Исследование антивирусов 4

**DoSTR** · 22.11.2006, 07:55

Complete scanning result of "kart.exe", received in VirusTotal at 11.22.2006, 05:44:37 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.44 11.21.2006 Worm/W32.Sircam.C
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.20.2006 Win32:Sircam-B
AVG 386 11.20.2006 I-Worm/Sircam
BitDefender 7.2 11.22.2006 I-Worm.Sircam.A
CAT-QuickHeal 8.00 11.21.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.21.2006 no virus found
DrWeb 4.33 11.21.2006 BACKDOOR.Trojan - Ok
eSafe 7.0.14.0 11.20.2006 Win32.Polipos.sus
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 Worm.Sircam.c
Fortinet 2.82.0.0 11.22.2006 suspicious
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 W32/SirCam@MM
Microsoft 1.1804 11.22.2006 Win32/Sircam.C@mm
NOD32v2 1876 11.21.2006 Win32/Sircam.F
Norman 5.80.02 11.21.2006 W32/Suspicious_U.gen
Panda 9.0.0.4 11.21.2006 Suspicious file
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 W32/Sircam-A
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.21.2006 Win32.HLLW.SirCam
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 79504 bytes
MD5: 243c7d016e5edad97315f72227568128
SHA1: 9c3ea1cc74d5f985300a95f8bc85da6e4e888fe0
packers: Upack
packers: UPACK
packers: UPack

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**DoSTR** · 22.11.2006, 08:10

Complete scanning result of "rolik.exe", received in VirusTotal at 11.22.2006, 06:02:17 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.44 11.21.2006 HEUR/Crypted
Authentium 4.93.8 11.22.2006 could be a corrupted executable file
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.21.2006 Trojan.MulDrop.1161
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 a variant of Win32/TrojanDropper.Joiner.AJ
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Packer
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 Win32.CRYPT.virus
VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 76811 bytes
MD5: b1815a454d64a251360c5a9abe8791ac
SHA1: 1c556fbbbc17f765055490519a196cf615304be8
packers: SVKP
packers: SVKProtector

**santy** · 22.11.2006, 08:37

Complete scanning result of "test1.zip", received in VirusTotal at 11.22.2006, 05:58:27 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.44 11.21.2006 no virus found
Authentium 4.93.8 11.22.2006 Possibly a new variant of W32/Tricky-Malware-based!Maximus
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 DeepScan:Generic.Stration.93DDD392
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.21.2006 no virus found
DrWeb 4.33 11.21.2006 no virus found
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 Win32/Stration!ZIP!Worm
eTrust-Vet 30.3.3205 11.21.2006 Win32/Stration!ZIP!generic
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 Possibly a new variant of W32/Tricky-Malware-based!Maximus
F-Prot4 4.2.1.29 11.22.2006 W32/Tricky-Malware-based!Maximus
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 W32/Stratio-Zip
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 Trojan.Opnis.Gen.28

Aditional Information
File size: 22668 bytes
MD5: 0dff5bce2cb22a8877f16cf1864b444b
SHA1: efc3b2474b3e99f6d1738209b98f49a01cd80fbf
packers: UPX

**DoSTR** · 22.11.2006, 10:55

Complete scanning result of "screensaver_ABC.exe", received in VirusTotal at 11.22.2006, 08:48:35 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.44 11.22.2006 HEUR/Crypted
Authentium 4.93.8 11.22.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast 4.7.892.0 11.20.2006 Win32

dpinch-AH
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 BACKDOOR.PWS.Trojan
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4 4.2.1.29 11.22.2006 W32/CrazyCrunch-based!Maximus
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 no virus found
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 Suspicious file
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.21.2006 MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 14336 bytes
MD5: 90f100ef481774dca2be02004ee4967c
SHA1: 1f3d4f6340d62204c839d4fe5a0dc8352de26c8b
packers: ASPack
packers: ASPACK
packers: Aspack

