b2093d0eb198415d11f1408b434a213d0c874cbeb5 df5e4e18302c60
ssdeep: 192:e4rET07JrqSTMiK0MqnFcf37sLRHr2C0cT7ZgR33Oz/tgUYwKEK+v2X/jwN:
ewasrqIg016oLRHrn7ZRtk62vcN
PEiD..: -
TrID..: File type identification
GZipped File (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): packed

Добавлено через 44 минуты

джоинер
File RJoiner_private.exe received on 2009.08.13 12:31:33 (UTC)
Current status: finished
Result: 27/41 (65.86%)

a-squared 4.5.0.24 2009.08.13 Trojan.MulDrop!IK
AhnLab-V3 5.0.0.2 2009.08.13 Win-Trojan/Xema.variant
AntiVir 7.9.1.1 2009.08.13 SPR/Tool.MultiDrop
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 W32/Dropper.EIT
Avast 4.8.1335.0 2009.08.12 Win32:Tiny-NX
AVG 8.5.0.406 2009.08.13 Dropper.Generic.AIJY
BitDefender 7.2 2009.08.13 Trojan.Generic.199723
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 Trojan.Dropper-3804
Comodo 1964 2009.08.13 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.13 Trojan.MulDrop.8198
eSafe 7.0.17.0 2009.08.11 Win32.Banker
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 W32/Dropper.EIT
F-Secure 8.0.14470.0 2009.08.13 Suspicious:W32/Malware!Gemini
Fortinet 3.120.0.0 2009.08.13 -
GData 19 2009.08.13 Trojan.Generic.199723
Ikarus T3.1.1.64.0 2009.08.13 Trojan.MulDrop
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 -
McAfee 5707 2009.08.12 Generic.dx
McAfee+Artemis 5707 2009.08.12 Generic.dx
McAfee-GW-Edition 6.8.5 2009.08.13 Trojan.Crypt.XPACK.Gen
Microsoft 1.4903 2009.08.13 Trojan:Win32/Meredrop
NOD32 4331 2009.08.13 a variant of Win32/TrojanDropper.Rjoin
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 Trojan/W32.Agent.588303
Panda 10.0.0.14 2009.08.12 Trj/CI.A
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 High Risk System Back Door
Rising 21.42.33.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 Backdoor.Sdbot
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 Possible_Mlwr-13
VBA32 3.12.10.9 2009.08.13 suspected of Embedded.Trojan-Dropper.Win32.Tiny.o
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -

Additional information
File size: 588303 bytes
MD5...: 7f2a61a3c87402f7d3d18f8564051cd7
SHA1..: e17016f2cee2c688259e8a58687399987110518f
SHA256: 817279550d79e52b18af29b25fce85bbc4bb57fbea1c61fd94 adc5ec9b253877
ssdeep: 6144:320hO6kwpKJe+nqRv6BcWTUvZnpW0FW5VuYtX0G3ouODX xAQR5uC4z3u:32
XgwSQoZnpTFWLuYyG8DXhRUC4Lu
PEiD..: Armadillo v1.71
TrID..: File type identification
Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x276c
timedatestamp.....: 0x45aa46c1 (Sun Jan 14 15:05:37 2007)
machinetype.......: 0x14c (I386)
Prevx info: http://info.prevx.com/aboutprogramte...683B00DE66270C

**senyak** · 13.08.2009, 18:40

Опять сельсовет

Файл advapi3.dll получен 2009.08.13 13:35:56 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 Trojan.Win32.Smardf!IK
AhnLab-V3 5.0.0.2 2009.08.13 -
AntiVir 7.9.1.1 2009.08.13 DR/Delphi.Gen
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1965 2009.08.13 -
DrWeb 5.0.0.12182 2009.08.13 Trojan.Siggen.3294
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
F-Secure 8.0.14470.0 2009.08.13 Trojan.Win32.Smardf.jxm
Fortinet 3.120.0.0 2009.08.13 -
GData 19 2009.08.13 -
Ikarus T3.1.1.64.0 2009.08.13 Trojan.Win32.Smardf
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 Trojan.Win32.Smardf.jxm
McAfee 5707 2009.08.12 -
McAfee+Artemis 5707 2009.08.12 Artemis!33508D9EBC8C
McAfee-GW-Edition 6.8.5 2009.08.13 Heuristic.BehavesLike.Win32.Dropper.B
Microsoft 1.4903 2009.08.13 TrojanDropper:Win32/Boaxxe.G
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 W32/DLoader.TDST
nProtect 2009.1.8.0 2009.08.13 Trojan/W32.Smardf.124416.D
Panda 10.0.0.14 2009.08.12 Generic Trojan
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 High Risk Fraudulent Security Program
Rising 21.42.34.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 Downloader
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -

Дополнительная информация
File size: 124416 bytes
MD5...: 33508d9ebc8cf3c04dc2b310027f28a5
SHA1..: 6416dfb7bdf8588b2f3b1c58be098b345cc7a048
SHA256: faf58e0a62a38e9f2cd77811d9a5806fd2e69099f38bca8b6f f137c660144530
ssdeep: 1536:wIq+E53FXSNRPV+w8hcqLNhrgIvNSFC/6MIvcg9BkQmwTvaDTfNWtHiG7E9
6RXUg

aFCNRPV+wycOSFNmwTvaDUHFELS9xcC
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...530-1250170556

Файл eng_1_.htm получен 2009.08.13 13:43:21 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 -
AhnLab-V3 5.0.0.2 2009.08.13 -
AntiVir 7.9.1.1 2009.08.13 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
Avast 4.8.1335.0 2009.08.12 JSacked-AL
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1965 2009.08.13 -
DrWeb 5.0.0.12182 2009.08.13 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
F-Secure 8.0.14470.0 2009.08.13 Trojan-Downloader.JS.Iframe.aey
Fortinet 3.120.0.0 2009.08.13 -
GData 19 2009.08.13 JSacked-AL
Ikarus T3.1.1.64.0 2009.08.13 -
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 Trojan-Downloader.JS.Iframe.aey
McAfee 5707 2009.08.12 JS/Generic Exploit.j
McAfee+Artemis 5707 2009.08.12 JS/Generic Exploit.j
McAfee-GW-Edition 6.8.5 2009.08.13 Heuristic.BehavesLike.JS.Suspicious.B
Microsoft 1.4903 2009.08.13 VirTool:JS/Obfuscator.H
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 -
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 -
Rising 21.42.34.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 Mal/ObfJS-M
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -

Дополнительная информация
File size: 6470 bytes
MD5...: c2fb62a36f5f24c948b04abf6859844c
SHA1..: d2190eeff2f6d12a467c4c26ebb2e5c5568a817c
SHA256: 06f5f5ec59ab5cf89f42697f798ab978b2e6534dcbe47faf86 c9453dec22fb22
ssdeep: 192:EnQCHz9CJ5NrZjkjDmPTC9iJoNA+p8qVdd:af9CJ5N9lPx 2G+p8c
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

http://www.virustotal.com/ru/analisi...b22-1250171001

Файл ntfs.sys.000 получен 2009.08.13 14:25:56 (UTC)
Текущий статус: закончено
Результат: 8/41 (19.52%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 -
AhnLab-V3 5.0.0.2 2009.08.13 -
AntiVir 7.9.1.1 2009.08.13 RKIT/Kobcka.Patched.A
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.13 Rootkit-Pakes.M
BitDefender 7.2 2009.08.13 Rootkit.Kobcka.Patched.A
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1965 2009.08.13 -
DrWeb 5.0.0.12182 2009.08.13 BackDoor.Bulknet.404
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
F-Secure 8.0.14470.0 2009.08.13 -
Fortinet 3.120.0.0 2009.08.13 -
GData 19 2009.08.13 Rootkit.Kobcka.Patched.A
Ikarus T3.1.1.64.0 2009.08.13 -
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 -
McAfee 5707 2009.08.12 -
McAfee+Artemis 5707 2009.08.12 Suspect-29!93913FEC6578
McAfee-GW-Edition 6.8.5 2009.08.13 Rootkit.Kobcka.Patched.A
Microsoft 1.4903 2009.08.13 VirTool:WinNT/Cutwail.L
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 -
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 -
Rising 21.42.34.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.13 -

Дополнительная информация
File size: 619200 bytes
MD5...: 93913fec6578aecc929563dab3e5e428
SHA1..: c90fd4bbb015884b90ce927c24558f8714ae1857
SHA256: b6ab9a961f1d0a473e4b73ea60dd65fa4fcf4d2fe5672f02f4 419792b4f32748
ssdeep: 6144:FYvlJCuNJ3Loj+sr/rwFSrS8yXtiwOxHzlxFR0Pd4s3BSCx4PTaQrkvH0jp
d7cXR:yJCC+H+SO8gdoEBRSCyba8PjkX4VU
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...748-1250173556

