Исследование антивирусов 4

**ISO** · 13.10.2006, 13:27

Complete scanning result of "avz00001.dta", received in VirusTotal at 10.13.2006, 11:12:17 (CET).
Antivirus Version Update Result
AntiVir 7.2.0.30 10.13.2006 no virus found
Authentium 4.93.8 10.13.2006 Possibly a new variant of W32/Bongler-based
Avast 4.7.892.0 10.12.2006 no virus found
AVG 386 10.12.2006 no virus found
BitDefender 7.2 10.13.2006 DeepScan:Generic.Stration.102D26B8
CAT-QuickHeal 8.00 10.12.2006 no virus found
ClamAV devel-20060426 10.12.2006 no virus found
DrWeb 4.33 10.13.2006 no virus found
eTrust-InoculateIT 23.73.21 10.12.2006 no virus found
eTrust-Vet 30.3.3131 10.13.2006 no virus found
Ewido 4.0 10.13.2006 no virus found
Fortinet 2.82.0.0 10.13.2006 no virus found
F-Prot 3.16f 10.12.2006 Possibly a new variant of W32/Bongler-based
F-Prot4 4.2.1.29 10.13.2006 W32/Bongler-based
Ikarus 0.2.65.0 10.12.2006 no virus found
Kaspersky 4.0.2.24 10.13.2006 no virus found
McAfee 4872 10.12.2006 no virus found
Microsoft 1.1603 10.13.2006 no virus found
NOD32v2 1.1802 10.13.2006 Win32/Stration.HJ
Norman 5.80.02 10.13.2006 no virus found
Panda 9.0.0.4 10.12.2006 no virus found
Sophos 4.10.0 10.13.2006 no virus found
TheHacker 6.0.1.097 10.13.2006 no virus found
UNA 1.83 10.12.2006 I-Worm.Warezov
VBA32 3.11.1 10.12.2006 no virus found
VirusBuster 4.3.7:9 10.12.2006 no virus found

Aditional Information
File size: 110592 bytes
MD5: 966783485732d8e722652604a0ca0c5f
SHA1: 9c23c230d4d233b255121fe658bdb08b62ae2193

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**UkrZilla** · 13.10.2006, 18:51

Complete scanning result of "gozel.jpg.exe", received in VirusTotal at 10.13.2006, 16:43:21 (CET).

AntiVir 7.2.0.30 10.13.2006 no virus found
Authentium 4.93.8 10.13.2006 no virus found
Avast 4.7.892.0 10.13.2006 Win32:Trojano-1134
AVG 386 10.13.2006 PSW.Banker.25.S
BitDefender 7.2 10.13.2006 no virus found
CAT-QuickHeal 8.00 10.12.2006 no virus found
ClamAVdevel-20060426 10.13.2006 no virus found
DrWeb 4.33 10.13.2006 Trojan.Peflog.30
eTrust-InoculateIT 23.73.21 10.12.2006 no virus found
eTrust-Vet 30.3.3131 10.13.2006 no virus found
Ewido 4.0 10.13.2006 no virus found
Fortinet 2.82.0.0 10.13.2006 Keylog/PerfLogger
F-Prot3.16f 10.12.2006 no virus found
F-Prot4 4.2.1.29 10.13.2006 no virus found
Ikarus 0.2.65.0 10.13.2006 no virus found
Kaspersky 4.0.2.24 10.13.2006 not-a-virus:Monitor.Win32.Perflogger.al
McAfee 4872 10.12.2006 no virus found
Microsoft 1.1603 10.13.2006 no virus found
NOD32v2 1.1802 10.13.2006 no virus found
Norman 5.90.23 10.13.2006 W32/Banker.HVH
Panda 9.0.0.4 10.13.2006 no virus found
Sophos 4.10.0 10.13.2006 no virus found
TheHacker 6.0.1.097 10.13.2006 no virus found
UNA 1.83 10.12.2006 no virus found
VBA32 3.11.1 10.12.2006 Trojan-Downloader.Win32.Agent.fz
VirusBuster 4.3.7:9 10.13.2006 no virus found

Aditional Information
File size: 283288
bytesMD5: b721e87eb9e8be9a27b68f17d49edfea
SHA1: c72dfd0d775a47b61939f5f9ededc543b71d8604
packers: RAR

