Исследование антивирусов 7

**Torvic99** · 08.05.2009, 13:32

Файл pdf.pdf получен 2009.05.08 10:57:00 (CET)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.08 Exploit.Pidief!IK
AhnLab-V3 5.0.0.2 2009.05.08 Win-Trojan/Exploit-PDF
AntiVir 7.9.0.160 2009.05.08 EXP/Pidief.JQ.1
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.07 -
Avast 4.8.1335.0 2009.05.07 JSdfka-EO
AVG 8.5.0.327 2009.05.07 -
BitDefender 7.2 2009.05.08 Exploit.PDF-JS.Gen
CAT-QuickHeal 10.00 2009.05.08 -
ClamAV 0.94.1 2009.05.08 -
Comodo 1156 2009.05.08 Unclassified Malware
DrWeb 5.0.0.12182 2009.05.08 Exploit.PDF.2
eSafe 7.0.17.0 2009.05.07 -
eTrust-Vet 31.6.6495 2009.05.08 -
F-Prot 4.4.4.56 2009.05.07 -
F-Secure 8.0.14470.0 2009.05.08 Exploit.Win32.Pidief.ato
Fortinet 3.117.0.0 2009.05.08 -
GData 19 2009.05.08 Exploit.PDF-JS.Gen
Ikarus T3.1.1.49.0 2009.05.08 Exploit.Pidief
K7AntiVirus 7.10.728 2009.05.07 -
Kaspersky 7.0.0.125 2009.05.08 Exploit.Win32.Pidief.ato
McAfee 5608 2009.05.07 -
McAfee+Artemis 5608 2009.05.07 -
McAfee-GW-Edition 6.7.6 2009.05.08 Exploit.Pidief.JQ.1
Microsoft 1.4602 2009.05.08 -
NOD32 4061 2009.05.07 PDF/Exploit.Pidief.OLO
Norman 6.01.05 2009.05.07 -
nProtect 2009.1.8.0 2009.05.08 Exploit.PDF-JS.Gen.C03
Panda 10.0.0.14 2009.05.07 Exploit/Pidief
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.08 -
Rising 21.28.41.00 2009.05.08 -
Sophos 4.41.0 2009.05.08 Troj/PdfEx-AP
Sunbelt 3.2.1858.2 2009.05.08 Exploit.PDF-JS.Gen (v)
Symantec 1.4.4.12 2009.05.08 Bloodhound.Exploit.213
TheHacker 6.3.4.1.321 2009.05.07 -
TrendMicro 8.950.0.1092 2009.05.08 TROJ_PDFEX.P
VBA32 3.12.10.4 2009.05.07 -
ViRobot 2009.5.8.1724 2009.05.08 -
VirusBuster 4.6.5.0 2009.05.07 -

Дополнительная информация
File size: 3545 bytes
MD5...: 97ee138c7dfcef3ded79cad5d8ab7a19
SHA1..: 53cd4251f4f2eb40fe64bae2d5dc5dd465b97c1a
SHA256: 8c793875755a5f1049f4ed771665904942af93edd5e539746d 98601d90ac3685
SHA512: 41bca5ebd70199ed725d0609b68bf38b481615266e16a046b6 ebed0df38680f2 b05b71b4104f2b93cef812b90c040e0e 2a6a628f901bdd1db45fe81d2effae6a
ssdeep: 48:C1CfEwyx0UJlNm5FZpbJ35AZ6tHqDPsmXmzfXYukplRBVXQ IrrpyLSB0xjhnC las:C1C8wbH9eZ6o2zTkLVXQIHo2BAhy oI 
PEiD..: -
TrID..: File type identification Adobe Portable Document Format (100.0%)
PEInfo: -
PDFiD.: PDF Header: %PDF-1.4 obj 15 endobj 15 stream 2 endstream 2 xref 1 trailer 1 startxref 1 /Page 1 /Encrypt 0 /ObjStm 0 /JS 1 /JavaScript 2 /AA 0 /OpenAction 0 /JBIG2Decode 0 
RDS...: NSRL Reference Data Set -

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**senyak** · 11.05.2009, 15:29

Файл tj.htm получен 2009.05.11 11:14:13 (CET)
Текущий статус: закончено
Результат: 4/40 (10%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 -
AhnLab-V3 5.0.0.2 2009.05.11 -
AntiVir 7.9.0.166 2009.05.11 HTML/Infected.WebPage.Gen
Antiy-AVL 2.0.3.1 2009.05.11 -
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 -
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.11 Exploit.Iframe-1
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 -
Fortinet 3.117.0.0 2009.05.11 -
GData 19 2009.05.11 -
Ikarus T3.1.1.49.0 2009.05.11 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.11 Heuristic.Script.Infected.WebPage
Microsoft 1.4602 2009.05.11 -
NOD32 4064 2009.05.11 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.02.00 2009.05.11 -
Sophos 4.41.0 2009.05.11 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.11 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 Mal_Hifrm
VBA32 3.12.10.4 2009.05.11 -
ViRobot 2009.5.11.1728 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 245 bytes
MD5...: b9fdde6b1e1ba6eb225a0e65d7b40215
SHA1..: 92c8a1835abc0c37c1b7d9f832836529e1f5345b
SHA256: 644fa5e148b0a9f51a6f42fdadbe6025dc3738c6579d872fd1 80f0948e090779
SHA512: fb36042c084f104f201279f1184699cdf76970e0c7bc4d401b a1a6087aa7c833
d1abb3734afe797d513d5a45268eb58a99cdad27a62ac4e80c 7e5e14e375ed16
ssdeep: 6:SW/CIQlQoRJM179Ur6pMI74+AUKIqnzRw74AsVAqnzRy:SWgQZJpM IXS1nzacD
nzA
PEiD..: -
TrID..: File type identification
file seems to be plain text/ASCII (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл klr-id.txt получен 2009.05.11 11:16:42 (CET)
Текущий статус: закончено
Результат: 14/40 (35%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 Trojan.PHPInfo.A!IK
AhnLab-V3 5.0.0.2 2009.05.11 PHP/HackTool
AntiVir 7.9.0.166 2009.05.11 SPR/PHP.ID
Antiy-AVL 2.0.3.1 2009.05.11 -
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 PHP:PHPInfo-A
AVG 8.5.0.327 2009.05.11 PHP/BackDoor.H
BitDefender 7.2 2009.05.11 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.11 PHP.Id-14
Comodo 1157 2009.05.08 Unclassified Malware
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 Trojan.PHP.PHPInfo.g
Fortinet 3.117.0.0 2009.05.11 PHP/Zapchast.YR!tr
GData 19 2009.05.11 PHP:PHPInfo-A
Ikarus T3.1.1.49.0 2009.05.11 Trojan.PHPInfo.A
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 Trojan.PHP.PHPInfo.g
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.11 Riskware.PHP.ID
Microsoft 1.4602 2009.05.11 -
NOD32 4064 2009.05.11 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.02.00 2009.05.11 -
Sophos 4.41.0 2009.05.11 Mal/PHPInfo-A
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.11 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 3.12.10.4 2009.05.11 -
ViRobot 2009.5.11.1728 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 1356 bytes
MD5...: 3a07e6a32c3ec7f811959c3c6207fb57
SHA1..: 6923355be4717ad01b3d2e181ae6076d05ab3d32
SHA256: cff9ddc62aff0eaa03d91c028995258f2df378329e67b06964 be0b8544421bdb
SHA512: 065449c094ed04208beeed61f60fa9708acafc7f2e24c63451 f0b6ceafc79cd4
8903043e8b92278becddadf5bf68342e83dc8a157757c4de86 da81996105ef33
ssdeep: 24:2sUftFfvsFh4/vZXOHvSpQvxVu6f2ik6Hev96itzmWN7A3BrSwu5d/dDMuOT:
2sgFnsFeZwSpQvxw6+56ixmc7A3BrLuM
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл 1.pdf получен 2009.05.11 11:18:47 (CET)
Текущий статус: закончено
Результат: 15/40 (37.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 -
AhnLab-V3 5.0.0.2 2009.05.11 -
AntiVir 7.9.0.166 2009.05.11 HTML/Shellcode.Gen
Antiy-AVL 2.0.3.1 2009.05.11 Exploit/Win32.Pidief
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 JS:Pdfka-FS
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 Exploit.PDF-JS.Gen
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 Exploit.Win32.Pidief.atj
Fortinet 3.117.0.0 2009.05.11 -
GData 19 2009.05.11 Exploit.PDF-JS.Gen
Ikarus T3.1.1.49.0 2009.05.11 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 Exploit.Win32.Pidief.atj
McAfee 5611 2009.05.10 Exploit-PDF.n.gen
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.11 Script.Shellcode.Gen
Microsoft 1.4602 2009.05.11 TrojanDownloader:Win32/Small.gen!X
NOD32 4064 2009.05.11 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 Trojan-Exploit/W32.Pidief.2913.AH
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.02.00 2009.05.11 -
Sophos 4.41.0 2009.05.11 Mal/JSShell-B
Sunbelt 3.2.1858.2 2009.05.09 Exploit.AdobeReader.gen (v)
Symantec 1.4.4.12 2009.05.11 Bloodhound.Exploit.196
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 None 2009.05.11 -
ViRobot 2009.5.11.1728 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 JS.BOFExploit.Gen

Дополнительная информация
File size: 2913 bytes
MD5...: 8ec93dd5f15b4f2db875e391c98becd0
SHA1..: 15dc9947202cbf2937d5f390a4d60b510dee31e1
SHA256: 6878de79605b08a39a2d6f2bec2c81a0817e878cf1b46d284a 859e1c49466889
SHA512: 6998a745047f3190b750769a99261adfc6408d385280aa061f 2dde0cc6f48ed5
e343f6ba54a6ed454c8ab927a06f9842a73755662c073eb67d 4e8b6a33872b86
ssdeep: 48:PxWHhydEWXe4F/Gd5A+1T6PFLVsY0kn0+HAPPJ1GFvuHupPJHIg9M9/6cnGub
Z:Z+QdEs25RcFLVsYLwJ1TOLHNe9/6c5bZ
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (100.0%)
PEInfo: -

Файл windoss.css получен 2009.05.11 11:19:04 (CET)
Текущий статус: закончено
Результат: 27/40 (67.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 Trojan.Win32.AntiAV!IK
AhnLab-V3 5.0.0.2 2009.05.11 Win-Trojan/Geral.37888
AntiVir 7.9.0.166 2009.05.11 TR/Killav.PN
Antiy-AVL 2.0.3.1 2009.05.11 -
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 Win32:Rootkit-gen
AVG 8.5.0.327 2009.05.11 Agent_r.NO
BitDefender 7.2 2009.05.11 Gen:Trojan.Heur.2015746F6F
CAT-QuickHeal 10.00 2009.05.09 Worm.AutoRun.afvk
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 Win32.TRKillav.Pn
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 Trojan-Downloader.Win32.Geral.kq
Fortinet 3.117.0.0 2009.05.11 W32/Mdrop.N!tr
GData 19 2009.05.11 Gen:Trojan.Heur.2015746F6F
Ikarus T3.1.1.49.0 2009.05.11 Trojan.Win32.AntiAV
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 Trojan-Downloader.Win32.Geral.kq
McAfee 5611 2009.05.10 Generic Dropper.fi
McAfee+Artemis 5611 2009.05.10 Artemis!AACAF09A426D
McAfee-GW-Edition 6.7.6 2009.05.11 Trojan.Killav.PN
Microsoft 1.4602 2009.05.11 Trojan:Win32/Dogrobot.I
NOD32 4064 2009.05.11 probably a variant of Win32/AntiAV.AZQ
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 Trojan-Downloader/W32.Geral.40456
Panda 10.0.0.14 2009.05.10 Trj/CI.A
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.02.00 2009.05.11 Trojan.DL.Win32.Mnless.dhl
Sophos 4.41.0 2009.05.11 Mal/Mdrop-N
Sunbelt 3.2.1858.2 2009.05.09 BehavesLike.Win32.Malware (v)
Symantec 1.4.4.12 2009.05.11 Trojan.KillAV
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 PAK_Generic.001
VBA32 3.12.10.4 2009.05.11 Trojan-Downloader.Win32.Geral.kq
ViRobot 2009.5.11.1728 2009.05.11 Trojan.Win32.Downloader.37888.BD
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 40456 bytes
MD5...: aacaf09a426ded3436f69575ef1c1c63
SHA1..: b4e9f63ecbdc369fcd198f162e87208ac35aa586
SHA256: 06fd36fe4e3479d3093225762c98f360989652f96b1d3ff551 55da2044ae4de8
SHA512: 87872b6ab4c4d7d0b6b9faee8234c9832347f09eb77ea749a1 0b2a4386e13b3a
bbd8e98cf57f181d9a46924b7422d9a172a6711e7c53499103 5aad6cd699198c
ssdeep: 768:s5IBDzRjGThvSP72rfN1UrPGuGo+A7GYLnQD/QkyYzUg9xtR+ys8p3gINHBs
0w0M:s2BDzSSPENWKnQ71QnPUg9TVlg0q
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information