Файл ScbData.exe получен 2009.08.13 14:29:39 (UTC)
Текущий статус: закончено
Результат: 30/41 (73.18%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 Backdoor.Win32.Hupigon!IK
AhnLab-V3 5.0.0.2 2009.08.13 Win-Trojan/Hupigon.502784.Y
AntiVir 7.9.1.1 2009.08.13 BDS/Hupigon.MY.19
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 W32/Agent.GMB
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.13 Win32/Heur
BitDefender 7.2 2009.08.13 Backdoor.Hupigon.MY
CAT-QuickHeal 10.00 2009.08.13 Trojan.Agent.ATV
ClamAV 0.94.1 2009.08.13 Trojan.PcClient-2361
Comodo 1965 2009.08.13 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.13 -
eSafe 7.0.17.0 2009.08.13 Win32.PcClient
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 W32/Agent.GMB
F-Secure 8.0.14470.0 2009.08.13 Suspicious:W32/Malware!Gemini
Fortinet 3.120.0.0 2009.08.13 W32/HUPIGON.EAU!tr.bdr
GData 19 2009.08.13 Backdoor.Hupigon.MY
Ikarus T3.1.1.64.0 2009.08.13 Backdoor.Win32.Hupigon
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.08.13 -
McAfee 5707 2009.08.12 BackDoor-AWQ.b
McAfee+Artemis 5707 2009.08.12 BackDoor-AWQ.b
McAfee-GW-Edition 6.8.5 2009.08.13 Heuristic.LooksLike.Trojan.Dropper.C
Microsoft 1.4903 2009.08.13 -
NOD32 4332 2009.08.13 probably a variant of Win32/Delf
Norman 6.01.09 2009.08.13 W32/Packed_NsPack.I
nProtect 2009.1.8.0 2009.08.13 Backdoor/W32.Hupigon.502784
Panda 10.0.0.14 2009.08.12 Trj/Downloader.MDW
PCTools 4.4.2.0 2009.08.12 Packed/NSPack
Prevx 3.0 2009.08.13 -
Rising 21.42.34.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 Mal/Packer
Sunbelt 3.2.1858.2 2009.08.13 Packer.NSAnti.Gen (v)
Symantec 1.4.4.12 2009.08.13 Backdoor.Trojan
TheHacker 6.3.4.3.383 2009.08.13 W32/Behav-Heuristic-067
TrendMicro 8.950.0.1094 2009.08.13 BKDR_HUPIGON.EAU
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.13 Packed/NSPack

Дополнительная информация
File size: 502784 bytes
MD5...: 6d192a0924d1565097c9e0ef068031cf
SHA1..: cb225bedacd6d1b614a1557209e144563216d818
SHA256: 7bd1d8a97253193c2f73cfff4777622d126330104b755e2f07 230b19ea490546
ssdeep: 6144:tO0eBeuipeiuhPlS1Ew5EUOKQ71Yk29Lu7W1Q55HiD+th m+grcqHEXIkwqJ
6wUvC:tO0eBEpe91li5wDos7WGSQAJ9HEw64v
PEiD..: NSPack 3.x -> Liu Xing Ping
TrID..: File type identification
Win32 EXE Yoda's Crypter (56.8%)
Win32 Executable Generic (18.2%)
Win32 Dynamic Link Library (generic) (16.2%)
Generic Win/DOS Executable (4.2%)
DOS Executable Generic (4.2%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...546-1250173779

Файл win_1_.jpg получен 2009.08.13 14:45:05 (UTC)
Текущий статус: закончено
Результат: 17/40 (42.5%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 Exploit.Win32.DirektShow!IK
AhnLab-V3 5.0.0.2 2009.08.13 -
AntiVir 7.9.1.1 2009.08.13 EXP/DirektShow.A
Antiy-AVL 2.0.3.7 2009.08.13 Exploit/Win32.DirektShow
Authentium 5.1.2.4 2009.08.13 DirektShow.A
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 Trojan.Downloader.Fostrem
Comodo 1965 2009.08.13 TrojWare.Win32.Exploit.DirektShow.a
DrWeb 5.0.0.12182 2009.08.13 -
eSafe 7.0.17.0 2009.08.13 Win32.Horse
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
F-Secure 8.0.14470.0 2009.08.13 Exploit.Win32.DirektShow.a
Fortinet 3.120.0.0 2009.08.13 Data/MsVidCtl.A!exploit
GData 19 2009.08.13 -
Ikarus T3.1.1.64.0 2009.08.13 Exploit.Win32.DirektShow
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 Exploit.Win32.DirektShow.a
McAfee 5707 2009.08.12 Exploit-MSDirectShow.b
McAfee+Artemis 5707 2009.08.12 Exploit-MSDirectShow.b
McAfee-GW-Edition 6.8.5 2009.08.13 Downloader.Fostrem
Microsoft 1.4903 2009.08.13 -
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 Exploit/DirektShow.A
PCTools 4.4.2.0 2009.08.12 -
Rising 21.42.34.00 2009.08.13 Hack.Exploit.Win32.CVE-2008-0015.a
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 Downloader.Fostrem
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.13 -