**Exxx** · 14.10.2006, 18:47

Complete scanning result of "secret-porn-video.zip", received in VirusTotal at 10.14.2006, 15:51:35 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.14.2006 no virus found
Authentium 4.93.8 10.13.2006 no virus found
Avast 4.7.892.0 10.13.2006 Win32

elf-AMI
AVG 386 10.13.2006 no virus found
BitDefender 7.2 10.14.2006 no virus found
CAT-QuickHeal 8.00 10.14.2006 no virus found
ClamAV devel-20060426 10.14.2006 no virus found
DrWeb 4.33 10.14.2006 Trojan.Iespy
eTrust-InoculateIT 23.73.22 10.13.2006 no virus found
eTrust-Vet 30.3.3131 10.13.2006 no virus found
Ewido 4.0 10.14.2006 no virus found
Fortinet 2.82.0.0 10.14.2006 no virus found
F-Prot 3.16f 10.13.2006 no virus found
F-Prot4 4.2.1.29 10.13.2006 no virus found
Ikarus 0.2.65.0 10.13.2006 no virus found
Kaspersky 4.0.2.24 10.14.2006 Backdoor.Win32.Delf.aui
McAfee 4873 10.13.2006 potentially unwanted program Ptop
Microsoft 1.1603 10.14.2006 no virus found
NOD32v2 1.1803 10.13.2006 probably a variant of Win32/PornTool.Topor
Norman 5.80.02 10.13.2006 no virus found
Panda 9.0.0.4 10.14.2006 Suspicious file
Sophos 4.10.0 10.13.2006 no virus found
TheHacker 6.0.1.098 10.14.2006 no virus found
UNA 1.83 10.13.2006 no virus found
VBA32 3.11.1 10.13.2006 suspected of Trojan-Clicker.Agent.35 (paranoid heuristics)
VirusBuster 4.3.7:9 10.14.2006 no virus found

Aditional Information
File size: 382097 bytes
MD5: 3555f9e2982391b0cce2aa56dbf4cd57
SHA1: 44e16a1bcf968a841887edd4b929a4b0aa5cc075

**HATTIFNATTOR** · 15.10.2006, 00:38

Complete scanning result of "taskmgr.exe"

Antivirus Version Update Result
AntiVir 7.2.0.30 10.14.2006 Worm/Sdbot.128512.9
Authentium 4.93.8 10.13.2006 no virus found
Avast 4.7.892.0 10.13.2006 no virus found
AVG 386 10.14.2006 no virus found
BitDefender 7.2 10.14.2006 DeepScan:Generic.Sdbot.42E1A01F
CAT-QuickHeal 8.00 10.14.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.14.2006 no virus found
DrWeb 4.33 10.14.2006 no virus found
eTrust-InoculateIT 23.73.22 10.13.2006 no virus found
eTrust-Vet 30.3.3131 10.13.2006 no virus found
Ewido 4.0 10.14.2006 no virus found
Fortinet 2.82.0.0 10.14.2006 suspicious
F-Prot 3.16f 10.13.2006 no virus found
F-Prot4 4.2.1.29 10.13.2006 no virus found
Ikarus 0.2.65.0 10.13.2006 no virus found
Kaspersky 4.0.2.24 10.14.2006 no virus found
McAfee 4873 10.13.2006 no virus found
Microsoft 1.1603 10.14.2006 no virus found
NOD32v2 1.1803 10.13.2006 no virus found
Norman 5.90.23 10.13.2006 no virus found
Panda 9.0.0.4 10.14.2006 Trj/Ranky.QG
Sophos 4.10.0 10.13.2006 Mal/Packer
TheHacker 6.0.1.098 10.14.2006 no virus found
UNA 1.83 10.13.2006 no virus found
VBA32 3.11.1 10.13.2006 no virus found
VirusBuster 4.3.7:9 10.14.2006 no virus found

Aditional Information
File size: 128512 bytes
MD5: 22271f50235f90fba02487301bad7076
SHA1: b1bea761eedf3c284fe2defde93759313bc22eea
packers: Enigma

**Alexey P.** · 15.10.2006, 18:51

Complete scanning result of "unlock.exe", received in VirusTotal at 10.15.2006,
16:44:22 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.14.2006 TR/PSW.PdPinch.I
Authentium 4.93.8 10.13.2006 no virus found
Avast 4.7.892.0 10.13.2006 Win32:Ldpinch-BD
AVG 386 10.14.2006 no virus found
BitDefender 7.2 10.15.2006 Generic.PWStealer.D1E7A557
CAT-QuickHeal 8.00 10.14.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.15.2006 Trojan.LdPinch-133
eTrust-InoculateIT 23.73.22 10.13.2006 no virus found
eTrust-Vet 30.3.3131 10.13.2006 no virus found
DrWeb 4.33 10.15.2006 BACKDOOR.PWS.Trojan
Ewido 4.0 10.15.2006 no virus found
Fortinet 2.82.0.0 10.15.2006 suspicious
F-Prot 3.16f 10.13.2006 no virus found
F-Prot4 4.2.1.29 10.13.2006 no virus found
Ikarus 0.2.65.0 10.13.2006 no virus found
Kaspersky 4.0.2.24 10.15.2006 no virus found
McAfee 4873 10.13.2006 no virus found
Microsoft 1.1603 10.15.2006 no virus found
NOD32v2 1.1804 10.15.2006 a variant of Win32/PSW.LdPinch
Norman 5.80.02 10.13.2006 no virus found
Panda 9.0.0.4 10.15.2006 Suspicious file
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.098 10.14.2006 no virus found
UNA 1.83 10.13.2006 no virus found
VBA32 3.11.1 10.15.2006 suspected of Trojan-PSW.PdPinch.1
VirusBuster 4.3.7:9 10.14.2006 no virus found