**pig** · 22.11.2006, 11:23

Отсюда: http://virusinfo.info/showthread.php?t=6856

Complete scanning result of "helper.rar", received in VirusTotal at 11.22.2006, 09:19:25 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.44 11.22.2006 no virus found
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.20.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 BackDoor.Jiagate
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.21.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 suspicious
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.21.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1876 11.21.2006 no virus found
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 Suspicious file
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.21.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 18967 bytes
MD5: 4cb0e7fdb7543bddbe22d53efacd3d45
SHA1: 1277b086dfd1038823a8d61395ecee46f2dd6f1e
packers: UPX
packers: UPX
packers: UPX

**Winsent** · 22.11.2006, 14:55

Complete scanning result of "QIP8000.rar", received in VirusTotal at 11.22.2006, 12:50:26 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.44 11.22.2006 no virus found
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.21.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.20.2006 no virus found
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 Trojan.ICQ.Delf.j
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1877 11.22.2006 no virus found
Norman 5.80.02 11.21.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.22.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 271381 bytes
MD5: c9be422182029c65a9f4df9a83b0a925
SHA1: 77ab6a6a07d3d420444d46a32ddeea27ce69c104

PS: Странно прогнал на KAV определяется как: троянская программа Trojan-PSW.Win32.ICQ.Delf.j. Уже второй раз так на вирустотале не детектит, причем эту же разновидность троя

**DoSTR** · 22.11.2006, 17:55

Complete scanning result of "mygirl.exe", received in VirusTotal at 11.22.2006, 15:43:08 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.44 11.22.2006 TR/Drop.Agent.aaq.2
Authentium 4.93.8 11.22.2006 no virus found
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 DeepScan:Generic.PWStealer.A02FCE50
CAT-QuickHeal 8.00 11.22.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 suspicious
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1877 11.22.2006 no virus found
Norman 5.80.02 11.22.2006 Suspicious_F.gen
Panda 9.0.0.4 11.21.2006 Suspicious file
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Packer
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.22.2006 MalwareScope.Trojan-PSW.LdPinch.2
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 121717 bytes
MD5: 016f1fa3ee8ca1a7fc29a3ffe993e45f
SHA1: dcffd90b0a48d1c314a3ecf3fd7261ae7dadff97
packers: FSG
packers: FSG

**Dandy** · 22.11.2006, 19:29

Свежачок (пришел по IM)
Complete scanning result of "pics.pif", received in VirusTotal at 11.22.2006, 17:24:36 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.44 11.22.2006 no virus found
Authentium 4.93.8 11.22.2006 could be a corrupted executable file
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 no virus found
CAT-QuickHeal 8.00 11.22.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.22.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 no virus found
F-Prot 3.16f 11.22.2006 no virus found
F-Prot4 4.2.1.29 11.22.2006 no virus found
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4901 11.21.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1877 11.22.2006 no virus found
Norman 5.80.02 11.22.2006 no virus found
Panda 9.0.0.4 11.21.2006 no virus found
Prevx1 V2 11.22.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.21.2006 no virus found
VBA32 3.11.1 11.22.2006 no virus found
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 25612 bytes
MD5: da62d0c1800aec4793fcf98f47440d2b
SHA1: 158ff737f2d1958b873e9927b58cfca963584f97