Файл ci28.swf получен 2009.05.11 11:16:45 (CET)
Текущий статус: закончено
Результат: 13/40 (32.50%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 -
AhnLab-V3 5.0.0.2 2009.05.11 Win-Trojan/Exploit-SWF.Gen
AntiVir 7.9.0.166 2009.05.11 EXP/Flash.Gen
Antiy-AVL 2.0.3.1 2009.05.11 -
Authentium 5.1.2.4 2009.05.10 SWF/Downloader.F!Camelot
Avast 4.8.1335.0 2009.05.10 SWF:CVE-2007-0071
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 Exploit.SWF.Gen
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 -
Fortinet 3.117.0.0 2009.05.11 -
GData 19 2009.05.11 Exploit.SWF.Gen
Ikarus T3.1.1.49.0 2009.05.11 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 Exploit.SWF.Downloader.nj
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.11 Exploit.Flash.Gen
Microsoft 1.4602 2009.05.11 Exploit:Win32/APSB08-11.gen!A
NOD32 4064 2009.05.11 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 Exploit.SWF.Gen
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.02.00 2009.05.11 Hack.Exploit.Swf.a
Sophos 4.41.0 2009.05.11 Mal/SWFDlr-A
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.11 Bloodhound.Exploit.193
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 3.12.10.4 2009.05.11 -
ViRobot 2009.5.11.1728 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 1528 bytes
MD5...: 72a92a87da2bae3d8805a8915f8547d4
SHA1..: dc62f7f3002b9a7000a0f362f4b61717cd201c4b
SHA256: 5501e0a5ced50b5a9f36f6041e8896a7e8b2e241855cc079b5 7b4ae8a44212c4
SHA512: 069668a92912e2b8a585c64768c52de7432ac2d37ddbc23ddd 91745c3ed1f4f3
22715366d97ac280dbc9727eb3545f80a33d031761c8949ca1 5454a4ce7ab6d6
ssdeep: 24:hu1vLU3PL7JyRMxnPFUqc4QZt7N+UtWT/fgPHvTWgBBnJFhzOnfCSH/P/t9tm
Lah:l7I6Cqut7NxtWLfIL7lhzO6SnV9ELW
PEiD..: -
TrID..: File type identification
Macromedia Flash Player Compressed Movie (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): Swf2Swc

Файл install.exe получен 2009.05.11 11:26:35 (CET)
Текущий статус: закончено
Результат: 10/40 (25%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 -
AhnLab-V3 5.0.0.2 2009.05.11 -
AntiVir 7.9.0.166 2009.05.11 -
Antiy-AVL 2.0.3.1 2009.05.11 -
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 Win32:FakeAlert-BD
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 Gen:Trojan.Heur.C1827D2859
CAT-QuickHeal 10.00 2009.05.09 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 Suspicious File
eTrust-Vet 31.6.6497 2009.05.08 Win32/FakeAlert!generic
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 -
Fortinet 3.117.0.0 2009.05.11 -
GData 19 2009.05.11 Gen:Trojan.Heur.C1827D2859
Ikarus T3.1.1.49.0 2009.05.11 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.11 -
Microsoft 1.4602 2009.05.11 Trojan:Win32/Winwebsec
NOD32 4064 2009.05.11 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 Medium Risk Malware
Rising 21.29.02.00 2009.05.11 Dropper.Win32.Mnless.GEN [Suspicious]
Sophos 4.41.0 2009.05.11 -
Sunbelt 3.2.1858.2 2009.05.09 Packer.Lighty.Gen (v)
Symantec 1.4.4.12 2009.05.11 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 None 2009.05.11 -
ViRobot 2009.5.11.1728 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

ополнительная информация
File size: 469817 bytes
MD5...: 91ea20c532d87000481492d80a2787b7
SHA1..: df9af4173acdf82d25b34625d1f2a7f494c2fc5b
SHA256: 93ae7b72564181511965ccc2b58ad9c918d4a8e34aeacb004b 1d23b23b5e2dda
SHA512: 020e64ad58c98d5613665eb3bafa5b231f2dd483cb3a25b541 97641c01f41770
a638955d0fd5bd1c87c1e7fc281f167ca7d50d0e7d342f9506 236f1200338db1
ssdeep: 12288:PNdNrF8lC/8A4Dsdj+qAXBEitfpo3ODf7Jdouj5Xv:/NrL/h4DszAR5Yef
7fHj5v
PEiD..: -
TrID..: File type identification
Windows Screen Saver (39.4%)
Win32 Executable Generic (25.6%)
Win32 Dynamic Link Library (generic) (22.8%)
Generic Win/DOS Executable (6.0%)
DOS Executable Generic (6.0%)
PEInfo: PE Structure information

Файл setupxv.exe получен 2009.05.11 11:27:22 (CET)
Текущий статус: закончено
Результат: 14/40 (35%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 -
AhnLab-V3 5.0.0.2 2009.05.11 -
AntiVir 7.9.0.166 2009.05.11 DR/FraudTool.AntiSpywareBot.CB
Antiy-AVL 2.0.3.1 2009.05.11 -
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 -
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 Spyware.1636
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 Unclassified Malware
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 Suspicious File
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 -
Fortinet 3.117.0.0 2009.05.11 Misc/PUP
GData 19 2009.05.11 Spyware.1636
Ikarus T3.1.1.49.0 2009.05.11 -
K7AntiVirus 7.10.729 2009.05.08 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.05.11 -
McAfee 5611 2009.05.10 potentially unwanted program ErrorKiller
McAfee+Artemis 5611 2009.05.10 potentially unwanted program ErrorKiller
McAfee-GW-Edition 6.7.6 2009.05.11 Trojan.Dropper.FraudTool.AntiSpywareBot.CB
Microsoft 1.4602 2009.05.11 -
NOD32 4064 2009.05.11 Win32/FraudTool.AntiSpywareBot.BZ
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 -
Panda 10.0.0.14 2009.05.10 Application/AntiSpyware
PCTools 4.4.2.0 2009.05.07 RogueAntiSpyware.Antispyware!ct
Prevx 3.0 2009.05.11 -
Rising 21.29.02.00 2009.05.11 -
Sophos 4.41.0 2009.05.11 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.11 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 3.12.10.4 2009.05.11 Signed-FraudTool.Win32.AntiSpyware.c
ViRobot 2009.5.11.1728 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 1593248 bytes
MD5...: 3cf301b5305e136a35a5ebd00da5ac34
SHA1..: 563ac6a3b686214f694923c3a1d575c55fb19357
SHA256: 9028e78d09567870788282a8ba7b58f85cc6b0151ef42194cf 4880af9a297d84
SHA512: 9499b254ec68a7189f428c480ccbeb04fd625bdc42557f7c47 15e828bad65d3a
e0fb903b2e2d44a45109a4bd12c8bd3a84905307fc45da8934 a7c3215aeca5ca
ssdeep: 24576:a74CEUtxKyMKVr1Xep8rAguYtPgEzadNPE4zk6bvsy//s4/UzeMq9pWRaD
XBr3T2:a7n1CuO2r7uEO3E+f/s4/AWdBWqo
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%)
PEInfo: PE Structure information

Добавлено через 1 час 57 минут

Файл ss.exe получен 2009.05.11 13:06:10 (CET)
Текущий статус: закончено
Результат: 14/40 (35%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 Backdoor.Win32.Inject!IK
AhnLab-V3 5.0.0.2 2009.05.11 -
AntiVir 7.9.0.166 2009.05.11 TR/Dropper.Gen
Antiy-AVL 2.0.3.1 2009.05.11 Trojan/Win32.Magania
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 -
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 -
CAT-QuickHeal 10.00 2009.05.09 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 -
eSafe 7.0.17.0 2009.05.10 Suspicious File
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 Trojan-GameThief.Win32.Magania.bavl
Fortinet 3.117.0.0 2009.05.11 -
GData 19 2009.05.11 -
Ikarus T3.1.1.49.0 2009.05.11 Backdoor.Win32.Inject
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 Trojan-GameThief.Win32.Magania.bavl
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 Artemis!544A56B30C34
McAfee-GW-Edition 6.7.6 2009.05.11 Trojan.Dropper.Gen
Microsoft 1.4602 2009.05.11 -
NOD32 4064 2009.05.11 probably a variant of Win32/Dialer.NHB
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 -
Panda 10.0.0.14 2009.05.10 Suspicious file
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.03.00 2009.05.11 -
Sophos 4.41.0 2009.05.11 Mal/EncPk-CK
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.11 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 3.12.10.4 2009.05.11 BScope.Trojan-PSW.Looby
ViRobot 2009.5.11.1729 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 190283 bytes
MD5...: 544a56b30c34bab1d72c71e82405233f
SHA1..: 8f5385b24f53786c84509fde8952b266d27f6149
SHA256: bc6159defa4116e20ebec047df62c3cc1b43102377e17ac317 99bb20237849d3
SHA512: 0da38bd9902bbd435337ad81539e1312b4d75e2146349faf50 1511da6e4966a6
4b5b57cf7e58e6a821edf9c4a5e5e711ecd36ae2fcb97734d7 c38464b8f73b82
ssdeep: 3072:mNgmY3/c+HfJgmgZXCSon9xaT9xCBw0I6rsi9HtrG5JfQyMuLs8KIKmnl YA
jAx6P:Y2/VfYSS3psw0I67tKnlMuLs8e0j5Hmg
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (80.9%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
DOS Executable Generic (1.8%)
PEInfo: PE Structure information

Файл name.jar получен 2009.05.11 13:25:02 (CET)
Текущий статус: закончено
Результат: 8/40 (20%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.11 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.05.11 -
AntiVir 7.9.0.166 2009.05.11 JAVA/SMS.Boxer.C
Antiy-AVL 2.0.3.1 2009.05.11 Trojan/J2ME.Boxer
Authentium 5.1.2.4 2009.05.10 -
Avast 4.8.1335.0 2009.05.10 -
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.11 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.11 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.11 Java.SMSSend.24
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.10 -
F-Secure 8.0.14470.0 2009.05.11 Trojan-SMS.J2ME.Boxer.c
Fortinet 3.117.0.0 2009.05.11 -
GData 19 2009.05.11 -
Ikarus T3.1.1.49.0 2009.05.11 Trojan-SMS
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.11 Trojan-SMS.J2ME.Boxer.j
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.11 Java.SMS.Boxer.C
Microsoft 1.4602 2009.05.11 -
NOD32 4064 2009.05.11 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.11 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.11 -
Rising 21.29.03.00 2009.05.11 -
Sophos 4.41.0 2009.05.11 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.11 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.11 -
VBA32 3.12.10.4 2009.05.11 -
ViRobot 2009.5.11.1729 2009.05.11 -
VirusBuster 4.6.5.0 2009.05.10 -

Дополнительная информация
File size: 210640 bytes
MD5...: cbc8ca6c9d097f41a2970412f46fd805
SHA1..: 0022d1c71d9f7fee4291985d366c23eb729cc369
SHA256: 342ae7f129614c6324ed98fc66e94ad6756a99c5fc98194eaa d3af88afff99ac
SHA512: 0d132e20994fc71afcae3b18ca5e31200a640fbf037c06fa09 a9dd8772e0739d
41e5afee5123abba3997f3923083d20b1fade9775c42dc7f83 9316be86a8e06f
ssdeep: 3072:gCh9ERJudsMFlYUhTKOmeAkCeHeHXxdB/vTXNyw1z4xwMpjyUgXiEgo5hj2
uPdrd:gCsnutOOm5l/wOzwgB5B2ulop1ouPS
PEiD..: -
TrID..: File type identification
Java Archive (78.2%)
ZIP compressed archive (21.5%)
Sybase iAnywhere database files (0.1%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

**Black_N** · 13.05.2009, 00:43

Файл foto12.rar получен 2009.05.12 22:38:53 (CET)
Текущий статус: закончено
Результат: 19/40 (47.5%)
Форматированные

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.12 -
AhnLab-V3 5.0.0.2 2009.05.12 -
AntiVir 7.9.0.166 2009.05.12 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.1 2009.05.12 Trojan/Win32.Buzus
Authentium 5.1.2.4 2009.05.12 -
Avast 4.8.1335.0 2009.05.12 Win32:Trojan-gen {Other}
AVG 8.5.0.327 2009.05.12 -
BitDefender 7.2 2009.05.12 -
CAT-QuickHeal 10.00 2009.05.12 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.05.12 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.12 -
eSafe 7.0.17.0 2009.05.12 Win32.TRCrypt.XPACK
eTrust-Vet 31.6.6501 2009.05.12 -
F-Prot 4.4.4.56 2009.05.12 -
F-Secure 8.0.14470.0 2009.05.12 Trojan.Win32.Buzus.aygd
Fortinet 3.117.0.0 2009.05.12 W32/Buzus.AYGD!tr
GData 19 2009.05.12 Win32:Trojan-gen {Other}
Ikarus T3.1.1.49.0 2009.05.12 -
K7AntiVirus 7.10.732 2009.05.11 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.05.12 Trojan.Win32.Buzus.aygd
McAfee 5613 2009.05.12 New Malware.jj
McAfee+Artemis 5613 2009.05.12 Artemis!947FE009E4CD
McAfee-GW-Edition 6.7.6 2009.05.12 Trojan.Crypt.XPACK.Gen
Microsoft 1.4602 2009.05.12 VirTool:Win32/Injector.gen!F
NOD32 4068 2009.05.12 -
Norman 6.01.05 2009.05.12 -
nProtect 2009.1.8.0 2009.05.12 -
Panda 10.0.0.14 2009.05.12 Trj/CI.A
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.12 Medium Risk Malware
Rising 21.29.14.00 2009.05.12 -
Sophos 4.41.0 2009.05.12 Mal/ProcInj-Fam
Sunbelt 3.2.1858.2 2009.05.12 -
Symantec 1.4.4.12 2009.05.12 Suspicious.MH690.A
TheHacker 6.3.4.1.325 2009.05.12 -
TrendMicro 8.950.0.1092 2009.05.12 -
VBA32 3.12.10.4 2009.05.12 Trojan.Win32.Buzus.axtr
ViRobot 2009.5.12.1731 2009.05.12 -
VirusBuster 4.6.5.0 2009.05.12 -