Aditional Information
File size: 27648 bytes
MD5: 8e6eebef6aec45dfe76abfc9cccd0df9
SHA1: 4f2f4d37d169491b5693c3a681a26804baea383f

**Sanja** · 15.10.2006, 19:10

По аське прибежало

STATUS: FINISHEDComplete scanning result of "goodday_movi.exe", received in VirusTotal at 10.15.2006, 17:05:55 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.14.2006 HEUR/Crypted
Authentium 4.93.8 10.13.2006 no virus found
Avast 4.7.892.0 10.13.2006 no virus found
AVG 386 10.14.2006 I-Worm/Stration.QQ
BitDefender 7.2 10.15.2006 DeepScan:Generic.Stration.3E95FA5D
CAT-QuickHeal 8.00 10.14.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.15.2006 no virus found
DrWeb 4.33 10.15.2006 Win32.HLLM.Limar
eTrust-InoculateIT 23.73.22 10.13.2006 no virus found
eTrust-Vet 30.3.3131 10.13.2006 no virus found
Ewido 4.0 10.15.2006 Worm.Warezov
Fortinet 2.82.0.0 10.15.2006 W32/Warezov@mm
F-Prot 3.16f 10.13.2006 no virus found
F-Prot4 4.2.1.29 10.13.2006 no virus found
Ikarus 0.2.65.0 10.13.2006 Packer.byDwing
Kaspersky 4.0.2.24 10.15.2006 Email-Worm.Win32.Warezov.gen
McAfee 4873 10.13.2006 New Malware.n
Microsoft 1.1603 10.15.2006 no virus found
NOD32v2 1.1804 10.15.2006 a variant of Win32/Stration
Norman 5.80.02 10.13.2006 no virus found
Panda 9.0.0.4 10.15.2006 Suspicious file
Sophos 4.10.0 10.15.2006 Mal/Packer
TheHacker 6.0.1.098 10.14.2006 no virus found
UNA 1.83 10.13.2006 I-Worm.Warezov
VBA32 3.11.1 10.15.2006 no virus found
VirusBuster 4.3.7:9 10.14.2006 no virus found

Aditional Information
File size: 52974 bytes
MD5: 6269ef28a4ead7eb684a98341b6eb2ad
SHA1: 89ac4f786e5e1c75390d044a902e488b8316bd27
packers: UPACK

**Синауридзе Александр** · 17.10.2006, 23:17

Complete scanning result of "Janna_Friski.exe", received in VirusTotal at 10.17.2006, 21:01:14 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.17.2006 TR/Spy.Agent.ACU
Authentium 4.93.8 10.16.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.892.0 10.17.2006 no virus found
AVG 386 10.17.2006 no virus found
BitDefender 7.2 10.17.2006 DeepScan:Generic.Malware.FYd!lg.A3AD7032
CAT-QuickHeal 8.00 10.17.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.17.2006 no virus found
eTrust-InoculateIT 23.73.24 10.17.2006 no virus found
eTrust-Vet 30.3.3139 10.17.2006 no virus found
DrWeb 4.33 10.17.2006 no virus found
Ewido 4.0 10.17.2006 no virus found
Fortinet 2.82.0.0 10.17.2006 no virus found
F-Prot 3.16f 10.16.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4 4.2.1.29 10.17.2006 W32/HLLI-MewOrleans-based!Maximus
Ikarus 0.2.65.0 10.17.2006 Backdoor.Win32.Ciadoor.N
Kaspersky 4.0.2.24 10.17.2006 Trojan-PSW.Win32.LdPinch.azw
McAfee 4875 10.17.2006 no virus found
Microsoft 1.1603 10.17.2006 Win32/Ldpinch
NOD32v2 1.1808 10.17.2006 no virus found
Norman 5.80.02 10.17.2006 W32/Suspicious_M.gen
Panda 9.0.0.4 10.17.2006 Suspicious file
Sophos 4.10.0 10.15.2006 Mal/Packer
TheHacker 6.0.1.099 10.16.2006 no virus found
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 suspected of Malware.Agent.26 (paranoid heuristics)
VirusBuster 4.3.7:9 10.17.2006 no virus found

Aditional Information
File size: 24384 bytes
MD5: 72d3fdba15a1c26b04d9c15e8a3afefe
SHA1: 0cb5e3f52e371342a0896fa8d71c99dd258fc6b1
Packers: MEW

**Alex_Goodwin** · 18.10.2006, 17:24

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 TR/Drop.Joiner.CI.2
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 Dropper.Generic.HCG
BitDefender 7.2 10.18.2006 no virus found
CAT-QuickHeal 8.00 10.18.2006 no virus found
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 no virus found
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.18.2006 W32/Joiner.CI!tr
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 no virus found
Kaspersky 4.0.2.24 10.18.2006 Trojan-Dropper.Win32.Joiner.ci
McAfee 4875 10.17.2006 no virus found
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 Win32/TrojanDropper.Joiner.NAA
Norman 5.80.02 10.18.2006 no virus found
Panda 9.0.0.4 10.17.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.100 10.18.2006 no virus found
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 suspected of Trojan-Dropper.Delf.71 (paranoid heuristics)
VirusBuster 4.3.7:9 10.18.2006 no virus found