**Dandy** · 22.11.2006, 19:35

О, on-line Dr.Web-a уже определяет как: Win32.HLLM.Limar

**5ergi0** · 23.11.2006, 02:19

Complete scanning result of "7exssd32.o.exe", received in VirusTotal at 11.23.2006, 00:05:21 (CET).
Antivirus Version Update Result
AntiVir 7.2.0.44 11.22.2006 TR/Medbod.B
Authentium 4.93.8 11.22.2006 W32/Downloader.gen8
Avast 4.7.892.0 11.22.2006 no virus found
AVG 386 11.20.2006 no virus found
BitDefender 7.2 11.22.2006 Trojan.Medbod.B
CAT-QuickHeal 8.00 11.22.2006 no virus found
ClamAV devel-20060426 11.22.2006 no virus found
DrWeb 4.33 11.22.2006 no virus found
eSafe 7.0.14.0 11.22.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.63 11.22.2006 no virus found
eTrust-Vet 30.3.3205 11.21.2006 no virus found
Ewido 4.0 11.22.2006 no virus found
Fortinet 2.82.0.0 11.22.2006 suspicious
F-Prot 3.16f 11.22.2006 W32/Downloader.gen8
F-Prot4 4.2.1.29 11.22.2006 W32/Downloader.gen8
Ikarus 0.2.65.0 11.22.2006 no virus found
Kaspersky 4.0.2.24 11.22.2006 no virus found
McAfee 4902 11.22.2006 no virus found
Microsoft 1.1804 11.22.2006 no virus found
NOD32v2 1878 11.22.2006 no virus found
Norman 5.80.02 11.22.2006 no virus found
Panda 9.0.0.4 11.22.2006 Suspicious file
Prevx1 V2 11.23.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Behav-080
TheHacker 6.0.3.122 11.21.2006 no virus found
UNA 1.83 11.22.2006 no virus found
VBA32 3.11.1 11.22.2006 MalwareScope.Trojan-Proxy.Horst.3
VirusBuster 4.3.15:9 11.22.2006 no virus found

Aditional Information
File size: 23552 bytes
MD5: 3e73d3ce4bfc9668dcfe9180c561f7f3
SHA1: 7185b9d35bbb8a04b2411caf85abbea9d89034c0
packers: UPX
packers: UPX
packers: UPX
packers: UPX

**Exxx** · 25.11.2006, 02:00

Complete scanning result of "load.exe", received in VirusTotal at 11.24.2006, 23:54:40 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.24.2006 no virus found
Authentium 4.93.8 11.24.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.24.2006 no virus found
BitDefender 7.2 11.24.2006 DeepScan:Generic.Malware.SFMBdldg.751FED43
CAT-QuickHeal 8.00 11.24.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.24.2006 no virus found
DrWeb 4.33 11.24.2006 no virus found
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.66 11.23.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.24.2006 no virus found
Fortinet 2.82.0.0 11.24.2006 suspicious
F-Prot 3.16f 11.24.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus
F-Prot4 4.2.1.29 11.24.2006 generic
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.24.2006 Trojan-Dropper.Win32.Agent.ays
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.24.2006 no virus found
NOD32v2 1882 11.24.2006 probably a variant of Win32/Spy.Small.DP
Norman 5.80.02 11.24.2006 W32/Smalltroj.NWF.dropper
Panda 9.0.0.4 11.24.2006 Suspicious file
Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.24.2006 suspected of Backdoor.xBot.1 (paranoid heuristics)
VirusBuster 4.3.15:9 11.24.2006 no virus found

Aditional Information
File size: 26276 bytes
MD5: 1f38950478ae888a2cf472c8071ba75a
SHA1: 7d6ddb62702f7438a75d9b7b3c7e425744992a3f
packers: embedded

http://www.virusinfo.info/showthread...newpost&t=6901

**HATTIFNATTOR** · 25.11.2006, 02:27

Complete scanning result of "robik.rar", received in VirusTotal at 11.25.2006, 00:23:18 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.24.2006 TR/PSW.LdPinch.bde
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.24.2006 no virus found
BitDefender 7.2 11.24.2006 DeepScan:Generic.Dialer.ACD567A2
CAT-QuickHeal 8.00 11.24.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.24.2006 no virus found
DrWeb 4.33 11.24.2006 no virus found
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.66 11.23.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.24.2006 no virus found
Fortinet 2.82.0.0 11.24.2006 W32/LdPinch.BDE!tr.pws
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 generic
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.24.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.24.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.24.2006 Suspicious file
Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.24.2006 MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster 4.3.15:9 11.24.2006 no virus found

Aditional Information
File size: 64426 bytes
MD5: a888d8c51f5c595533c918fc3290b909
SHA1: 217577bb73e56f93c4c229a4a8ec03eb1c549419