Дополнительная информация
File size: 32222 bytes
MD5...: eca4fa57358116b1c1d142c7bf96ea1a
SHA1..: 01f2e5cb2a46eeaa72a1d3d3aeb34ab1dcd1d12c
SHA256: 405798eebfacd89950ea9f9d3d5fb02c89f22376126550fd33 694dc0fc617433
SHA512: 9b419979879cd719d26830f2d94fdbc0744170780e7bb86b0c 266d1643f9c4fc
dcb76a7bdfa1481e94deb85e867ee3f3ec5903c9c580015af8 cf75aea11ffff8
ssdeep: 768:/qHX1Ldi3P+V6t7l3PvhLWnHElXCuuB2inyrcOZA9eAj:iHlLeP Pt7BPJLWn
ruhiG29eAj
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=439FD42900B406FCB64A00D64 7A405008E4D6CAD' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=439FD42900B406FCB64A00D64 7A405008E4D6CAD</a>

**Surfer** · 13.05.2009, 11:13

Файл cino.exe получен 2009.05.13 07:27:17 (CET)
Результат: 4/39 (10.26%)

a-squared 4.0.0.101 2009.05.13 BehavesLike!IK
AhnLab-V3 5.0.0.2 2009.05.13 -
AntiVir 7.9.0.166 2009.05.12 -
Antiy-AVL 2.0.3.1 2009.05.12 -
Authentium 5.1.2.4 2009.05.13 -
Avast 4.8.1335.0 2009.05.12 -
AVG 8.5.0.327 2009.05.12 -
BitDefender 7.2 2009.05.13 BehavesLike:Win32.Backdoor
CAT-QuickHeal 10.00 2009.05.13 -
ClamAV 0.94.1 2009.05.13 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.13 -
eSafe 7.0.17.0 2009.05.12 -
eTrust-Vet 31.6.6502 2009.05.12 -
F-Prot 4.4.4.56 2009.05.13 -
F-Secure 8.0.14470.0 2009.05.13 -
Fortinet 3.117.0.0 2009.05.13 -
GData 19 2009.05.13 -
Ikarus T3.1.1.49.0 2009.05.13 BehavesLike
K7AntiVirus 7.10.732 2009.05.11 -
Kaspersky 7.0.0.125 2009.05.13 Backdoor.Win32.Delf.oxu
McAfee 5613 2009.05.12 -
McAfee+Artemis 5613 2009.05.12 -
McAfee-GW-Edition 6.7.6 2009.05.12 -
Microsoft 1.4602 2009.05.12 -
NOD32 4069 2009.05.13 -
Norman 6.01.05 2009.05.12 -
nProtect 2009.1.8.0 2009.05.13 -
Panda 10.0.0.14 2009.05.12 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.13 -
Rising 21.29.20.00 2009.05.13 -
Sophos 4.41.0 2009.05.13 -
Sunbelt 3.2.1858.2 2009.05.12 -
Symantec 1.4.4.12 2009.05.13 -
TheHacker 6.3.4.1.325 2009.05.12 -
TrendMicro 8.950.0.1092 2009.05.13 -
VBA32 3.12.10.5 2009.05.13 -
ViRobot 2009.5.12.1731 2009.05.12 -

[hr]
Файл KJBy.exe получен 2009.05.13 07:27:15 (CET)
Результат: 6/40 (15.00%)

a-squared 4.0.0.101 2009.05.13 -
AhnLab-V3 5.0.0.2 2009.05.13 -
AntiVir 7.9.0.166 2009.05.12 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.1 2009.05.12 -
Authentium 5.1.2.4 2009.05.13 -
Avast 4.8.1335.0 2009.05.12 -
AVG 8.5.0.327 2009.05.12 -
BitDefender 7.2 2009.05.13 -
CAT-QuickHeal 10.00 2009.05.13 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.05.13 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.13 -
eSafe 7.0.17.0 2009.05.12 -
eTrust-Vet 31.6.6502 2009.05.12 -
F-Prot 4.4.4.56 2009.05.13 -
F-Secure 8.0.14470.0 2009.05.13 -
Fortinet 3.117.0.0 2009.05.13 -
GData 19 2009.05.13 -
Ikarus T3.1.1.49.0 2009.05.13 -
K7AntiVirus 7.10.732 2009.05.11 -
Kaspersky 7.0.0.125 2009.05.13 -
McAfee 5613 2009.05.12 -
McAfee+Artemis 5613 2009.05.12 -
McAfee-GW-Edition 6.7.6 2009.05.12 Trojan.Crypt.XPACK.Gen
Microsoft 1.4602 2009.05.12 VirTool:Win32/Obfuscator.FH
NOD32 4069 2009.05.13 -
Norman 6.01.05 2009.05.12 -
nProtect 2009.1.8.0 2009.05.13 -
Panda 10.0.0.14 2009.05.12 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.13 High Risk Cloaked Malware
Rising 21.29.20.00 2009.05.13 -
Sophos 4.41.0 2009.05.13 -
Sunbelt 3.2.1858.2 2009.05.12 -
Symantec 1.4.4.12 2009.05.13 -
TheHacker 6.3.4.1.325 2009.05.12 -
TrendMicro 8.950.0.1092 2009.05.13 -
VBA32 3.12.10.5 2009.05.13 suspected of Malware-Cryptor.Win32.General.3
ViRobot 2009.5.12.1731 2009.05.12 -
VirusBuster 4.6.5.0 2009.05.12 -

**senyak** · 20.05.2009, 16:32

Файл Jimm2009.jar получен 2009.05.20 14

05 (CET)
Текущий статус: закончено
Результат: 10/40 (25%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.20 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.05.20 -
AntiVir 7.9.0.168 2009.05.20 -
Antiy-AVL 2.0.3.1 2009.05.20 Trojan/J2ME.Swapi
Authentium 5.1.2.4 2009.05.19 -
Avast 4.8.1335.0 2009.05.19 Other:Malware-gen
AVG 8.5.0.336 2009.05.20 Java/Swapi
BitDefender 7.2 2009.05.20 -
CAT-QuickHeal 10.00 2009.05.20 -
ClamAV 0.94.1 2009.05.20 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.20 Java.SmsFlood
eSafe 7.0.17.0 2009.05.19 -
eTrust-Vet 31.6.6513 2009.05.20 -
F-Prot 4.4.4.56 2009.05.19 -
F-Secure 8.0.14470.0 2009.05.20 Trojan-SMS.J2ME.Swapi.n
Fortinet 3.117.0.0 2009.05.20 Java/Swapi.N!tr
GData 19 2009.05.20 Other:Malware-gen
Ikarus T3.1.1.49.0 2009.05.20 Trojan-SMS
K7AntiVirus 7.10.739 2009.05.19 -
Kaspersky 7.0.0.125 2009.05.20 Trojan-SMS.J2ME.Swapi.n
McAfee 5620 2009.05.19 -
McAfee+Artemis 5620 2009.05.19 -
McAfee-GW-Edition 6.7.6 2009.05.20 -
Microsoft 1.4602 2009.05.20 -
NOD32 4090 2009.05.20 -
Norman 6.01.05 2009.05.19 -
nProtect 2009.1.8.0 2009.05.20 -
Panda 10.0.0.14 2009.05.19 -
PCTools 4.4.2.0 2009.05.20 -
Prevx 3.0 2009.05.20 -
Rising 21.30.20.00 2009.05.20 -
Sophos 4.41.0 2009.05.20 -
Sunbelt 3.2.1858.2 2009.05.19 -
Symantec 1.4.4.12 2009.05.20 -
TheHacker 6.3.4.1.328 2009.05.20 -
TrendMicro 8.950.0.1092 2009.05.20 -
VBA32 3.12.10.5 2009.05.20 -
ViRobot 2009.5.20.1743 2009.05.20 -
VirusBuster 4.6.5.0 2009.05.19 -

Дополнительная информация
File size: 135727 bytes
MD5...: 847b555a716a79e9d13ffbee11886fda
SHA1..: 68093505115ee5e546f94ccf533753058d9ba106
SHA256: a1b8af6c3580886ae0aaedfcc417aaa99a95736f9e613519bb b9f0bdd90fef98
SHA512: 4668e4dde6a2ad57ba9cf177a7094175fc5641de5f356a81c3 261acfec4b0fd0
65e5190f385b5327c3b8331c3253e249d7df816eeb15180aa6 dbde74caf8b362
ssdeep: 3072:EYzNg2B5XHj04ANArHJ+ga5h90VX0KgblXQcjkVtr4wk7 fjrA:RzNRB5lAi
rp+garRKOdljkVd4wkDPA
PEiD..: -
TrID..: File type identification
Java Archive (78.2%)
ZIP compressed archive (21.5%)
Sybase iAnywhere database files (0.1%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл Anon_SMS.jar получен 2009.05.20 14

12 (CET)
Текущий статус: закончено
Результат: 14/40 (35%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.20 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.05.20 -
AntiVir 7.9.0.168 2009.05.20 JAVA/SMS.Konov.e
Antiy-AVL 2.0.3.1 2009.05.20 Trojan/J2ME.Konov
Authentium 5.1.2.4 2009.05.19 -
Avast 4.8.1335.0 2009.05.19 Other:Malware-gen
AVG 8.5.0.336 2009.05.20 Java/SMS.A
BitDefender 7.2 2009.05.20 -
CAT-QuickHeal 10.00 2009.05.20 -
ClamAV 0.94.1 2009.05.20 Trojan.J2ME
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.20 Java.SMSSend.18
eSafe 7.0.17.0 2009.05.19 -
eTrust-Vet 31.6.6513 2009.05.20 -
F-Prot 4.4.4.56 2009.05.19 -
F-Secure 8.0.14470.0 2009.05.20 Trojan-SMS.J2ME.Konov.e
Fortinet 3.117.0.0 2009.05.20 -
GData 19 2009.05.20 Other:Malware-gen
Ikarus T3.1.1.49.0 2009.05.20 Trojan-SMS
K7AntiVirus 7.10.739 2009.05.19 -
Kaspersky 7.0.0.125 2009.05.20 Trojan-SMS.J2ME.Konov.e
McAfee 5620 2009.05.19 -
McAfee+Artemis 5620 2009.05.19 -
McAfee-GW-Edition 6.7.6 2009.05.20 Java.SMS.Konov.e
Microsoft 1.4602 2009.05.20 -
NOD32 4090 2009.05.20 J2ME/TrojanSMS.Konov.E
Norman 6.01.05 2009.05.19 -
nProtect 2009.1.8.0 2009.05.20 -
Panda 10.0.0.14 2009.05.19 -
PCTools 4.4.2.0 2009.05.20 -
Prevx 3.0 2009.05.20 -
Rising 21.30.20.00 2009.05.20 -
Sophos 4.41.0 2009.05.20 -
Sunbelt 3.2.1858.2 2009.05.19 -
Symantec 1.4.4.12 2009.05.20 Trojan Horse
TheHacker 6.3.4.1.328 2009.05.20 -
TrendMicro 8.950.0.1092 2009.05.20 -
VBA32 3.12.10.5 2009.05.20 -
ViRobot 2009.5.20.1743 2009.05.20 -
VirusBuster 4.6.5.0 2009.05.19 -

Дополнительная информация
File size: 2370 bytes
MD5...: 7b72a43b3c46b0070b9e3c2e210c02e6
SHA1..: 727cb63b4586e31430ba79081bb1d8ad389f61eb
SHA256: b0c224c1dbbf29ddbc3be13a40acad567105e4652f9885ab8a d596c9ba851e17
SHA512: 98b4d5e244e333c02f76b37bb3063887fc87eb880c39b56c58 e34eb219c30659
1454833155e4e249919e27dc1d85563e40936cf5cdc404bf93 0593c1680d6b4c
ssdeep: 48:51FTQo0tOURs9y3VeiTEzrTnHOCmmJwLnDf0eZGz

FTiOURs9qVeiT6THmX3
9ZGz
PEiD..: -
TrID..: File type identification
Java Archive (78.2%)
ZIP compressed archive (21.5%)
Sybase iAnywhere database files (0.1%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

**Black_N** · 21.05.2009, 16:54

Файл Tinstall.rar получен 2009.05.21 14:50:31 (CET)
Текущий статус: закончено
Результат: 3/40 (7.5%)