Aditional Information
File size: 285696 bytes
MD5: be22132834ad2863c151830c3908bd06
SHA1: 76c62d6b7b331721928b53e727aea835b50f03fd
packers: UPX
packers: UPX
packers: UPX

**Alex_Goodwin** · 18.10.2006, 17:38

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 Worm/Warezov.CV.2.A
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 Win32:Warezov-LM
AVG 386 10.18.2006 I-Worm/Stration.QQ
BitDefender 7.2 10.18.2006 DeepScan:Generic.Stration.3E95FA5D
CAT-QuickHeal 8.00 10.18.2006 I-Worm.Warezov.gen
ClamAV devel-20060426 10.18.2006 Worm.Stration.IK
DrWeb 4.33 10.18.2006 Win32.HLLM.Limar
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 Worm.Warezov
Fortinet 2.82.0.0 10.18.2006 W32/Warezov@mm
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 Packer.byDwing
Kaspersky 4.0.2.24 10.18.2006 Email-Worm.Win32.Warezov.gen
McAfee 4875 10.17.2006 New Malware.n
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 Win32/Stration.HK
Norman 5.90.23 10.18.2006 no virus found
Panda 9.0.0.4 10.18.2006 W32/Spamta.GZ.worm
TheHacker 6.0.1.100 10.18.2006 W32/Warezov.gen
UNA 1.83 10.17.2006 I-Worm.Warezov
VBA32 3.11.1 10.17.2006 Email-Worm.Win32.Warezov.gen
VirusBuster 4.3.7:9 10.18.2006 no virus found

Aditional Information
File size: 52974 bytes
MD5: 6269ef28a4ead7eb684a98341b6eb2ad
SHA1: 89ac4f786e5e1c75390d044a902e488b8316bd27

**Alex_Goodwin** · 18.10.2006, 17:44

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 10.18.2006, 15:39:16 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 EXP/HTML.VML.Gen
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 no virus found
BitDefender 7.2 10.18.2006 no virus found
CAT-QuickHeal 8.00 10.18.2006 no virus found
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 Exploit.VMLFill
eTrust-InoculateIT 23.73.25 10.18.2006 HTML/Veemyfull!Exploit!Trojan
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.18.2006 HTML/MS06.XMLNS!exploit
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 Exploit.HTML.VML.e
Kaspersky 4.0.2.24 10.18.2006 Exploit.HTML.VML.h
McAfee 4875 10.17.2006 JS/Exploit-BO.gen
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 probably a variant of HTML/Exploit.VMLFill
Norman 5.80.02 10.18.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.100 10.18.2006 Exploit/IE
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 Exploit.JS.CVE-2006-1359.l#1
VirusBuster 4.3.7:9 10.18.2006 Exploit.VML.A

Aditional Information
File size: 86119 bytes
MD5: 3d24c99901591fcdc5e2a84ee3e0d79d
SHA1: d9e8633c2b5af386843fca8b57605bb78219533a

**Alex_Goodwin** · 18.10.2006, 17:51

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 10.18.2006, 15:45:34 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 BDS/Probat.B.77.A
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 Win32

rorat-BC
AVG 386 10.18.2006 no virus found
BitDefender 7.2 10.18.2006 no virus found
CAT-QuickHeal 8.00 10.18.2006 no virus found
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 BackDoor.ProRat.23
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 Backdoor.Prorat.19.al
Fortinet 2.82.0.0 10.18.2006 no virus found
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 Backdoor.Win32.Prorat.19
Kaspersky 4.0.2.24 10.18.2006 Backdoor.Win32.Prorat.fm
McAfee 4875 10.17.2006 no virus found
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 no virus found
Norman 5.80.02 10.18.2006 no virus found
Panda 9.0.0.4 10.18.2006 Suspicious file
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.100 10.18.2006 W32/Mumu.B
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 suspected of Backdoor.Prorat.2
VirusBuster 4.3.7:9 10.18.2006 no virus found

Aditional Information
File size: 208896 bytes
MD5: 77b667770fe30ea3b6137edf4e45811a
SHA1: 7b542c5eca3f04dccaffa46b7bf2aec4ba737292

**Alex_Goodwin** · 18.10.2006, 17:56

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 10.18.2006, 15:51:42 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 HEUR/Malware
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 no virus found
BitDefender 7.2 10.18.2006 BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal 8.00 10.18.2006 no virus found
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 DLOADER.Trojan
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.18.2006 no virus found
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 no virus found
Kaspersky 4.0.2.24 10.18.2006 no virus found
McAfee 4875 10.17.2006 no virus found
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1809 10.18.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 10.18.2006 no virus found
Panda 9.0.0.4 10.18.2006 Suspicious file
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.100 10.18.2006 no virus found
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 no virus found
VirusBuster 4.3.7:9 10.18.2006 no virus found