**Синауридзе Александр** · 25.11.2006, 14:07

Complete scanning result of "10032_mmdust.exe", received in VirusTotal at 11.25.2006, 12:00:19 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.24.2006 no virus found
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.24.2006 no virus found
BitDefender 7.2 11.25.2006 no virus found
CAT-QuickHeal 8.00 11.24.2006 no virus found
ClamAV devel-20060426 11.25.2006 Trojan.Mmust
DrWeb 4.33 11.25.2006 Win32.HLLP.MMDust
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.24.2006 no virus found
Fortinet 2.82.0.0 11.25.2006 no virus found
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.25.2006 Virus.Win32.Merin.a
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.25.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.24.2006 Suspicious file
Prevx1 V2 11.25.2006 Worm.Renama
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.24.2006 no virus found
VirusBuster 4.3.15:9 11.24.2006 no virus found

Aditional Information
File size: 11776 bytes
MD5: ae898f7dabd29ec8aa4ef8924bbdb46f
SHA1: d207b440db1d1bf77c607867ff4d44f3dfae3d4c
packers: UPX
packers: UPX

Можно скачать с http://www.freeware.ru/program_prog_id_10032.html.

**DoSTR** · 25.11.2006, 18:19

Complete scanning result of "Latinas.exe", received in VirusTotal at 11.25.2006, 16:11:51 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.46 11.24.2006 DIAL/302366
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.25.2006 Potentially harmful program Dialer.DGK
BitDefender 7.2 11.25.2006 Dialer.Porn.Hcon.A
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 Dialer-715
DrWeb 4.33 11.25.2006 no virus found
eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.25.2006 Dialer.CapreDeam.r
Fortinet 2.82.0.0 11.25.2006 Dial/Dialer
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.25.2006 not-a-virus:Porn-Dialer.Win32.CapreDeam.r
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.25.2006 no virus found
NOD32v2 1882 11.24.2006 probably a variant of Win32/Dialer.CDDial
Norman 5.80.02 11.24.2006 W32/Dialer.AYVN
Panda 9.0.0.4 11.25.2006 Dialer.IKV
Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 Trojan/Dialer.CapreDeam.r
UNA 1.83 11.24.2006 Dialer.CapreDeam.9B67
VBA32 3.11.1 11.24.2006 Porn-Dialer.Win32.CapreDeam.r
VirusBuster 4.3.15:9 11.25.2006 no virus found

Aditional Information
File size: 96936 bytes
MD5: 0227f4f4aff0cec56e45f662812285fc
SHA1: 8df449e5cd2110e5db3d41a762ad1868a83a6351
packers: UPX
packers: UPX
packers: UPX

**DoSTR** · 25.11.2006, 18:29

Complete scanning result of "y.exe", received in VirusTotal at 11.25.2006, 16:24:05 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.46 11.24.2006 no virus found
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.25.2006 no virus found
BitDefender 7.2 11.25.2006 no virus found
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.25.2006 no virus found
eSafe 7.0.14.0 11.24.2006 no virus found
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.25.2006 no virus found
Fortinet 2.82.0.0 11.25.2006 no virus found
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.25.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.25.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.25.2006 Suspicious file
Prevx1 V2 11.25.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.24.2006 suspected of Trojan-PSW.LdPinch.8 (paranoid heuristics)
VirusBuster 4.3.15:9 11.25.2006 no virus found

Aditional Information
File size: 58368 bytes
MD5: 4ac5674a5dbe8d5463b29f49391408a3
SHA1: e113da8580000de81bc334a2fa62330144af4dd7

**DoSTR** · 26.11.2006, 12:27

файл Аффтар_жжот.exe
Complete scanning result of "___1040", received in VirusTotal at 11.26.2006, 10:18:30 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.46 11.25.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 Possibly a new variant of W32/new-malware!Maximus
Avast 4.7.892.0 11.23.2006 Win32:Ldpinch-GH
AVG 386 11.25.2006 no virus found
BitDefender 7.2 11.26.2006 DeepScan:Generic.Dialer.70C62169
CAT-QuickHeal 8.00 11.25.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.25.2006 Trojan.PWS.LDPinch.1314
eSafe 7.0.14.0 11.24.2006 no virus found
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.25.2006 no virus found
Fortinet 2.82.0.0 11.26.2006 suspicious
F-Prot 3.16f 11.24.2006 Possibly a new variant of W32/new-malware!Maximus
F-Prot4 4.2.1.29 11.24.2006 W32/new-malware!Maximus
Ikarus 0.2.65.0 11.24.2006 Backdoor.Win32.Ciadoor.13
Kaspersky 4.0.2.24 11.26.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.26.2006 Win32/Ldpinch
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.25.2006 Suspicious file
Prevx1 V2 11.26.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Packer
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.25.2006 MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster 4.3.15:9 11.25.2006 no virus found