Печать результатов Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.21 -
AhnLab-V3 5.0.0.2 2009.05.21 -
AntiVir 7.9.0.168 2009.05.21 -
Antiy-AVL 2.0.3.1 2009.05.21 -
Authentium 5.1.2.4 2009.05.20 -
Avast 4.8.1335.0 2009.05.20 -
AVG 8.5.0.339 2009.05.21 -
BitDefender 7.2 2009.05.21 -
CAT-QuickHeal 10.00 2009.05.21 -
ClamAV 0.94.1 2009.05.21 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.21 -
eSafe 7.0.17.0 2009.05.19 Suspicious File
eTrust-Vet 31.6.6516 2009.05.21 -
F-Prot 4.4.4.56 2009.05.20 -
F-Secure 8.0.14470.0 2009.05.21 -
Fortinet 3.117.0.0 2009.05.21 -
GData 19 2009.05.21 -
Ikarus T3.1.1.49.0 2009.05.21 -
K7AntiVirus 7.10.739 2009.05.19 -
Kaspersky 7.0.0.125 2009.05.21 -
McAfee 5621 2009.05.20 -
McAfee+Artemis 5621 2009.05.20 -
McAfee-GW-Edition 6.7.6 2009.05.21 -
Microsoft 1.4701 2009.05.21 -
NOD32 4093 2009.05.21 -
Norman 6.01.05 2009.05.20 -
nProtect 2009.1.8.0 2009.05.21 -
Panda 10.0.0.14 2009.05.21 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.21 Medium Risk Malware
Rising 21.30.32.00 2009.05.21 -
Sophos 4.42.0 2009.05.21 -
Sunbelt 3.2.1858.2 2009.05.20 -
Symantec 1.4.4.12 2009.05.21 Suspicious.MH690.A
TheHacker 6.3.4.1.328 2009.05.20 -
TrendMicro 8.950.0.1092 2009.05.21 -
VBA32 3.12.10.5 2009.05.21 -
ViRobot 2009.5.21.1745 2009.05.21 -
VirusBuster 4.6.5.0 2009.05.20 -

Дополнительная информация
File size: 13774 bytes
MD5...: 64551334cbef11183bb98a7c00ebda27
SHA1..: f2da6532b2657e8e1563d1e9157f1bdada9ff335
SHA256: 77bfb014a11656ffd832122a19d5d15593f0e57d37fbc12db8 0f48ee874457ee
SHA512: 9040f381731cb41a68890dd80790dc3fe2193f478096f95c18 fb1af9799e6a8d
48773eaca21f924d7e2b7e39a90e7a34a45f1e9cc6c659f0e3 bd898df233ded9
ssdeep: 384:Gb7aS4IgtruycAU+YPb/s2MnSCnXDG4/AwgLiyG+2v:eeSsVrcAU+YP2nvTZ
gLC
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=9A9737B700EADB61443C00DB9 87BBD00AE99F0F7' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=9A9737B700EADB61443C00DB9 87BBD00AE99F0F7</a>
packers (Kaspersky): ASPack
packers (F-Prot): Aspack

**senyak** · 23.05.2009, 19:53

Файл clips01505.zip получен 2009.05.23 15:43:56 (UTC)
Текущий статус: закончено
Результат: 8/40 (20%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.23 Trojan-Dropper.Win32.Wlord!IK
AhnLab-V3 5.0.0.2 2009.05.23 -
AntiVir 7.9.0.168 2009.05.23 DR/Delphi.Gen
Antiy-AVL 2.0.3.1 2009.05.22 -
Authentium 5.1.2.4 2009.05.22 -
Avast 4.8.1335.0 2009.05.23 -
AVG 8.5.0.339 2009.05.23 -
BitDefender 7.2 2009.05.23 Gen:Trojan.Heur.41C13E0B4A
CAT-QuickHeal 10.00 2009.05.23 -
ClamAV 0.94.1 2009.05.22 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.23 -
eSafe 7.0.17.0 2009.05.21 -
eTrust-Vet 31.6.6519 2009.05.23 -
F-Prot 4.4.4.56 2009.05.22 -
F-Secure 8.0.14470.0 2009.05.23 -
Fortinet 3.117.0.0 2009.05.23 -
GData 19 2009.05.23 Gen:Trojan.Heur.41C13E0B4A
Ikarus T3.1.1.49.0 2009.05.23 Trojan-Dropper.Win32.Wlord
K7AntiVirus 7.10.741 2009.05.21 -
Kaspersky 7.0.0.125 2009.05.23 -
McAfee 5624 2009.05.23 -
McAfee+Artemis 5624 2009.05.23 Artemis!73272D10220F
McAfee-GW-Edition 6.7.6 2009.05.23 Trojan.Dropper.Delphi.Gen
Microsoft 1.4701 2009.05.23 -
NOD32 4098 2009.05.22 -
Norman 6.01.05 2009.05.22 -
nProtect 2009.1.8.0 2009.05.23 -
Panda 10.0.0.14 2009.05.23 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.23 High Risk Cloaked Malware
Rising 21.30.52.00 2009.05.23 -
Sophos 4.42.0 2009.05.23 -
Sunbelt 3.2.1858.2 2009.05.23 -
Symantec 1.4.4.12 2009.05.23 -
TheHacker 6.3.4.3.331 2009.05.22 -
TrendMicro 8.950.0.1092 2009.05.23 -
VBA32 3.12.10.5 2009.05.23 -
ViRobot 2009.5.23.1749 2009.05.23 -
VirusBuster 4.6.5.0 2009.05.23 -

Дополнительная информация
File size: 196280 bytes
MD5...: e094072a35288f8757aef805ae97a322
SHA1..: 6fe9a394211a44f604a34b0025796cf7e0ebd716
SHA256: f45ed9dd261d720aeada27bd2befec9e3c489106d5de20a384 f846332d20f775
SHA512: 319527d80c8b34a65b3757524d131fafcb40fc7c1bf419e957 5204e49c41acd6
bf344e98116976978ae3724ae0345d5db0c9a5fed74d88f8a3 27b3c204daa05c
ssdeep: 3072:EX7Tu5mqLPx+VC49WdvJOjiBTnh6DciK/2A4AYVwhYq8xV39Iucx51SRYm9
u:MTuxLPx+MuqJOjiBbEDBK+A48hp8xbE3
PEiD..: -
TrID..: File type identification
ZIP compressed archive (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

**senyak** · 25.05.2009, 15:41

Файл nazvanie.jar получен 2009.05.25 09:36:12 (UTC)
Текущий статус: закончено
Результат: 11/39 (28.21%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.25 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.05.25 -
AntiVir 7.9.0.168 2009.05.25 JAVA/Boxer.1
Antiy-AVL 2.0.3.1 2009.05.25 Trojan/J2ME.Boxer
Authentium 5.1.2.4 2009.05.24 -
Avast 4.8.1335.0 2009.05.24 Other:Malware-gen
AVG 8.5.0.339 2009.05.24 -
BitDefender 7.2 2009.05.25 -
CAT-QuickHeal 10.00 2009.05.23 -
ClamAV 0.94.1 2009.05.25 -
Comodo 1198 2009.05.25 Unclassified Malware
DrWeb 5.0.0.12182 2009.05.25 -
eSafe 7.0.17.0 2009.05.24 -
eTrust-Vet 31.6.6519 2009.05.23 -
F-Prot 4.4.4.56 2009.05.24 -
F-Secure 8.0.14470.0 2009.05.25 Trojan-SMS.J2ME.Boxer.i
Fortinet 3.117.0.0 2009.05.25 -
GData 19 2009.05.25 Other:Malware-gen
Ikarus T3.1.1.49.0 2009.05.25 Trojan-SMS
K7AntiVirus 7.10.741 2009.05.21 -
Kaspersky 7.0.0.125 2009.05.25 Trojan-SMS.J2ME.Boxer.i
McAfee 5625 2009.05.24 -
McAfee+Artemis 5625 2009.05.24 -
McAfee-GW-Edition 6.7.6 2009.05.25 Java.Boxer.1
Microsoft 1.4701 2009.05.25 -
NOD32 4100 2009.05.25 -
Norman 6.01.05 2009.05.22 -
nProtect 2009.1.8.0 2009.05.25 -
Panda 10.0.0.14 2009.05.24 -
Prevx 3.0 2009.05.25 -
Rising 21.31.02.00 2009.05.25 -
Sophos 4.42.0 2009.05.25 -
Sunbelt 3.2.1858.2 2009.05.24 -
Symantec 1.4.4.12 2009.05.25 -
TheHacker 6.3.4.3.331 2009.05.25 -
TrendMicro 8.950.0.1092 2009.05.25 TROJ_BOXER.B
VBA32 3.12.10.5 2009.05.25 -
ViRobot 2009.5.25.1750 2009.05.25 -
VirusBuster 4.6.5.0 2009.05.24 -

Дополнительная информация
File size: 17383 bytes
MD5...: dc617d7a363fb020e7eeb102a9362b9a
SHA1..: ce5f7557876c5dd89a556dc670340cb4aad54df6
SHA256: 2b8cc58e9228189f91e40fba7d25f80ada0887247b62ea22a2 3c1ef4a9c3fcd6
SHA512: 9f8ecbe803ccaf53ad504139de2a22c1773aae9f5979fb9988 b9784e98a10803
b735342cfc6ec994e457f2113256abd9fb8efd86e03406a679 0ec5956b2a6b21
ssdeep: 384:kj0werUSps4uz+Y9Xg5nwiYxRtOM9XzSkC/SZtPBJB5tFOk5b:kAA94uz+Yl
gFoOrktpX5POk5b
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Добавлено через 1 час 59 минут

Файл JimmBest.jar получен 2009.05.25 11:37:03 (UTC)
Текущий статус: закончено
Результат: 4/40 (10%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.25 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.05.25 -
AntiVir 7.9.0.168 2009.05.25 -
Antiy-AVL 2.0.3.1 2009.05.25 -
Authentium 5.1.2.4 2009.05.25 -
Avast 4.8.1335.0 2009.05.24 -
AVG 8.5.0.339 2009.05.25 -
BitDefender 7.2 2009.05.25 -
CAT-QuickHeal 10.00 2009.05.25 -
ClamAV 0.94.1 2009.05.25 -
Comodo 1199 2009.05.25 -
DrWeb 5.0.0.12182 2009.05.25 -
eSafe 7.0.17.0 2009.05.24 -
eTrust-Vet 31.6.6519 2009.05.23 -
F-Prot 4.4.4.56 2009.05.25 -
F-Secure 8.0.14470.0 2009.05.25 Trojan-SMS.J2ME.Konov.j
Fortinet 3.117.0.0 2009.05.25 -
GData 19 2009.05.25 -
Ikarus T3.1.1.49.0 2009.05.25 Trojan-SMS
K7AntiVirus 7.10.741 2009.05.21 -
Kaspersky 7.0.0.125 2009.05.25 Trojan-SMS.J2ME.Konov.j
McAfee 5625 2009.05.24 -
McAfee+Artemis 5625 2009.05.24 -
McAfee-GW-Edition 6.7.6 2009.05.25 -
Microsoft 1.4701 2009.05.25 -
NOD32 4100 2009.05.25 -
Norman 6.01.05 2009.05.22 -
nProtect 2009.1.8.0 2009.05.25 -
Panda 10.0.0.14 2009.05.24 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.25 -
Rising 21.31.03.00 2009.05.25 -
Sophos 4.42.0 2009.05.25 -
Sunbelt 3.2.1858.2 2009.05.24 -
Symantec 1.4.4.12 2009.05.25 -
TheHacker 6.3.4.3.331 2009.05.25 -
TrendMicro 8.950.0.1092 2009.05.25 -
VBA32 3.12.10.5 2009.05.25 -
ViRobot 2009.5.25.1751 2009.05.25 -
VirusBuster 4.6.5.0 2009.05.24 -

Дополнительная информация
File size: 4577 bytes
MD5...: 81cf852bd04aa272b359a013d369063b
SHA1..: ccc5533f188b892c28b9668f58e4bc60619ae660
SHA256: 7efff33d0745bd4e62339c40b75838aa6bb38b4cc245051761 078bbe23bd4306
ssdeep: 96:sFTiOURs9qVeiTofJd1xfOrEepznEWN7OdErQKL/2gde:sZ5UdeiTofFtsfGW
SgtC
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

**senyak** · 28.05.2009, 01:00

Понеслась :)

Файл 0.pdf получен 2009.05.27 19:54:20 (UTC)
Текущий статус: закончено
Результат: 13/40 (32.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Exploit.PDF-JS!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 HEUR/HTML.Malware
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 PDF/Obfusc.B!Camelot
Avast 4.8.1335.0 2009.05.27 JS:Packed-BC
AVG 8.5.0.339 2009.05.27 Exploit.PDF
BitDefender 7.2 2009.05.27 Exploit.PDF-JS.Gen
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 Exploit:JS/Pidief.ET
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 Exploit.PDF-JS.Gen
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 Exploit.JS.Pdfka.kj
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 Heuristic.HTML.Malware
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 Mal/PdfEx-C
Sunbelt 3.2.1858.2 2009.05.27 Exploit.PDF-JS.Gen (v)
Symantec 1.4.4.12 2009.05.27 Downloader
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 42693 bytes
MD5...: 7b49bb03b7bd72047edde2c06fe4e341
SHA1..: 9fa29089fb206b1362e5740b6399f076cb7cfb4e
SHA256: 400022caa022ab94ee215079411973157421444ccf05c117d3 d2593e320265c0
SHA512: 7d9c6d8152f205351ba5638928598a61361924efa37f3d3777 b1fc10b4238891
4c183d1dd641ab6782961e3c988ab10ae0a82e04805bce253c 154053f9119bfa
ssdeep: 768:6l43YiOEH1ZTAu3fxZLdzyN/egXVuhYmQRQ+2AWJ/gvQht:sDkG4yN/eIyYd
RO
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (50.0%)
MATLAB program (50.0%)
PEInfo: -