Aditional Information
File size: 11776 bytes
MD5: e5470997d94db88d7e7f44277cfbf4ad
SHA1: 044a58df6e129cbc8d3a41c4d5ba44b2084209fe
packers: UPX
packers: UPX
packers: UPX

STATUS: FINISHEDComplete scanning result of "qwerty.exe", received in VirusTotal at 10.23.2006, 07:29:27 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.32 10.21.2006 HEUR/Malware
Authentium 4.93.8 10.23.2006 no virus found
Avast 4.7.892.0 10.22.2006 no virus found
AVG 386 10.20.2006 no virus found
BitDefender 7.2 10.23.2006 BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal 8.00 10.20.2006 no virus found
ClamAV devel-20060426 10.23.2006 no virus found
DrWeb 4.33 10.22.2006 BackDoor.Pixbot
eTrust-InoculateIT 23.73.33 10.23.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
Ewido 4.0 10.22.2006 no virus found
Fortinet 2.82.0.0 10.23.2006 W32/Agent.AIH!tr.bdr
F-Prot 3.16f 10.23.2006 no virus found
F-Prot4 4.2.1.29 10.23.2006 no virus found
Ikarus 0.2.65.0 10.22.2006 no virus found
Kaspersky 4.0.2.24 10.23.2006 Backdoor.Win32.Agent.aih
McAfee 4878 10.20.2006 no virus found
Microsoft 1.1603 10.23.2006 no virus found
NOD32v2 1.1825 10.22.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 10.20.2006 no virus found
Panda 9.0.0.4 10.22.2006 Suspicious file
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.103 10.23.2006 no virus found
UNA 1.83 10.22.2006 no virus found
VBA32 3.11.1 10.23.2006 Backdoor.Win32.Agent.aih
VirusBuster 4.3.7:9 10.23.2006 no virus found

Aditional Information
File size: 11776 bytes
MD5: e5470997d94db88d7e7f44277cfbf4ad
SHA1: 044a58df6e129cbc8d3a41c4d5ba44b2084209fe
packers: UPX
packers: UPX
packers: UPX

**Winsent** · 19.10.2006, 09:58

porno.scr
Status: POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)
MD5 5f4fd123aeecf204150877bec2931825
Packers detected: -
Scanner results

AntiVir Found Heuristic/Crypted (probable variant)
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
VirusBuster Found nothing
VBA32 Found nothing

Вирустотал ожил:

STATUS: FINISHEDComplete scanning result of "porno.scr", received in VirusTotal at 10.19.2006, 08:28:07 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.30 10.19.2006 HEUR/Crypted
Authentium 4.93.8 10.19.2006 could be a corrupted executable file
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 no virus found
BitDefender 7.2 10.19.2006 no virus found
CAT-QuickHeal 8.00 10.19.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.19.2006 no virus found
DrWeb 4.33 10.19.2006 no virus found
eTrust-InoculateIT 23.73.28 10.19.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.19.2006 suspicious
F-Prot 3.16f 10.19.2006 no virus found
F-Prot4 4.2.1.29 10.19.2006 no virus found
Ikarus 0.2.65.0 10.19.2006 no virus found
Kaspersky 4.0.2.24 10.19.2006 no virus found
McAfee 4876 10.18.2006 no virus found
Microsoft 1.1603 10.19.2006 no virus found
NOD32v2 1.1811 10.19.2006 no virus found
Norman 5.80.02 10.18.2006 no virus found
Panda 9.0.0.4 10.18.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.18.2006 no virus found
VBA32 3.11.1 10.18.2006 no virus found
VirusBuster 4.3.7:9 10.19.2006 no virus found

Aditional Information
File size: 44662 bytes
MD5: 5f4fd123aeecf204150877bec2931825
SHA1: 77147af1ce55090c828acdab45bafc1680afa145

**Winsent** · 19.10.2006, 11:21

Complete scanning result of "filip_kirkorov_ebal_natalyu_podol", received in VirusTotal at 10.19.2006, 09:15:16 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.30 10.19.2006 HEUR/Crypted
Authentium 4.93.8 10.19.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.892.0 10.18.2006 no virus found
AVG 386 10.18.2006 no virus found
BitDefender 7.2 10.19.2006 DeepScan:Generic.Malware.FYd!lg.C0FC6504
CAT-QuickHeal 8.00 10.19.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.19.2006 no virus found
DrWeb 4.33 10.19.2006 no virus found
eTrust-InoculateIT 23.73.28 10.19.2006 no virus found
eTrust-Vet 30.3.3143 10.19.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.19.2006 no virus found
F-Prot 3.16f 10.19.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4 4.2.1.29 10.19.2006 W32/HLLI-MewOrleans-based!Maximus
Ikarus 0.2.65.0 10.19.2006 Backdoor.Win32.Ciadoor.N
Kaspersky 4.0.2.24 10.19.2006 no virus found
McAfee 4876 10.18.2006 no virus found
Microsoft 1.1603 10.19.2006 Win32/Ldpinch
NOD32v2 1.1812 10.19.2006 no virus found
Norman 5.90.23 10.18.2006 W32/Suspicious_M.gen
Panda 9.0.0.4 10.18.2006 Suspicious file
Sophos 4.10.0 10.15.2006 Mal/Packer
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.18.2006 no virus found
VBA32 3.11.1 10.19.2006 suspected of Malware.Agent.26 (paranoid heuristics)
VirusBuster 4.3.7:9 10.19.2006 no virus found