Aditional Information
File size: 59357 bytes
MD5: 2b2a7a248e223792c3b685098eb00cc1
SHA1: 21757f85d69c2ba260d4d13b1a17b80fc3e33418
packers: FSG
packers: FSG

**HATTIFNATTOR** · 27.11.2006, 08:07

scanning result of "Update-KB2718-x86.zip", received in VirusTotal at 11.27.2006, 06:02:07 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 W32/Warezov.gen3!W32DL
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.27.2006 I-Worm/Stration
BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.72D1AE53
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 Win32/Stration!ZIP!Worm
eTrust-Vet 30.3.3211 11.24.2006 Win32/Stration!ZIP!generic
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 W32/Stration.DS@mm
F-Prot 3.16f 11.24.2006 W32/Warezov.gen3!W32DL
F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen3!W32DL
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.27.2006 Email-Worm.Win32.Warezov.ha
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 Suspicious file
Prevx1 V2 11.27.2006 no virus found
Sophos 4.11.0 11.16.2006 W32/Stratio-Zip
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 no virus found
VirusBuster 4.3.15:9 11.26.2006 no virus found

Aditional Information
File size: 18989 bytes
MD5: 1be8e6c16ee5145a540b877958d4dd6b
SHA1: 5ce971c17ba4064aca5b84bc571878ffc61a7a76
packers: UPX
packers: UPX
packers: UPX
packers: UPX

**kvit** · 27.11.2006, 08:28

Complete scanning result of "Update-KB9890-x86.exe", received in VirusTotal at 11.27.2006, 06:18:18 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 W32/Warezov.gen3!W32DL
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.27.2006 I-Worm/Stration
BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.780D6248
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 W32/Stration.DS@mm
F-Prot 3.16f 11.24.2006 W32/Warezov.gen3!W32DL
F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen3!W32DL
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.27.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 Suspicious file
Prevx1 V2 11.27.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 no virus found
VirusBuster 4.3.15:9 11.26.2006 no virus found

Aditional Information
File size: 21028 bytes
MD5: c7adbfabd6b2ab7bb88d9103de731d52
SHA1: ea5fb290dcd89c9560c67b8c40ab7495d2599650
packers: UPX
packers: UPX
packers: UPX
packers: UPX

**Alex_Goodwin** · 27.11.2006, 13:52

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.27.2006, 11:45:20 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.46 11.27.2006 Worm/Stration.H
Authentium 4.93.8 11.24.2006 W32/Warezov.gen4
Avast 4.7.892.0 11.27.2006 no virus found
AVG 386 11.27.2006 no virus found
BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.25B4D41B
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.27.2006 no virus found
DrWeb 4.33 11.27.2006 Win32.HLLM.Limar
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.68 11.27.2006 Win32/Stration.Variant!Worm
eTrust-Vet 30.3.3217 11.27.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 suspicious
F-Prot 3.16f 11.24.2006 W32/Warezov.gen4
F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen4
Ikarus 0.2.65.0 11.27.2006 no virus found
Kaspersky 4.0.2.24 11.27.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1884 11.27.2006 probably unknown NewHeur_PE virus
Norman 5.80.02 11.27.2006 W32/Malware
Panda 9.0.0.4 11.26.2006 no virus found
Prevx1 V2 11.27.2006 Worm.Warezov.Gen
Sophos 4.11.0 11.16.2006 W32/Strati-Gen
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.15:9 11.27.2006 Trojan.Opnis.Gen.29

Aditional Information
File size: 63488 bytes
MD5: ea5d7c90ed6963ad01454ea3bd31a6d7
SHA1: 5f1ecc30f76f22e59f44c47cbc85b42dc16b306e
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* Creating several executable files on hard-drive.
* File length: 63488 bytes.