Файл 0.swf получен 2009.05.27 19:54:34 (UTC)
Текущий статус: закончено
Результат: 8/40 (20%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Exploit.SWF!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 -
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 SWF/Obfusc.A!Camelot
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 Exploit.SWF.Gen
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 Trojan-Downloader:W32/Swif.F
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 Exploit.SWF.Gen
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 Exploit.SWF.Agent.ar
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 -
Microsoft 1.4701 2009.05.27 TrojanDownloader:Win32/Swif.gen!A
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 Troj/SWFDlr-K
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 16621 bytes
MD5...: cfc5c0c52972344850dac981c56305a5
SHA1..: b109d84c82231823b9c7e76f790cd4a93894c204
SHA256: 67ec13a5cd1c66e369782ee160435953ddade9b65de972d254 f387b32f72f7a3
SHA512: 026f33d8a5b9bade43529261df84902acb4270ed750d26a54e 3965b9cc7003b1
935da1b9efa4dacc8e97b32b38a7eaeb202d26ed2a69fcb1a6 d7d4922857eb57
ssdeep: 384:4MUXmD/Cokm1coEe8OYildFcZNlzh6dWh7lQacxpRRgD/9MKQb5:4r0Cmyo3
8OYiljOlwdW/QN7w1Mn
PEiD..: -
TrID..: File type identification
Macromedia Flash Player Compressed Movie (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): Swf2Swc

Файл 23.exe получен 2009.05.27 20:01:18 (UTC)
Текущий статус: закончено
Результат: 17/40 (42.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Trojan.Win32.Alureon!IK
AhnLab-V3 5.0.0.2 2009.05.27 Dropper/Rootkit.98816
AntiVir 7.9.0.168 2009.05.27 TR/Drop.Alureon.qxh
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 Win32:Rootkit-gen
AVG 8.5.0.339 2009.05.27 Agent_r.NU
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 Win32/Alureon.ABO
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 Backdoor.Win32.Agent.agyf
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 Win32:Rootkit-gen
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 Backdoor.Win32.Agent.agyf
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 Artemis!8CF2CD55C2FE
McAfee-GW-Edition 6.7.6 2009.05.27 Trojan.Drop.Alureon.qxh
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 Win32/Rootkit.Agent.NIA
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 Suspicious file
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 Medium Risk Malware
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 Mal/Alureon-D
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 Hacktool.Rootkit
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 98816 bytes
MD5...: 8cf2cd55c2fe1b0d2550262b1fc0366f
SHA1..: 8671aa2c7dd2cf6ab6e0f5191a386565521310f9
SHA256: 2880181b8c04890b0d5fd23a95f8fac7cc72a933b55bab4335 8db88d03b0b929
ssdeep: 3072:IRJVhV7P5fjmAaHws/VfvCaINQ9DaGSXNiA2g7u:GJVhV7eHwcCaIe9D7St
v7u
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Файл 52hxw.exe получен 2009.05.27 20:04:04 (UTC)
Текущий статус: закончено
Результат: 15/40 (37.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 -
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 ADSPY/Baidu.2
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 Generic3.BKW
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 Adware.Baidu-2
Comodo 1207 2009.05.27 Unclassified Malware
DrWeb 5.0.0.12182 2009.05.27 DLOADER.Trojan
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 -
Fortinet 3.117.0.0 2009.05.27 Misc/PUP
GData 19 2009.05.27 -
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 Trojan.Win32.Malware.3
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 potentially unwanted program Generic PUP
McAfee+Artemis 5628 2009.05.27 potentially unwanted program Generic PUP
McAfee-GW-Edition 6.7.6 2009.05.27 Ad-Spyware.Baidu.2
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 Adware/BaiduBar
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 Medium Risk Malware
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 Baidu Bar
Sunbelt 3.2.1858.2 2009.05.27 Adware.Bdsearch
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 Adware.BaiduSobar.E

Дополнительная информация
File size: 2708296 bytes
MD5...: 86cab3dc8b9189339f43ab6a2b590d74
SHA1..: 91db4e00aa6068b7042e8bd8dae5ff748f6c642d
SHA256: 17f5ee18c777c489a1ebf1c9a94a7a9aeea21f891667bf3e6a cfacfce4c5a20b
ssdeep: 49152:A3GAVjO+oXyg7fBZ5NVG8OtqcxnrAZldIvmDdih5XUXj JLdpRszF74UDgD
jYczd0:IGZ/XpfBZ5TwFAZL1Jg5EzJLNszwhddO
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)

Файл aa1.exe получен 2009.05.27 20:05:26 (UTC)
Текущий статус: закончено
Результат: 27/39 (69.24%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Trojan-PWS.Win32.LdPinch!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 TR/Crypt.XDR.Gen
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 W32/OnlineGames.CA.gen!Eldorado
Avast 4.8.1335.0 2009.05.27 Win32:Agent-ACMH
AVG 8.5.0.339 2009.05.27 PSW.OnlineGames3.EXT
BitDefender 7.2 2009.05.27 Generic.Onlinegames.14.1C082D5E
CAT-QuickHeal 10.00 2009.05.27 Win32.Backdoor.PcClient.ZA.3
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 Trojan.PWS.Wsgame.origin
eSafe 7.0.17.0 2009.05.27 Win32.TRCrypt.Xdr
eTrust-Vet 31.6.6524 2009.05.27 Win32/Gamepass!generic
F-Prot 4.4.4.56 2009.05.27 W32/OnlineGames.CA.gen!Eldorado
Fortinet 3.117.0.0 2009.05.27 W32/OnLineGames.NRD!tr
GData 19 2009.05.27 Generic.Onlinegames.14.1C082D5E
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 Trojan-GameThief.Win32.Magania.beaa
McAfee 5628 2009.05.27 Generic Dropper.eb
McAfee+Artemis 5628 2009.05.27 Generic Dropper.eb
McAfee-GW-Edition 6.7.6 2009.05.27 Trojan.Crypt.XDR.Gen
Microsoft 1.4701 2009.05.27 PWS:Win32/Ldpinch.BY
NOD32 4109 2009.05.27 probably a variant of Win32/PSW.OnLineGames.NRD
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 Trj/Lineage.BZE
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 High Risk Cloaked Malware
Rising 21.31.21.00 2009.05.27 Trojan.PSW.Win32.XYOnline.alv
Sophos 4.42.0 2009.05.27 Mal/Emogen-R
Sunbelt 3.2.1858.2 2009.05.27 Trojan.Win32.Magania.gen (v)
Symantec 1.4.4.12 2009.05.27 Infostealer.Gampass
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 Possible_Movly-1
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 Trojan.DR.OnlineGames.Gen.118

Дополнительная информация
File size: 28267 bytes
MD5...: 4e4cbc72bca5ac242dc88cec079f4d59
SHA1..: 74c22fa962ffcc80eb61666292a8281a0e1265af
SHA256: 9958022e05c985c24a7487e2efb1eb8d121ea439d1f60c5518 f22d80394a4953
SHA512: 4124b859bf5f3f1107a1e1aa11ef4761c6b25a6890fb06da3f 374d06897b88b8
39015f17207b757515bc2344bff950e0b369b43fdab2bcff0b e2637575118f52
ssdeep: 768:b4TnwnQ6v4vsoCm6F15wk9vyQ3FZ3Vq1X:MTnSULCVd99a wVqh
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)

Файл abb.txt получен 2009.05.27 20:16:10 (UTC)
Текущий статус: закончено
Результат: 7/39 (17.95%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Win32.SuspectCrc!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 -
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 W32/FakeAlert.AY.gen!Eldorado
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 SHeur2.AIAO
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 W32/FakeAlert.AY.gen!Eldorado
F-Secure 8.0.14470.0 2009.05.27 -
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 -
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 Backdoor.Win32.Small.ibb
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 -
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 a variant of Win32/Kryptik.PQ
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 High Risk Cloaked Malware
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 -
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -

Дополнительная информация
File size: 40449 bytes
MD5...: 294d022a2c97342c24dbcc98527adc27
SHA1..: 32aa72f46a3b3a4ae0709eabed8f6d1994632c79
SHA256: 452e31c95952af674501a0519e63741568a1a3ba6267abc559 b461812d761b70
ssdeep: 384:AGvBwrzjKh7lMPmtaUcyOBWR7+1HIwivSBJ2GB+hnGSAIE fUmWpHlDYjNsju
gPNF:Arrw7lQmthftuHIfvCJ2K0TKPili41
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Файл Freemasons_featuring_Amanda_Wilso получен 2009.05.27 20:30:51 (UTC)
Текущий статус: закончено
Результат: 4/39 (10.26%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 -
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 HEUR/HTML.Malware
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 JS:Agent-CK
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 -
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 JS:Agent-CK
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 Heuristic.HTML.Malware
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 -
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -

Дополнительная информация
File size: 40841 bytes
MD5...: abb461d7af45c80afe27842cfdf809c5
SHA1..: be34553f4e622e180ac546940c6a243befc1bf65
SHA256: 671aaf1b94e5a01a08a9b67c616d139c10a697cb8b4223b08a 63305cd6b9b007
ssdeep: 384:qv+yBJ7zLFzufO1tC3OSCEZdSdm6ZvjLdjtEE8O:szuo
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл foto332.rar получен 2009.05.27 20:30:41 (UTC)
Текущий статус: закончено
Результат: 2/39 (5.13%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 -
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 -
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 -
Fortinet 3.117.0.0 2009.05.27 W32/SMSer.AL!tr
GData 19 2009.05.27 -
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 -
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 -
Sunbelt 3.2.1858.2 2009.05.27 Trojan-Dropper.Win32.Smser.al
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -

Дополнительная информация
File size: 114919 bytes
MD5...: 2dd6802e5b8cf81010cd02c59df36cc4
SHA1..: 3753eeb7b4517312b132176317aaf386ee91dd25
SHA256: cc2af806d41fd66670cf9365db6adb0789739ae16b82e553f6 ed3ab5a1d5ece1
ssdeep: 3072:a3eRwHJ2TuqsO8XwEpaHJJakhbSi8GXtiHge9D69Vvdom cjNYW:4+vKqIwA
aHJEE8Ge29szjWW
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл fx29id2.txt получен 2009.05.27 20:35:19 (UTC)
Текущий статус: закончено
Результат: 4/40 (10%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 PHP.Backdoor.AR!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 PHP/BackDoor.AR
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 PHP.Shell-8
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 -
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 -
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 Script.BackDoor.AR
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 -
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 2162 bytes
MD5...: 8dcad47f3e32e7dc1aee59167e67c601
SHA1..: 90cc34ac169204c4243028f4725565328b4c37e9
SHA256: dc66f84ed821c8a9c4afda5c5af6d137b54f33a0f95b668bec a49b039b62c4d7
ssdeep: 48:jVpwFwKyUsmlcAXixgTil+aykydBrMJYjBBNpBf0UVK6fbO LhpPR7:jVpVedi
Fs7el7
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл id.txt получен 2009.05.27 20:37:58 (UTC)
Текущий статус: закончено
Результат: 15/40 (37.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Win32.SuspectCrc!IK
AhnLab-V3 5.0.0.2 2009.05.27 HTML/Phpinfo
AntiVir 7.9.0.168 2009.05.27 SPR/PHP.ID
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 PHP:PHPInfo-A
AVG 8.5.0.339 2009.05.27 PHP/BackDoor.H
BitDefender 7.2 2009.05.27 Trojan.Script.55118
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 PHP.Id-14
Comodo 1207 2009.05.27 TrojWare.PHP.PHPInfo.g
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 Trojan.PHP.PHPInfo.g
Fortinet 3.117.0.0 2009.05.27 PHP/Zapchast.YR!tr
GData 19 2009.05.27 Trojan.Script.55118
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 Trojan.PHP.PHPInfo.g
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 Riskware.PHP.ID
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 PHP/Zapchast.NAI
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 Mal/PHPInfo-A
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 1356 bytes
MD5...: 5713ce15eed4cef6c86465a44de708ae
SHA1..: c21003aca5348cc07f37e3d200a4872da4bf8f42
SHA256: ed7c645b31ca5f074f615410d2a7a8f01674e715c0774cd6b3 d2aa5e52387a32
ssdeep: 24:2sUftFfvsFh4/vZXOHvSpQvyVu6f2ik6Hev96it//omWN7A3BrSwu5d/dDMuO
H:2sgFnsFeZwSpQvyw6+56immc7A3BrLuw
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл install.exe получен 2009.05.27 20:45:48 (UTC)
Текущий статус: закончено
Результат: 5/40 (12.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 -
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 TR/Dropper.Gen
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 -
Fortinet 3.117.0.0 2009.05.27 Misc/SystemSecurity
GData 19 2009.05.27 -
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 Trojan.Dropper.Gen
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 Medium Risk Malware
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 -
Sunbelt 3.2.1858.2 2009.05.27 SystemSecurity
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 490804 bytes
MD5...: 2b8d61bd8871cc3f86b213d9fecd9fa5
SHA1..: b5fbe334f5f3f8e292f130cde2cfbd2ce42af580
SHA256: 33941eac3e46f32731f6567a27a91b53e5c51c23376430e74f 725bd042402c87
ssdeep: 12288:fkxfm4UQZlEH7CbDDU7funegP/au6m77iy:4+H7CbDDU7megnau6m773
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)