**Winsent** · 20.10.2006, 08:33

Complete scanning result of "Update-KB9515-x86.exe", received in VirusTotal at 10.20.2006, 06:28:32 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.31 10.20.2006 TR/Dldr.Stration.C.2
Authentium 4.93.8 10.20.2006 W32/Warezov.DM
Avast 4.7.892.0 10.19.2006 no virus found
AVG 386 10.19.2006 no virus found
BitDefender 7.2 10.20.2006 no virus found
CAT-QuickHeal 8.00 10.19.2006 no virus found
ClamAV devel-20060426 10.20.2006 Worm.Stration.JE
DrWeb 4.33 10.19.2006 no virus found
eTrust-InoculateIT 23.73.30 10.20.2006 no virus found
eTrust-Vet 30.3.3143 10.19.2006 no virus found
Ewido 4.0 10.19.2006 no virus found
Fortinet 2.82.0.0 10.20.2006 no virus found
F-Prot 3.16f 10.20.2006 W32/Warezov.DM
F-Prot4 4.2.1.29 10.19.2006 Possibly a new unknown PE_Virus!Maximus
Ikarus 0.2.65.0 10.19.2006 no virus found
Kaspersky 4.0.2.24 10.20.2006 no virus found
McAfee 4877 10.19.2006 no virus found
Microsoft 1.1603 10.19.2006 no virus found
NOD32v2 1.1817 10.19.2006 probably unknown NewHeur_PE virus
Norman 5.90.23 10.19.2006 no virus found
Panda 9.0.0.4 10.19.2006 no virus found
TheHacker 6.0.1.101 10.19.2006 Posible_Worm32
UNA 1.83 10.19.2006 no virus found
VBA32 3.11.1 10.19.2006 no virus found
VirusBuster 4.3.7:9 10.19.2006 no virus found

**Winsent** · 20.10.2006, 17:51

Complete scanning result of "Agytin.scr", received in VirusTotal at 10.20.2006, 15:39:36 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.31 10.20.2006 HEUR/Crypted
Authentium 4.93.8 10.20.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.892.0 10.20.2006 no virus found
AVG 386 10.20.2006 no virus found
BitDefender 7.2 10.20.2006 DeepScan:Generic.Dialer.5DAB36F2
CAT-QuickHeal 8.00 10.20.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 10.20.2006 no virus found
DrWeb 4.33 10.20.2006 no virus found
eTrust-InoculateIT 23.73.30 10.20.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
Ewido 4.0 10.19.2006 no virus found
Fortinet 2.82.0.0 10.20.2006 no virus found
F-Prot 3.16f 10.20.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4 4.2.1.29 10.19.2006 W32/HLLI-MewOrleans-based!Maximus
Ikarus 0.2.65.0 10.20.2006 no virus found
Kaspersky 4.0.2.24 10.20.2006 no virus found
McAfee 4877 10.19.2006 no virus found
Microsoft 1.1603 10.20.2006 Win32/Ldpinch
NOD32v2 1.1819 10.20.2006 no virus found
Norman 5.90.23 10.20.2006 W32/Suspicious_M.gen
Panda 9.0.0.4 10.19.2006 no virus found
Sophos 4.10.0 10.15.2006 Mal/Packer
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.20.2006 no virus found
VBA32 3.11.1 10.19.2006 suspected of Malware.Agent.26 (paranoid heuristics)
VirusBuster 4.3.7:9 10.20.2006 no virus found

Aditional Information
File size: 53890 bytes
MD5: ecec55ce1dd960924dd8c01b636f1bcc
SHA1: 797811bbda799d00cecdc7f36fc4e51edf0f6e6e
packers: MEW