Дополнительная информация
File size: 63 bytes
MD5...: c26a70a02442035a7836c1f6d0a50bf0
SHA1..: 3f36e6c0deb823d0497c8c91f957c52b1de8addb
SHA256: a58e3a42daf56fa95d67a157b9c699e43e89e254bcc717ff04 d9d19d1ffb40b4
ssdeep: 3:/5ltfRJLn:/7bln
PEiD..: -
TrID..: File type identification
Adobe PhotoShop Brush (49.3%)
BONK lossless/lossy audio compressor (49.3%)
Sybase iAnywhere database files (0.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

http://www.virustotal.com/ru/analisi...0b4-1250174705

**valho** · 15.08.2009, 17:23

Посмотрел пару ссылок которые были на твиттере закодированные BASE64
File body received on 2009.08.15 13:17:06 (UTC)
Current status: finished
Result: 5/41 (12.2%)

a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.14 W32/Heuristic-KPP!Eldorado
Avast 4.8.1335.0 2009.08.14 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1978 2009.08.14 -
DrWeb 5.0.0.12182 2009.08.15 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.14 W32/Heuristic-KPP!Eldorado
F-Secure 8.0.14470.0 2009.08.15 Trojan-Banker.Win32.Banker.alwe
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.15 Trojan-Banker.Win32.Banker.alwa
McAfee 5709 2009.08.14 -
McAfee+Artemis 5709 2009.08.14 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.15 -
NOD32 4337 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
Panda 10.0.0.14 2009.08.14 Suspicious file
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.14 -

Additional information
File size: 178792 bytes
MD5...: 1a81e69e65b75f8b9e72e94c6f86a52b
SHA1..: 41b6344da04df875368eb5f87e10c00df8e1ccbb
SHA256: 2d4af620b5ec07325927b78431835466575b72c4a616049ff5 8e2cef6e3091b7
ssdeep: 3072:ok2t51Sf3Y+O/8qkaQ7NuASq6fknbxqpQXUG3ijtCi95C2lbbISaCXkCtsF
dy:oH50PY+OkqkP7RYknbxJUG3ijx95hdUw
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): MIME.Broken, PE_Patch.UPX, UPX
packers (Authentium): base64, UPX
packers (F-Prot): base64, UPX

File body received on 2009.08.15 13:25:48 (UTC)
Current status: finished
Result: 4/41 (9.76%)

a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.14 W32/EmailRisk.A!Camelot
Avast 4.8.1335.0 2009.08.14 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1965 2009.08.14 -
DrWeb 5.0.0.12182 2009.08.15 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.14 -
F-Secure 8.0.14470.0 2009.08.15 Trojan-Banker.Win32.Banker.alvx
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.15 Trojan-Banker.Win32.Banker.alww
McAfee 5709 2009.08.14 -
McAfee+Artemis 5709 2009.08.14 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.15 -
NOD32 4337 2009.08.15 -
Norman 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
Panda 10.0.0.14 2009.08.14 Suspicious file
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.14 -

Additional information
File size: 180064 bytes
MD5...: a5051a6e5365bdc4dd8267e62d3e2902
SHA1..: 441a4a1e35582b7822e00ec88b453f4df6ace3ef
SHA256: 11f3b7d0ec11e9ea44f4d8a81860d9a5d63d38a95ee677044f 20e0fcb52f8218
ssdeep: 3072:VTRPvNxJSWmo5SfI7NwQSWNAQ19wCQsBiYk+zYLrztb7D 49huV1U81QQ:H9
l7eqAQ19NFiYk+zYdOs3B1Z
PEiD..: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
packers (Kaspersky): MIME.Broken, MPRESS, PE_Patch.UPX, UPX
packers (F-Prot): base64, UPX
packers (Authentium): base64