Файл porn-tube.avi.exe получен 2009.05.27 20:46:39 (UTC)
Текущий статус: закончено
Результат: 26/40 (65%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Riskware.FraudTool.Win32.PrivacyCenter!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 DR/FakeAlert.RZ
Antiy-AVL 2.0.3.1 2009.05.27 FraudTool/Win32.PrivacyCenter
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 Win32:Adware-gen
AVG 8.5.0.339 2009.05.27 Generic4.EFU
BitDefender 7.2 2009.05.27 Trojan.FakeAlert.BDR
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 Win32.FakeAlert.Db
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 FraudTool.Win32.PrivacyCenter.co
Fortinet 3.117.0.0 2009.05.27 W32/FakeAlert.DB!tr
GData 19 2009.05.27 Trojan.FakeAlert.BDR
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 not-a-virus:FraudTool.Win32.PrivacyCenter.co
McAfee 5628 2009.05.27 FakeAlert-DB
McAfee+Artemis 5628 2009.05.27 FakeAlert-DB
McAfee-GW-Edition 6.7.6 2009.05.27 Trojan.Dropper.FakeAlert.RZ
Microsoft 1.4701 2009.05.27 Trojan:Win32/PrivacyCenter
NOD32 4109 2009.05.27 a variant of Win32/Adware.PrivacyComponents
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 Trj/CI.A
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 High Risk Cloaked Malware
Rising 21.31.21.00 2009.05.27 Trojan.Win32.FakeVir.is
Sophos 4.42.0 2009.05.27 Mal/FakeAV-AV
Sunbelt 3.2.1858.2 2009.05.27 Privacy components
Symantec 1.4.4.12 2009.05.27 Trojan Horse
TheHacker 6.3.4.3.332 2009.05.26 Adware/Agent.gen
TrendMicro 8.950.0.1092 2009.05.27 Cryp_FakeAV-12
VBA32 3.12.10.6 2009.05.27 Win32.Adware.PrivacyComponents
ViRobot 2009.5.27.1757 2009.05.27 Adware.PrivacyCenter.R.1984945.C
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 1984945 bytes
MD5...: 99d8fdcb581c11b5b5439b99caf423d6
SHA1..: 85372148766cda6c2aa3192a7fac018c536442b8
SHA256: f96e16540f3dbc815b5894076f80a894b4012dcd23743c4e35 559bb9798f6d13
ssdeep: 49152:SfLtxlzvBV2Ag/96v7fD+dHANE8i1JFCGLvEcTIMMdY17V:4xLV2Ag/Uv7
fDPNERUQvx/yY1J
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)

Файл update__.exe получен 2009.05.27 20:52:10 (UTC)
Текущий статус: закончено
Результат: 20/40 (50%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 P2P-Worm.Win32.Palevo!IK
AhnLab-V3 5.0.0.2 2009.05.27 Win32/Palevo.worm.184360
AntiVir 7.9.0.168 2009.05.27 Worm/Palevo.eiw
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 Gen:Trojan.Heur.B0857A2F5E
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 Win32.TrojanHorse
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 P2P-Worm.Win32.Palevo.eiw
Fortinet 3.117.0.0 2009.05.27 W32/VB.EDJ!worm.p2p
GData 19 2009.05.27 Gen:Trojan.Heur.B0857A2F5E
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 P2P-Worm.Win32.Palevo.eiw
Kaspersky 7.0.0.125 2009.05.27 P2P-Worm.Win32.Palevo.eiw
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 Artemis!752C997A56B0
McAfee-GW-Edition 6.7.6 2009.05.27 Worm.Palevo.eiw
Microsoft 1.4701 2009.05.27 Trojan:Win32/VB.QG
NOD32 4109 2009.05.27 a variant of Win32/Injector.OV
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 Worm/W32.Palevo.184360
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 Medium Risk Malware
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 W32/VB-EDJ
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 Trojan Horse
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 WORM_VB.IQQ
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 184360 bytes
MD5...: 752c997a56b0b126de6eac328d5f4c29
SHA1..: 55ae0761338115f8f2bbfff681efd3cd7956e1e9
SHA256: eb6312bd3a633c4dc29bd3c6a8ed818034da1f9b619ef71e0b eb549c4560dea8
ssdeep: 3072:7ptVr6si1kEZ2dcaIxHhVVmKMCqUGgOKn52eGM:77VmEk 2yX5so52eB
PEiD..: -
TrID..: File type identification
Win32 Executable Microsoft Visual Basic 6 (90.9%)
Win32 Executable Generic (6.1%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Файл test.txt получен 2009.05.27 20:52:02 (UTC)
Текущий статус: закончено
Результат: 16/40 (40%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Backdoor.PHP.Small.o!IK
AhnLab-V3 5.0.0.2 2009.05.27 HTML/Xema
AntiVir 7.9.0.168 2009.05.27 BDS/PHP.ali.1
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 BackDoor.Generic_c.BTI
BitDefender 7.2 2009.05.27 Backdoor.PHP.ALI
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 PHP.Shell-23
Comodo 1207 2009.05.27 Unclassified Malware
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 Exploit:PHP/Preamble.A
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 Backdoor.PHP.ALI
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 -
McAfee-GW-Edition 6.7.6 2009.05.27 Trojan.Backdoor.PHP.ali.1
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 PHP/Small.NAC
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 Backdoor.PHP.ALI
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 PHP.ShellBot.M
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 Troj/PHPBdoor-A
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 Backdoor.PHP.Small.o
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 PHP.ShellBot.M

Дополнительная информация
File size: 1165 bytes
MD5...: f1a9b4e4b207cd38641061e1b72d4775
SHA1..: 33c02179e53c19e00897fb0c63501acc0a2233e8
SHA256: 0b3eef46d7111939962db133d2e75530fbb7946d92a33195ca 6b7f2e1affe43a
ssdeep: 24:kwauoGPmXvuH6dcFTGPmXvuH6dc4H6dcZ1Mpn6+YvKsLKPX VwuHENNTh:bBoC
gMQsCgMQfQu1M5XW0SNl
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

Файл registrycleanerdoktor.exe получен 2009.05.27 20:53:04 (UTC)
Текущий статус: закончено
Результат: 5/40 (12.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.05.27 Downloader.FraudLoad!IK
AhnLab-V3 5.0.0.2 2009.05.27 -
AntiVir 7.9.0.168 2009.05.27 DR/FraudLoad.umy
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.27 -
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.27 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.27 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.27 -
eSafe 7.0.17.0 2009.05.27 -
eTrust-Vet 31.6.6524 2009.05.27 -
F-Prot 4.4.4.56 2009.05.27 -
F-Secure 8.0.14470.0 2009.05.27 Rogue:W32/FakeAlert.FK
Fortinet 3.117.0.0 2009.05.27 -
GData 19 2009.05.27 -
Ikarus T3.1.1.57.0 2009.05.27 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.27 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 Artemis!1D8CF463C1CF
McAfee-GW-Edition 6.7.6 2009.05.27 Trojan.Dropper.FraudLoad.umy
Microsoft 1.4701 2009.05.27 -
NOD32 4109 2009.05.27 -
Norman 6.01.05 2009.05.27 -
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.27 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.27 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.27 -
Sunbelt 3.2.1858.2 2009.05.27 -
Symantec 1.4.4.12 2009.05.27 -
TheHacker 6.3.4.3.332 2009.05.26 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -

Дополнительная информация
File size: 2690520 bytes
MD5...: 1d8cf463c1cfddc8692cf7d163af0cf8
SHA1..: 47fa03934acb51a0dfb50771926f94dfb80e4cf4
SHA256: 82b5ec3f2d01ea50a421d1b8c479fc710138377dd1317a3023 f331f6d07f9bc6
ssdeep: 49152:h2LKzU5cqDuf6j1eyqmPKpFMOHh61Qn1NFuVmgsH0cKa lGM9q2h66M8MMr
:kWzUTu7yhPo1oiFu4gM0ElGM9l76Y
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)

Фух, все

**Shu_b** · 01.06.2009, 16:48

Апрель - Май. Что присылали, то и видим

**ALEX(XX)** · 02.06.2009, 11:10

Сегодня с утра выловил на одной рабочей станции. Зараза практически полностью нульсовая, о чём красноречиво говорит вирустотал. Это Лжеантивирус

Файл pcdefender.exe получен 2009.06.02 06:59:34 (UTC)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.06.02	-
AhnLab-V3	5.0.0.2	2009.06.02	-
AntiVir	7.9.0.180	2009.06.01	-
Antiy-AVL	2.0.3.1	2009.06.02	-
Authentium	5.1.2.4	2009.06.02	-
Avast	4.8.1335.0	2009.06.01	-
AVG	8.5.0.339	2009.06.01	-
BitDefender	7.2	2009.06.02	-
CAT-QuickHeal	10.00	2009.06.01	(Suspicious) - DNAScan
ClamAV	0.94.1	2009.06.02	-
Comodo	1232	2009.06.02	-
DrWeb	5.0.0.12182	2009.05.29	-
eSafe	7.0.17.0	2009.06.01	Suspicious File
F-Prot	4.4.4.56	2009.06.02	-
F-Secure	8.0.14470.0	2009.06.02	-
Fortinet	3.117.0.0	2009.06.02	-
GData	19	2009.06.02	-
Ikarus	T3.1.1.57.0	2009.06.02	-
K7AntiVirus	7.10.749	2009.05.29	-
Kaspersky	7.0.0.125	2009.06.02	-
McAfee	5633	2009.06.01	FakeAlert-CM
McAfee+Artemis	5633	2009.06.01	FakeAlert-CM
McAfee-GW-Edition	6.7.6	2009.05.29	Trojan.LooksLike.Dropper
Microsoft	1.4701	2009.06.02	Trojan:Win32/FakeRean
NOD32	4121	2009.06.02	-
Norman	6.01.05	2009.06.01	-
nProtect	2009.1.8.0	2009.06.02	-
Panda	10.0.0.14	2009.06.01	-
PCTools	4.4.2.0	2009.06.01	-
Prevx	3.0	2009.06.02	Medium Risk Malware
Rising	21.32.11.00	2009.06.02	-
Sophos	4.42.0	2009.06.02	-
Sunbelt	3.2.1858.2	2009.06.02	FraudTool.Win32.RogueSecurity (v)
Symantec	1.4.4.12	2009.06.02	-
TheHacker	6.3.4.3.335	2009.06.01	-
TrendMicro	8.950.0.1092	2009.06.02	-
VBA32	3.12.10.6	2009.06.02	-
ViRobot	2009.6.2.1764	2009.06.02	-
VirusBuster	4.6.5.0	2009.06.01	-

Дополнительная информация
File size: 1022976 bytes
MD5...: a1d662f2d031c7d717c94a9b214c35a6
SHA1..: 2e66d58955b2e79a9deef54bff91f4ca10d2fc02
SHA256: d275db28bb974a9efaf6a75245a0e0b7a911e75171029be540 fa877b2d9f0a7d
ssdeep: - 
PEiD..: -
TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x131c timedatestamp.....: 0x44cbedc2 (Sat Jul 29 23:22:42 2006) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 0x1000 0x31275 0x31400 7.98 d29cdbeea790849b73f9f8d28e41db28 .data 0x33000 0xf2309 0xc3400 7.98 75a68078a30499fcd58983d45fc334ef .idata 0x126000 0x160 0x400 1.57 f279fb28c54087e0d2fb2cad16272365 .rsrc 0x127000 0x45bc 0x4800 6.08 df394f8265ba158a267016f61360aff3 .reloc 0x12c000 0x2cd000 0x400 0.19 9c710e752669be110de5ca6a1bfa8588 ( 1 imports ) > kernel32.dll: SetStdHandle, GetModuleHandleA, HeapAlloc, GetCommandLineW, Sleep, GetACP, VirtualProtect, ExitProcess, GetOEMCP, SetConsoleCP, GetStartupInfoA ( 0 exports ) 
PDFiD.: -
RDS...: NSRL Reference Data Set -
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=7FAA6687002AE18F9C080FCDA EAE2D008F8F81FA' target='_blank'>http://info.prevx.com/aboutprogramte...81FA</a>