[ Changes to filesystem ]
* Creates file C:windowssystem32cfgmwmid.exe.
* Creates file C:WINDOWSSYSTEM32olecmsre.dll.
* Creates file C:WINDOWSSYSTEM32oaklrass.exe.
* Creates file C:WINDOWSSYSTEM32 tlamsht.dll.
* Creates file C:WINDOWSSYSTEM32e1.dll.

[ Changes to registry ]
* Creates value "cfgmwmid"="c:windowssystem32cfgmwmid.exe" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun ".

[ Changes to system settings ]
* Creates WindowsHook monitoring cbt activity.

[ Process/window information ]
* Creates an event called ZAAllowEvent.
* Creates an event called SGAllowEvent.
* Creates an event called NISAllowEvent.
* Creates an event called OPAllowEvent.
* Creates an event called MAAllowEvent2.
* Attempts to access service "vsmon".
* Creates an event called ActiveZA.
* Attempts to access service "SmcService".
* Creates an event called ActiveSG.
* Attempts to access service "wscsvc".
* Attempts to access service "SharedAccess".
* Attempts to access service "Symantec Core LC".
* Creates an event called ActiveNIS.
* Attempts to access service "OutpostFirewall".
* Creates an event called ActiveOP.
* Attempts to access service "MpfService".
* Creates an event called ActiveMA.
* Attempts to access service "WinRoute".
* Will automatically restart after boot (I'll be back...).
* Enumerates running processes.
* Modifies other process memory.
* Creates a remote thread.

**Winsent** · 28.11.2006, 03:14

Complete scanning result of "setup.exe", received in VirusTotal at 11.28.2006, 01:10:29 (CET).

Antivirus Version Update Result

AntiVir 7.2.0.46 11.27.2006 HEUR/Malware
Authentium 4.93.8 11.27.2006 no virus found
Avast 4.7.892.0 11.27.2006 no virus found
AVG 386 11.27.2006 Proxy.25.AO
BitDefender 7.2 11.28.2006 DeepScan:Generic.Horst.4D66057B
CAT-QuickHeal 8.00 11.27.2006 no virus found
ClamAV devel-20060426 11.27.2006 no virus found
DrWeb 4.33 11.27.2006 no virus found
eSafe 7.0.14.0 11.27.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.69 11.28.2006 no virus found
eTrust-Vet 30.3.3217 11.27.2006 no virus found
Ewido 4.0 11.27.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 no virus found
F-Prot 3.16f 11.27.2006 no virus found
F-Prot4 4.2.1.29 11.27.2006 no virus found
Ikarus 0.2.65.0 11.27.2006 no virus found
Kaspersky 4.0.2.24 11.28.2006 no virus found
McAfee 4905 11.27.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1886 11.27.2006 probably a variant of Win32/Medbot.DC
Norman 5.80.02 11.27.2006 W32/Malware
Panda 9.0.0.4 11.27.2006 Suspicious file
Prevx1 V2 11.28.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.27.2006 no virus found
VBA32 3.11.1 11.27.2006 no virus found
VirusBuster 4.3.15:9 11.27.2006 no virus found

Aditional Information
File size: 35840 bytes
MD5: 3b881fb47ef62340dfb4eab692722532
SHA1: 52a8ecae75e6c54dd3e2221aa4ba20d0e3d21fbe
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 35840 bytes.

[ Process/window information ]
* Modifies other process memory.
* Attempts to access service "wscsvc".
* Attempts to access service "SharedAccess".
* Attempts to access service "kavsvc".
* Attempts to access service "SAVScan".
* Attempts to access service "Symantec Core LC".
* Attempts to access service "navapsvc".
* Attempts to access service "wuauserv".
* Attempts to access service "KAVPersonal50".
* Disables security related services.

Исследование антивирусов 4

Опции темы

Похожие темы

Исследование антивирусов 7

Исследование антивирусов 6

Исследование антивирусов 5

Исследование антивирусов 3

Исследование антивирусов 2

Ваши права в разделе