**senyak** · 15.08.2009, 19:24

Файл Book_4310.exe получен 2009.08.15 15:29:54 (UTC)
Текущий статус: закончено
Результат: 5/41 (12.2%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.15 Trojan-Downloader.Adload!IK
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 ADSPY/AdSpy.Gen
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.14 -
Avast 4.8.1335.0 2009.08.14 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1978 2009.08.14 -
DrWeb 5.0.0.12182 2009.08.15 Adware.FieryAds.22
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.14 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 -
Ikarus T3.1.1.64.0 2009.08.15 Trojan-Downloader.Adload
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.15 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.15 Ad-Spyware.AdSpy.Gen
Microsoft 1.4903 2009.08.15 -
NOD32 4337 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.14 -

Дополнительная информация
File size: 2839109 bytes
MD5...: 8f009d05aaca2a4ac75084b7b57ffada
SHA1..: 4d51d689cf000b433979723828241563737d8833
SHA256: b612c33016c3cf543f666137056b4eec784d6a03d8a5ad7d6f 4d48505a1b0494
ssdeep: 49152:jkBxIqMYEU9xgiczfxqBMcTUV+FQ1oXoi3O8FZE++PPI o0E3TfkT9Dvg2e
5E+B7F:gBxgxU9xSzfxqicTY++yXz3LFYPP4T5Y
PEiD..: ASProtect v1.23 RC1
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...494-1250350194

**9073** · 15.08.2009, 19:32

А где можно статистику посмотреть?

**valho** · 16.08.2009, 06:49

File l.phpfxe received on 2009.08.15 20:27:59 (UTC)
Current status: finished
Result: 4/41 (9.76%)

a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.14 JS:Pdfka-KR
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1981 2009.08.15 -
DrWeb 5.0.0.12182 2009.08.15 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 JS:Pdfka-KR
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.15 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.15 Heuristic.Script.Crypted
Microsoft 1.4903 2009.08.15 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -

Additional information
File size: 6338 bytes
MD5...: 6493f1bd8bad9ead58475a903fb0acbd
SHA1..: cceeda2aa8d80e10ea82a20e128f69ed7cba35f9
SHA256: cc7685a8bf3dd1c7b296b780a8f95a137b9349e2f28966c433 ddbbe856ca8cc0
ssdeep: 192:0HpcC/qyYfyljhW2hhouZH0cbdnVTrwW11zTAkk:4pcCSyYfyljhlfoa H0cb
dnVTrwWjvxk
PEiD..: -
TrID..: File type identification
HyperText Markup Language with DOCTYPE (80.6%)
HyperText Markup Language (19.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

Добавлено через 6 часов 2 минуты

2 Порно-баннера
File mediamodule.wsf received on 2009.08.16 02:17:55 (UTC)
Current status: finished
Result: 0/41 (0%)

a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.16 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 -
DrWeb 5.0.0.12182 2009.08.16 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.16 -
GData 19 2009.08.16 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.16 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -

Additional information
File size: 163339 bytes
MD5...: 38a583d21abe894867e4e04ec2412f45
SHA1..: a4a547c80482d147117c10bc5e07c5191cd9923f
SHA256: a80402d559067c18d6c55a192eba5275154af7b380324c3c16 746da21ea07274
ssdeep: 3072:lJ436MPJeN8g/PVk+gS0vONH15XoYWJzRo+ZbPWDz/z/MtsMeKXURF7LlFw
RTJd:l67JeKp+gS0vONH15XoYWJ9zbWzDOsMV
PEiD..: -
TrID..: File type identification
Generic XML (ASCII) (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File msmedia.dll received on 2009.08.16 02:32:11 (UTC)
Current status: finished
Result: 6/41 (14.64%)

a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 TR/BHO.cnd.11
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.16 -
CAT-QuickHeal 10.00 2009.08.13 Trojan.BHO.xxx
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 -
DrWeb 5.0.0.12182 2009.08.16 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.16 -
GData 19 2009.08.16 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 Trojan/BHO.hry
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.16 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.16 Trojan.BHO.cnd.11
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 -
Panda 10.0.0.14 2009.08.15 Adware/WebSearch
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 High Risk Fraudulent Security Program
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -

Additional information
File size: 12800 bytes
MD5...: 9b38d561fe668ab63e0235bb68376264
SHA1..: 04ed2910439896bc09e5c7faf664354db91eccb1
SHA256: cbee213f302d4f0a84d7649e26e0fe06335ea083b594f66775 2936ad1ca3ac16
ssdeep: 192:Ib0eptbbmhWFxl2s4+i2MLjcW6hxhMKQABdX/:IIefbbGWrgs4+i2MLD6hMK
ddv
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x268c
timedatestamp.....: 0x4a867db7 (Sat Aug 15 09:19:51 2009)
machinetype.......: 0x14c (I386)
Prevx info: http://info.prevx.com/aboutprogramte...C74800DB7C31AF

File datafeeder.wsf received on 2009.08.16 02:19:25 (UTC)
Current status: finished
Result: 4/41 (9.76%)

a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 JS:XmlPack-C
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.16 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 -
DrWeb 5.0.0.12182 2009.08.16 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 Packed.JS.XMLPack.f
Fortinet 3.120.0.0 2009.08.16 -
GData 19 2009.08.16 JS:XmlPack-C
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.16 Packed.JS.XMLPack.f
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -

Additional information
File size: 105923 bytes
MD5...: fb046d8b30f072e14c2be00bf02ce751
SHA1..: 8f1bbc3f5a11c831d15f3cebacfeaf5f08e1ee49
SHA256: 46cbdd5d1679fa2da5baf46e7c7d4e5d57db32622ca3055d22 e1d83b204758ab
ssdeep: 1536:n0x4jNBhowEwLXIEb8NDHe6qGUMO28uB60QbOC:n00dWD e
PEiD..: -
TrID..: File type identification
file seems to be plain text/ASCII (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-

File bpfeed.dll received on 2009.08.16 02:32:08 (UTC)
Current status: finished
Result: 29/41 (70.73%)

a-squared 4.5.0.24 2009.08.15 Trojan.Win32.BHO!IK
AhnLab-V3 5.0.0.2 2009.08.15 Win-Trojan/Bho.12288.K
AntiVir 7.9.1.1 2009.08.14 TR/BHO.cnd.11
Antiy-AVL 2.0.3.7 2009.08.14 Trojan/Win32.BHO.gen
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.15 Generic13.AVZX
BitDefender 7.2 2009.08.16 Trojan.Generic.IS.591961
CAT-QuickHeal 10.00 2009.08.13 Trojan.BHO.suf
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 TrojWare.Win32.BHO.suf
DrWeb 5.0.0.12182 2009.08.16 Trojan.Blackmailer.origin
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 Trojan.Win32.BHO.suf
Fortinet 3.120.0.0 2009.08.16 W32/BHO.SUF!tr
GData 19 2009.08.16 Trojan.Generic.IS.591961
Ikarus T3.1.1.64.0 2009.08.15 Trojan.Win32.BHO
Jiangmin 11.0.800 2009.08.15 Trojan/BHO.gvz
K7AntiVirus 7.10.819 2009.08.14 Trojan.Win32.BHO.suf
Kaspersky 7.0.0.125 2009.08.16 Trojan.Win32.BHO.suf
McAfee 5710 2009.08.15 Ransom-J
McAfee+Artemis 5710 2009.08.15 Ransom-J
McAfee-GW-Edition 6.8.5 2009.08.16 Trojan.BHO.cnd.11
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 Win32/Adware.Agent.NMG
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 Trojan/W32.BHO.12288.H
Panda 10.0.0.14 2009.08.15 Trj/CI.A
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 High Risk Cloaked Malware
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 Troj/BHO-MQ
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 Adware.Gen
TheHacker 6.3.4.3.383 2009.08.13 Trojan/BHO.suf
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 Trojan.Win32.BHO.suf
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 Trojan.BHO.VGM

Additional information
File size: 12288 bytes
MD5 : f86854e5edd2f2a4eb730d1e59bd3154
SHA1 : bf2329a0f7f8de8b5632851852d52f155c091f35
SHA256: 5ff9068b7af8ddbdc2802ac1da44e95d5891e19834e8915c4e 36cbfbb9bc94fb
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2515
timedatestamp.....: 0x4A0D3014 (Fri May 15 11:04:20 2009)
machinetype.......: 0x14C (Intel I386)
Prevx Info: http://info.prevx.com/aboutprogramte...2D4500FBF1DE36

Исследование антивирусов 7

Опции темы

Похожие темы

Исследование антивирусов 6

Исследование антивирусов 5

Исследование антивирусов 4

Исследование антивирусов 3

Исследование антивирусов 2

Метки для этой темы

Ваши права в разделе