**Shu_b** · 02.06.2009, 11:12

Файл sysdate.exe получен 2009.06.02 07:06:47 (UTC)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.06.02	Trojan.Win32.DNSChanger!IK
AhnLab-V3	5.0.0.2	2009.06.02	-
AntiVir	7.9.0.180	2009.06.01	TR/Crypt.XPACK.Gen
Antiy-AVL	2.0.3.1	2009.06.02	-
Authentium	5.1.2.4	2009.06.02	-
Avast	4.8.1335.0	2009.06.01	Win32:Trojan-gen {Other}
AVG	8.5.0.339	2009.06.01	Win32/Heur
BitDefender	7.2	2009.06.02	-
CAT-QuickHeal	10.00	2009.06.01	(Suspicious) - DNAScan
ClamAV	0.94.1	2009.06.02	-
Comodo	1232	2009.06.02	-
DrWeb	5.0.0.12182	2009.05.29	-
eSafe	7.0.17.0	2009.06.01	Win32.TRCrypt.XPACK
F-Prot	4.4.4.56	2009.06.02	-
F-Secure	8.0.14470.0	2009.06.02	-
Fortinet	3.117.0.0	2009.06.02	-
GData	19	2009.06.02	Win32:Trojan-gen {Other}
Ikarus	T3.1.1.57.0	2009.06.02	-
K7AntiVirus	7.10.749	2009.05.29	-
Kaspersky	7.0.0.125	2009.06.02	-
McAfee	5633	2009.06.01	-
McAfee+Artemis	5633	2009.06.01	-
McAfee-GW-Edition	6.7.6	2009.05.29	Trojan.Crypt.XPACK.Gen
Microsoft	1.4701	2009.06.02	-
NOD32	4121	2009.06.02	a variant of Win32/Kryptik.QB
Norman	6.01.05	2009.06.01	-
nProtect	2009.1.8.0	2009.06.02	-
Panda	10.0.0.14	2009.06.01	-
PCTools	4.4.2.0	2009.06.01	-
Prevx	3.0	2009.06.02	High Risk Cloaked Malware
Rising	21.32.11.00	2009.06.02	Packer.Win32.UnkPacker.a [Suspicious]
Sophos	4.42.0	2009.06.02	-
Sunbelt	3.2.1858.2	2009.06.02	-
Symantec	1.4.4.12	2009.06.02	Trojan Horse
TheHacker	6.3.4.3.335	2009.06.01	-
TrendMicro	8.950.0.1092	2009.06.02	PAK_Generic.001
VBA32	3.12.10.6	2009.06.02	-
ViRobot	2009.6.2.1764	2009.06.02	-
VirusBuster	4.6.5.0	2009.06.01	-

Дополнительная информация
File size: 139264 bytes
MD5...: 98d3d45974892a4a1b13c1e6767f868a

Файл tempo-4778671.tmp получен 2009.06.02 07:15:34 (UTC)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.06.02	-
AhnLab-V3	5.0.0.2	2009.06.02	-
AntiVir	7.9.0.180	2009.06.01	-
Antiy-AVL	2.0.3.1	2009.06.02	-
Authentium	5.1.2.4	2009.06.02	-
Avast	4.8.1335.0	2009.06.01	-
AVG	8.5.0.339	2009.06.01	-
BitDefender	7.2	2009.06.02	-
CAT-QuickHeal	10.00	2009.06.01	-
ClamAV	0.94.1	2009.06.02	-
Comodo	1232	2009.06.02	-
DrWeb	5.0.0.12182	2009.05.29	-
eSafe	7.0.17.0	2009.06.01	-
eTrust-Vet	31.6.6534	2009.06.02	-
F-Prot	4.4.4.56	2009.06.02	-
F-Secure	8.0.14470.0	2009.06.02	-
Fortinet	3.117.0.0	2009.06.02	-
GData	19	2009.06.02	-
Ikarus	T3.1.1.57.0	2009.06.02	-
K7AntiVirus	7.10.749	2009.05.29	-
Kaspersky	7.0.0.125	2009.06.02	-
McAfee	5633	2009.06.01	Generic Dropper.cx
McAfee+Artemis	5633	2009.06.01	Generic Dropper.cx
McAfee-GW-Edition	6.7.6	2009.05.29	Trojan.Dldr.LooksLike.CodecPack
Microsoft	1.4701	2009.06.02	-
NOD32	4121	2009.06.02	-
Norman	6.01.05	2009.06.01	-
nProtect	2009.1.8.0	2009.06.02	-
Panda	10.0.0.14	2009.06.01	-
PCTools	4.4.2.0	2009.06.01	-
Prevx	3.0	2009.06.02	Medium Risk Malware
Rising	21.32.11.00	2009.06.02	-
Sophos	4.42.0	2009.06.02	Mal/EncPk-HW
Sunbelt	3.2.1858.2	2009.06.02	-
Symantec	1.4.4.12	2009.06.02	-
TheHacker	6.3.4.3.335	2009.06.01	-
TrendMicro	8.950.0.1092	2009.06.02	-
VBA32	3.12.10.6	2009.06.02	-
ViRobot	2009.6.2.1764	2009.06.02	-

Дополнительная информация
File size: 114692 bytes
MD5...: 3c79a3c1be05e1691440dba10adea21d

**ALEX(XX)** · 02.06.2009, 14:11

Файл avz00009.dta получен 2009.06.02 10:01:34 (UTC)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.06.02	Trojan-Dropper.Agent!IK
AhnLab-V3	5.0.0.2	2009.06.02	-
AntiVir	7.9.0.180	2009.06.02	-
Antiy-AVL	2.0.3.1	2009.06.02	-
Authentium	5.1.2.4	2009.06.02	-
Avast	4.8.1335.0	2009.06.01	Win32:Rootkit-gen
AVG	8.5.0.339	2009.06.01	-
BitDefender	7.2	2009.06.02	-
CAT-QuickHeal	10.00	2009.06.02	-
ClamAV	0.94.1	2009.06.02	-
Comodo	1232	2009.06.02	-
DrWeb	5.0.0.12182	2009.06.02	-
eSafe	7.0.17.0	2009.06.01	-
eTrust-Vet	31.6.6535	2009.06.02	-
F-Prot	4.4.4.56	2009.06.02	-
F-Secure	8.0.14470.0	2009.06.02	-
Fortinet	3.117.0.0	2009.06.02	-
GData	19	2009.06.02	Win32:Rootkit-gen 
Ikarus	T3.1.1.57.0	2009.06.02	-
K7AntiVirus	7.10.749	2009.05.29	-
Kaspersky	7.0.0.125	2009.06.02	-
McAfee	5633	2009.06.01	-
McAfee+Artemis	5633	2009.06.01	Artemis!7D1F4957340B
McAfee-GW-Edition	6.7.6	2009.05.29	-
Microsoft	1.4701	2009.06.02	-
NOD32	4122	2009.06.02	Win32/Delf.OIJ
Norman	6.01.05	2009.06.01	-
nProtect	2009.1.8.0	2009.06.02	-
Panda	10.0.0.14	2009.06.01	-
PCTools	4.4.2.0	2009.06.01	-
Prevx	3.0	2009.06.02	Medium Risk Malware
Rising	21.32.12.00	2009.06.02	-
Sophos	4.42.0	2009.06.02	-
Sunbelt	3.2.1858.2	2009.06.02	-
Symantec	1.4.4.12	2009.06.02	-
TheHacker	6.3.4.3.335	2009.06.01	-
TrendMicro	8.950.0.1092	2009.06.02	-
VBA32	3.12.10.6	2009.06.02	Win32.Delf.OIJ
ViRobot	2009.6.2.1764	2009.06.02	-
VirusBuster	4.6.5.0	2009.06.01	-

урожайный день...

**Shu_b** · 02.06.2009, 16:30

File kb78415.dll received on 2009.06.02 12:25:06 (UTC)

Код:

Antivirus	Version	Last Update	Result
a-squared	4.0.0.101	2009.06.02	Trojan.Win32.FakeXPA!IK
AhnLab-V3	5.0.0.2	2009.06.02	-
AntiVir	7.9.0.180	2009.06.02	TR/Crypt.XPACK.Gen
Antiy-AVL	2.0.3.1	2009.06.02	-
Authentium	5.1.2.4	2009.06.02	-
Avast	4.8.1335.0	2009.06.01	-
AVG	8.5.0.339	2009.06.02	-
BitDefender	7.2	2009.06.02	-
CAT-QuickHeal	10.00	2009.06.02	-
ClamAV	0.94.1	2009.06.02	-
Comodo	1233	2009.06.02	-
DrWeb	5.0.0.12182	2009.06.02	-
eSafe	7.0.17.0	2009.06.01	-
eTrust-Vet	31.6.6535	2009.06.02	-
F-Prot	4.4.4.56	2009.06.02	-
F-Secure	8.0.14470.0	2009.06.02	-
Fortinet	3.117.0.0	2009.06.02	-
GData	19	2009.06.02	-
Ikarus	T3.1.1.57.0	2009.06.02	-
K7AntiVirus	7.10.749	2009.05.29	-
Kaspersky	7.0.0.125	2009.06.02	-
McAfee	5633	2009.06.01	-
McAfee+Artemis	5633	2009.06.01	-
McAfee-GW-Edition	6.7.6	2009.05.29	Trojan.Crypt.XPACK.Gen
Microsoft	1.4701	2009.06.02	-
NOD32	4122	2009.06.02	-
Norman	6.01.05	2009.06.01	-
nProtect	2009.1.8.0	2009.06.02	-
Panda	10.0.0.14	2009.06.01	-
PCTools	4.4.2.0	2009.06.02	-
Prevx	3.0	2009.06.02	-
Rising	21.32.13.00	2009.06.02	Packer.Win32.Mian007.a
Sophos	4.42.0	2009.06.02	-
Sunbelt	3.2.1858.2	2009.06.02	-
Symantec	1.4.4.12	2009.06.02	-
TheHacker	6.3.4.3.335	2009.06.01	-
TrendMicro	8.950.0.1092	2009.06.02	-
VBA32	3.12.10.6	2009.06.02	-
ViRobot	2009.6.2.1765	2009.06.02	-
VirusBuster	4.6.5.0	2009.06.01	-

Additional information
File size: 22528 bytes
MD5...: bd73b5d9578bea5e4a2a863538e508e6

File kb78415.exe received on 2009.06.02 12:25:10 (UTC)

Код:

Antivirus	Version	Last Update	Result
a-squared	4.0.0.101	2009.06.02	Trojan-Spy.Win32.Banbra!IK
AhnLab-V3	5.0.0.2	2009.06.02	-
AntiVir	7.9.0.180	2009.06.02	TR/Crypt.XPACK.Gen
Antiy-AVL	2.0.3.1	2009.06.02	-
Authentium	5.1.2.4	2009.06.02	-
Avast	4.8.1335.0	2009.06.01	-
AVG	8.5.0.339	2009.06.02	-
BitDefender	7.2	2009.06.02	-
CAT-QuickHeal	10.00	2009.06.02	-
ClamAV	0.94.1	2009.06.02	-
Comodo	1233	2009.06.02	-
DrWeb	5.0.0.12182	2009.06.02	-
eSafe	7.0.17.0	2009.06.01	-
eTrust-Vet	31.6.6535	2009.06.02	-
F-Prot	4.4.4.56	2009.06.02	-
F-Secure	8.0.14470.0	2009.06.02	-
Fortinet	3.117.0.0	2009.06.02	-
GData	19	2009.06.02	-
Ikarus	T3.1.1.57.0	2009.06.02	-
K7AntiVirus	7.10.749	2009.05.29	-
Kaspersky	7.0.0.125	2009.06.02	-
McAfee	5633	2009.06.01	-
McAfee+Artemis	5633	2009.06.01	Artemis!25B799D2FFF3
McAfee-GW-Edition	6.7.6	2009.05.29	Trojan.Crypt.XPACK.Gen
Microsoft	1.4701	2009.06.02	-
NOD32	4122	2009.06.02	-
Norman	6.01.05	2009.06.01	-
nProtect	2009.1.8.0	2009.06.02	-
Panda	10.0.0.14	2009.06.01	-
PCTools	4.4.2.0	2009.06.02	-
Prevx	3.0	2009.06.02	High Risk Worm
Rising	21.32.13.00	2009.06.02	Packer.Win32.Mian007.a
Sophos	4.42.0	2009.06.02	Mal/Generic-A
Sunbelt	3.2.1858.2	2009.06.02	-
Symantec	1.4.4.12	2009.06.02	-
TheHacker	6.3.4.3.335	2009.06.01	-
TrendMicro	8.950.0.1092	2009.06.02	-
VBA32	3.12.10.6	2009.06.02	-
ViRobot	2009.6.2.1765	2009.06.02	-
VirusBuster	4.6.5.0	2009.06.01	-

Additional information
File size: 59904 bytes
MD5...: 25b799d2fff302caf44e81fb1527a39b