**HATTIFNATTOR** · 21.10.2006, 17:20

Complete scanning result of "vccodec.5891.exe", received in VirusTotal at 10.21.2006, 15:14:07 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.32 10.21.2006 DR/Zlob.Gen
Authentium 4.93.8 10.21.2006 no virus found
Avast 4.7.892.0 10.20.2006 no virus found
AVG 386 10.20.2006 no virus found
BitDefender 7.2 10.21.2006 no virus found
CAT-QuickHeal 8.00 10.20.2006 no virus found
ClamAV devel-20060426 10.21.2006 no virus found
eTrust-InoculateIT 23.73.32 10.21.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
DrWeb 4.33 10.21.2006 no virus found
Ewido 4.0 10.20.2006 no virus found
Fortinet 2.82.0.0 10.21.2006 suspicious
F-Prot 3.16f 10.21.2006 no virus found
F-Prot4 4.2.1.29 10.21.2006 no virus found
Ikarus 0.2.65.0 10.21.2006 no virus found
Kaspersky 4.0.2.24 10.21.2006 no virus found
McAfee 4878 10.20.2006 no virus found
Microsoft 1.1603 10.21.2006 no virus found
NOD32v2 1.1821 10.21.2006 no virus found
Norman 5.80.02 10.20.2006 no virus found
Panda 9.0.0.4 10.21.2006 Suspicious file
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.102 10.20.2006 no virus found
UNA 1.83 10.21.2006 no virus found
VBA32 3.11.1 10.20.2006 no virus found
VirusBuster 4.3.7:9 10.20.2006 no virus found

Aditional Information
File size: 49983 bytes
MD5: 9093d690bf2f9e51fe1b36ee8e2678fa
SHA1: 63b00190c8e9cdeda16904f3fc643c11010866ec
packers: UPX

**Alex_Goodwin** · 23.10.2006, 09:48

STATUS: FINISHEDComplete scanning result of "index.php", received in VirusTotal at 10.23.2006, 07:42:13 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.32 10.21.2006 no virus found
Authentium 4.93.8 10.23.2006 no virus found
Avast 4.7.892.0 10.22.2006 no virus found
AVG 386 10.20.2006 no virus found
BitDefender 7.2 10.23.2006 no virus found
CAT-QuickHeal 8.00 10.20.2006 no virus found
ClamAV devel-20060426 10.23.2006 no virus found
DrWeb 4.33 10.22.2006 BackDoor.Pixbot
eTrust-InoculateIT 23.73.33 10.23.2006 no virus found
eTrust-Vet 30.3.3146 10.20.2006 no virus found
Ewido 4.0 10.22.2006 no virus found
Fortinet 2.82.0.0 10.23.2006 no virus found
F-Prot 3.16f 10.23.2006 no virus found
F-Prot4 4.2.1.29 10.23.2006 no virus found
Ikarus 0.2.65.0 10.22.2006 no virus found
Kaspersky 4.0.2.24 10.23.2006 Backdoor.Win32.Agent.aih
McAfee 4878 10.20.2006 no virus found
Microsoft 1.1603 10.23.2006 no virus found
NOD32v2 1.1825 10.22.2006 no virus found
Norman 5.80.02 10.20.2006 no virus found
Panda 9.0.0.4 10.22.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.103 10.23.2006 no virus found
UNA 1.83 10.22.2006 no virus found
VBA32 3.11.1 10.23.2006 no virus found
VirusBuster 4.3.7:9 10.23.2006 no virus found

Aditional Information
File size: 6015 bytes
MD5: ba25d3b6cd60d67945da38c673000809
SHA1: 0ed161e7edc49f17969d73ca9e908aa03cb4a6e9

**Winsent** · 24.10.2006, 19:36

Complete scanning result of "shock.scr", received in VirusTotal at 10.24.2006, 17:32:48 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.32 10.24.2006 HEUR/Crypted
Authentium 4.93.8 10.24.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.892.0 10.24.2006 no virus found
AVG 386 10.23.2006 no virus found
BitDefender 7.2 10.24.2006 no virus found
CAT-QuickHeal 8.00 10.23.2006 W32.Brontok.Q
ClamAV devel-20060426 10.24.2006 no virus found
DrWeb 4.33 10.24.2006 Trojan.PWS.LDPinch.1257
eTrust-InoculateIT 23.73.34 10.23.2006 no virus found
eTrust-Vet 30.3.3154 10.24.2006 no virus found
Ewido 4.0 10.24.2006 no virus found
Fortinet 2.82.0.0 10.24.2006 no virus found
F-Prot 3.16f 10.24.2006 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4 4.2.1.29 10.24.2006 W32/HLLI-MewOrleans-based!Maximus
Ikarus 0.2.65.0 10.24.2006 no virus found
Kaspersky 4.0.2.24 10.24.2006 no virus found
McAfee 4879 10.23.2006 no virus found
Microsoft 1.1609 10.24.2006 Win32/Ldpinch
NOD32v2 1.1830 10.24.2006 probably a variant of Win32/PSW.LdPinch.NCC
Norman 5.80.02 10.24.2006 W32/Suspicious_M.gen
Panda 9.0.0.4 10.24.2006 Suspicious file
Sophos 4.10.0 10.24.2006 Mal/Packer
TheHacker 6.0.1.104 10.23.2006 no virus found
UNA 1.83 10.24.2006 no virus found
VBA32 3.11.1 10.24.2006 suspected of Malware.Agent.26 (paranoid heuristics)
VirusBuster 4.3.7:9 10.24.2006 no virus found

Aditional Information
File size: 47815 bytes
MD5: 30cd8a4c3fdd395b7137d54095c670dc
SHA1: 54f847a1af1b276f1bb5b1f539cfe043df79de8c
packers: MEW
packers: MEW

**ISO** · 26.10.2006, 20:29

Закачал данный файл через блютус на сотовый телефон:
Complete scanning result of "CARIBE.SIS", received in VirusTotal at 10.26.2006, 18:21:17 (CET).
Antivirus Version Update Result
AntiVir 7.2.0.32 10.26.2006 no virus found
Authentium 4.93.8 10.26.2006 no virus found
Avast 4.7.892.0 10.26.2006 no virus found
AVG 386 10.26.2006 no virus found
BitDefender 7.2 10.26.2006 no virus found
CAT-QuickHeal 8.00 10.26.2006 no virus found
ClamAV devel-20060426 10.26.2006 no virus found
DrWeb 4.33 10.26.2006 no virus found
eTrust-InoculateIT 23.73.37 10.26.2006 no virus found
eTrust-Vet 30.3.3158 10.26.2006 no virus found
Ewido 4.0 10.26.2006 no virus found
Fortinet 2.82.0.0 10.26.2006 no virus found
F-Prot 3.16f 10.26.2006 no virus found
F-Prot4 4.2.1.29 10.26.2006 no virus found
Ikarus 0.2.65.0 10.26.2006 no virus found
Kaspersky 4.0.2.24 10.26.2006 Worm.SymbOS.Cabir.k
McAfee 4882 10.26.2006 SymbOS/Cabir.gen!sis
Microsoft 1.1609 10.25.2006 no virus found
NOD32v2 1.1836 10.26.2006 archive damaged - the file could not be extracted.
Norman 5.80.02 10.26.2006 no virus found
Panda 9.0.0.4 10.26.2006 no virus found
Sophos 4.10.0 10.26.2006 no virus found
TheHacker 6.0.1.105 10.25.2006 no virus found
UNA 1.83 10.25.2006 no virus found
VBA32 3.11.1 10.26.2006 no virus found
VirusBuster 4.3.15:9 10.26.2006 no virus found

Aditional Information
File size: 572 bytes
MD5: 1fe063e1749984a7ed040e2da70e939f
SHA1: 5f3be96a3c408a7a1102edf04103a08583410db9

При проверке оказалось - битый.
Полный детектится примерно так:

Код:

Complete scanning result of "Caribe.A.zip", received in VirusTotal at 11.04.2006,
19:33:13 (CET).

Antivirus       Version         Update          Result 
AntiVir         7.2.0.37        11.03.2006      Worm/Symbi.Cabir.A 
Authentium      4.93.8          11.04.2006      Epoc/Cabir.A 
Avast           4.7.892.0       11.03.2006      SymbOS:Cabir 
AVG             386             11.04.2006      SymbOS/Cabir.A 
BitDefender     7.2             11.04.2006      SymbOS.Worm.Cabir.A 
CAT-QuickHeal   8.00            11.04.2006      no virus found 
ClamAV          devel-20060426  11.04.2006      SymbOS.Worm.Cabir.A-3   
DrWeb           4.33            11.04.2006      Symbian.Cabir 
eTrust-InoculateIT 23.73.45     11.03.2006      EPOC/Cabir.A!Worm 
eTrust-Vet      30.3.3176       11.03.2006      SymbOS/Cabir.A 
Ewido           4.0             11.04.2006      Worm.Cabir.a 
Fortinet        2.82.0.0        11.04.2006      SymbOS/Cabir.B!worm 
F-Prot          3.16f           11.04.2006      Epoc/Cabir.A 
F-Prot4         4.2.1.29        11.04.2006      EPOC/Cabir 
Ikarus          0.2.65.0        11.03.2006      Worm.SymbOS.Cabir.A 
Kaspersky       4.0.2.24        11.04.2006      Worm.SymbOS.Cabir.a 
McAfee          4888            11.03.2006      SymbOS/Cabir.a 
Microsoft       1.1609          11.04.2006      SymbOS/Cabir.A 
NOD32v2         1.1853          11.03.2006      SymbOS/Cabir.A 
Norman          5.80.02         11.03.2006      no virus found 
Panda           9.0.0.4         11.04.2006      SymbOS/Cabir.B.worm 
Sophos          4.10.0          10.26.2006      Symb/Mabir-A 
TheHacker       6.0.1.112       11.03.2006      no virus found 
UNA             1.83            11.03.2006      Worm.SymbOS.Cabir.a.2D1F 
VBA32           3.11.1          11.04.2006      Worm.SymbOS.Cabir.a#1 
VirusBuster     4.3.15:9        11.04.2006      no virus found 

Aditional Information 
File size: 7190 bytes 
MD5: 0879c600ee3ca9834154b5262a98cf17 
SHA1: 526fa3708b70a459c2b99a9cd1bc3c644450281c

Исследование антивирусов 4

Опции темы

Похожие темы

Исследование антивирусов 7

Исследование антивирусов 6

Исследование антивирусов 5

Исследование антивирусов 3

Исследование антивирусов 2

Ваши права в разделе