**senyak** · 03.06.2009, 00:31

Файл foto25.gif получен 2009.06.02 20:25:32 (UTC)
Текущий статус: закончено
Результат: 7/40 (17.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.06.02 -
AhnLab-V3 5.0.0.2 2009.06.02 -
AntiVir 7.9.0.180 2009.06.02 HEUR/Crypted.E
Antiy-AVL 2.0.3.1 2009.06.02 -
Authentium 5.1.2.4 2009.06.02 -
Avast 4.8.1335.0 2009.06.01 -
AVG 8.5.0.339 2009.06.02 Win32/Heur
BitDefender 7.2 2009.06.02 -
CAT-QuickHeal 10.00 2009.06.02 -
ClamAV 0.94.1 2009.06.02 -
Comodo 1239 2009.06.02 -
DrWeb 5.0.0.12182 2009.06.02 -
eSafe 7.0.17.0 2009.06.02 -
eTrust-Vet 31.6.6535 2009.06.02 -
F-Prot 4.4.4.56 2009.06.02 -
F-Secure 8.0.14470.0 2009.06.02 -
Fortinet 3.117.0.0 2009.06.02 -
GData 19 2009.06.02 -
Ikarus T3.1.1.57.0 2009.06.02 -
K7AntiVirus 7.10.752 2009.06.02 -
Kaspersky 7.0.0.125 2009.06.02 Trojan-Dropper.Win32.Smser.be
McAfee 5634 2009.06.02 -
McAfee+Artemis 5634 2009.06.02 Artemis!B7A14B281AA2
McAfee-GW-Edition 6.7.6 2009.05.29 Win32.Malware.gen!82 (suspicious)
Microsoft 1.4701 2009.06.02 VirTool:Win32/Obfuscator.FL
NOD32 4124 2009.06.02 -
Norman 6.01.05 2009.06.02 -
nProtect 2009.1.8.0 2009.06.02 -
Panda 10.0.0.14 2009.06.02 -
PCTools 4.4.2.0 2009.06.02 -
Prevx 3.0 2009.06.02 -
Rising 21.32.14.00 2009.06.02 Packer.Win32.UnkPacker.a [Suspicious]
Sophos 4.42.0 2009.06.02 -
Sunbelt 3.2.1858.2 2009.06.02 -
Symantec 1.4.4.12 2009.06.02 -
TheHacker 6.3.4.3.337 2009.06.02 -
TrendMicro 8.950.0.1092 2009.06.02 -
VBA32 3.12.10.6 2009.06.02 -
ViRobot 2009.6.2.1765 2009.06.02 -
VirusBuster 4.6.5.0 2009.06.02 -

Дополнительная информация
File size: 242688 bytes
MD5...: b7a14b281aa2317a43f5913c0298839e
SHA1..: 5c8a8caed91c640860bca54cb71e10f89bd3411b
SHA256: 46b7ce26146f8a4eff7694b527dc8a30290b5105863ce6e28f 96f6a343b5c5a2
ssdeep: -
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.3%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)

**mseryoga** · 03.06.2009, 22:41

Файл imerto.exe получен 2009.06.03 17:37:31 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.06.03 -
AhnLab-V3 5.0.0.2 2009.06.03 Dropper/Xema.22016.AH
AntiVir 7.9.0.180 2009.06.03 -
Antiy-AVL 2.0.3.1 2009.06.03 -
Authentium 5.1.2.4 2009.06.03 -
Avast 4.8.1335.0 2009.06.02 -
AVG 8.5.0.339 2009.06.03 -
BitDefender 7.2 2009.06.03 MemScan:Trojan.Generic.1857123
CAT-QuickHeal 10.00 2009.06.03 -
ClamAV 0.94.1 2009.06.03 -
Comodo 1248 2009.06.03 -
DrWeb 5.0.0.12182 2009.06.03 -
eSafe 7.0.17.0 2009.06.03 Suspicious File
eTrust-Vet 31.6.6537 2009.06.03 -
F-Prot 4.4.4.56 2009.06.03 -
F-Secure 8.0.14470.0 2009.06.03 -
Fortinet 3.117.0.0 2009.06.03 -
GData 19 2009.06.03 MemScan:Trojan.Generic.1857123
Ikarus T3.1.1.59.0 2009.06.03 -
K7AntiVirus 7.10.752 2009.06.02 -
Kaspersky 7.0.0.125 2009.06.03 -
McAfee 5635 2009.06.03 -
McAfee+Artemis 5635 2009.06.03 -
McAfee-GW-Edition 6.7.6 2009.06.03 -
Microsoft 1.4701 2009.06.03 -
NOD32 4128 2009.06.03 -
Norman 6.01.09 2009.06.03 -
nProtect 2009.1.8.0 2009.06.03 -
Panda 10.0.0.14 2009.06.03 -
PCTools 4.4.2.0 2009.06.02 -
Prevx 3.0 2009.06.03 -
Rising 21.32.24.00 2009.06.03 -
Sophos 4.42.0 2009.06.03 -
Sunbelt 3.2.1858.2 2009.06.03 -
Symantec 1.4.4.12 2009.06.03 -
TheHacker 6.3.4.3.338 2009.06.03 -
TrendMicro 8.950.0.1092 2009.06.03 PAK_Generic.001
VBA32 3.12.10.6 2009.06.02 -
ViRobot 2009.6.3.1767 2009.06.03 -

Дополнительная информация
File size: 24576 bytes
MD5...: 0ef0a1b5a4c2cb6fea48483cad3f0edd
SHA1..: ab56b3797530e36eb67fda5189572575bd5fa42b
SHA256: b1bf3dab51354160ddc559c6112bdf9728c33e1bd250cbf38e b8de78d221a5ce
ssdeep: -
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xe070
timedatestamp.....: 0x498d2b24 (Sat Feb 07 06:33:08 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0xa000 0x5000 0x4e00 7.84 65b70b6ce4e628e9ffd2a6fd4e11a932
.rsrc 0xf000 0x1000 0x1000 4.03 0b9a77dac0dd72b3f540ad5b92609895

( 7 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> COMCTL32.dll: InitCommonControls
> GDI32.dll: SetBkColor
> MSVCRT.dll: memset
> OLE32.dll: CoInitialize
> SHELL32.dll: ShellExecuteExA
> USER32.dll: IsChild

( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): UPX
packers (F-Prot): UPX_LZMA

**ZhIV** · 04.06.2009, 11:26

Файл comres.dll получен 2009.06.04 07

12 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.06.04 Generic.Onlinegames!IK
AhnLab-V3 5.0.0.2 2009.06.04 -
AntiVir 7.9.0.180 2009.06.04 TR/Hijacker.Gen
Antiy-AVL 2.0.3.1 2009.06.03 -
Authentium 5.1.2.4 2009.06.03 W32/OnlineGames.CA.gen!Eldorado
Avast 4.8.1335.0 2009.06.03 Win32:Agent-ACMH
AVG 8.5.0.339 2009.06.03 PSW.Generic7.KYC
BitDefender 7.2 2009.06.04 Generic.Onlinegames.14.07458B75
CAT-QuickHeal 10.00 2009.06.03 -
ClamAV 0.94.1 2009.06.04 -
Comodo 1253 2009.06.04 -
DrWeb 5.0.0.12182 2009.06.04 -
eSafe 7.0.17.0 2009.06.03 Suspicious File
eTrust-Vet 31.6.6538 2009.06.04 -
F-Prot 4.4.4.56 2009.06.03 W32/OnlineGames.CA.gen!Eldorado
F-Secure 8.0.14470.0 2009.06.04 Trojan-GameThief.Win32.Magania.bfdp
Fortinet 3.117.0.0 2009.06.04 W32/OnLineGames.HTE!tr.pws
GData 19 2009.06.04 Generic.Onlinegames.14.07458B75
Ikarus T3.1.1.59.0 2009.06.04 -
K7AntiVirus 7.10.752 2009.06.02 -
Kaspersky 7.0.0.125 2009.06.04 Trojan-GameThief.Win32.Magania.bfdp
McAfee 5635 2009.06.03 PWS-OnlineGames.ek
McAfee+Artemis 5635 2009.06.03 PWS-OnlineGames.ek
McAfee-GW-Edition 6.7.6 2009.06.04 Trojan.Hijacker.Gen
Microsoft 1.4701 2009.06.04 PWS:Win32/OnLineGames.DH
NOD32 4129 2009.06.04 a variant of Win32/PSW.OnLineGames.NRD
Norman 6.01.09 2009.06.03 -
nProtect 2009.1.8.0 2009.06.04 Trojan/W32.Agent.226916
Panda 10.0.0.14 2009.06.03 -
PCTools 4.4.2.0 2009.06.02 -
Prevx 3.0 2009.06.04 High Risk Fraudulent Security Program
Rising 21.32.31.00 2009.06.04 Trojan.PSW.Win32.GameOnline.djj
Sophos 4.42.0 2009.06.04 Mal/Emogen-R
Sunbelt 3.2.1858.2 2009.06.03 Trojan.Win32.Magania.gen (v)
Symantec 1.4.4.12 2009.06.04 Infostealer.Gampass
TheHacker 6.3.4.3.339 2009.06.03 -
TrendMicro 8.950.0.1092 2009.06.04 Mal_OLGM-23
VBA32 3.12.10.6 2009.06.03 -
ViRobot 2009.6.4.1768 2009.06.04 -
VirusBuster 4.6.5.0 2009.06.03 Trojan.OnlineGames.Gen.119

Дополнительная информация
File size: 226916 bytes
MD5...: c8d58868be435f7a807c3521de699586
SHA1..: b5d06fce40afcf5c5518083fa9e1be4b12229227
SHA256: 830ed03990bf4689b8c66d23de82b9d9bf1d9047092d56d6e1 b649c1034217a1
ssdeep: - 
PEiD..: -

**vlad179** · 06.06.2009, 20:47

Свежая зараза, с утра толком никто не знал, сейчас есть подтверждение от Касперского Trojan.JS.Agent.ahl

all.js 2009.06.06 06:11:51 (UTC)

a-squared 4.0.0.101 2009.06.04 -
AhnLab-V3 5.0.0.2 2009.06.05 -
AntiVir 7.9.0.180 2009.06.05 HTML/Crypted.Gen
Antiy-AVL 2.0.3.1 2009.06.05 -
Authentium 5.1.2.4 2009.06.05 -
Avast 4.8.1335.0 2009.06.05 -
AVG 8.5.0.339 2009.06.05 -
BitDefender 7.2 2009.06.06 -
CAT-QuickHeal 10.00 2009.06.05 -
ClamAV 0.94.1 2009.06.06 -
Comodo 1270 2009.06.06 -
DrWeb 5.0.0.12182 2009.06.06 -
eSafe 7.0.17.0 2009.06.04 -
eTrust-Vet 31.6.6542 2009.06.05 -
F-Prot 4.4.4.56 2009.06.05 -
F-Secure 8.0.14470.0 2009.06.05 -
Fortinet 3.117.0.0 2009.06.06 -
GData 19 2009.06.06 -
Ikarus T3.1.1.59.0 2009.06.06 -
K7AntiVirus 7.10.754 2009.06.04 -
Kaspersky 7.0.0.125 2009.06.06 -
McAfee 5637 2009.06.05 -
McAfee+Artemis 5637 2009.06.05 -
McAfee-GW-Edition 6.7.6 2009.06.05 Heuristic.Script.Crypted
Microsoft 1.4701 2009.06.06 -
NOD32 4134 2009.06.05 -
Norman 6.01.09 2009.06.05 -
nProtect 2009.1.8.0 2009.06.06 -
Panda 10.0.0.14 2009.06.05 -
PCTools 4.4.2.0 2009.06.05 -
Prevx 3.0 2009.06.06 -
Rising 21.32.50.00 2009.06.06 -
Sophos 4.42.0 2009.06.06 -
Sunbelt 3.2.1858.2 2009.06.06 -
Symantec 1.4.4.12 2009.06.06 -
TheHacker 6.3.4.3.340 2009.06.05 -
TrendMicro 8.950.0.1092 2009.06.05 -
VBA32 3.12.10.6 2009.06.06 -
ViRobot 2009.6.5.1771 2009.06.05 -
VirusBuster 4.6.5.0 2009.06.05 -

File size: 5402 bytes
MD5...: 03702f59c147f4f05889837693ea6734
SHA1..: e7ebe562cef9d0ad8a2a6d8293e6521cdcbe3515
SHA256: 8d2243f889bf9a457928e431fc9a03f7544d941ff63c914d02 6fae26fbf1574b
ssdeep: - 
PEiD..: -
TrID..: File type identification file seems to be plain text/ASCII (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set -

**Black Angel** · 07.06.2009, 18:41

Файл lsasss.exe получен 2009.06.07 14:23:42 (UTC)
Результат: 4/38 (10.53%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.06.04 -
AhnLab-V3 5.0.0.2 2009.06.07 -
AntiVir 7.9.0.180 2009.06.06 -
Antiy-AVL 2.0.3.1 2009.06.05 -
Authentium 5.1.2.4 2009.06.06 -
Avast 4.8.1335.0 2009.06.06 -
AVG 8.5.0.339 2009.06.07 -
BitDefender 7.2 2009.06.07 -
CAT-QuickHeal 10.00 2009.06.06 -
ClamAV 0.94.1 2009.06.07 -
Comodo 1279 2009.06.07 -
DrWeb 5.0.0.12182 2009.06.07 Trojan.Fakealert.4305
eSafe 7.0.17.0 2009.06.07 -
eTrust-Vet 31.6.6542 2009.06.05 -
F-Prot 4.4.4.56 2009.06.06 -
F-Secure 8.0.14470.0 2009.06.05 -
Fortinet 3.117.0.0 2009.06.07 -
GData 19 2009.06.07 -
Ikarus T3.1.1.59.0 2009.06.07 -
K7AntiVirus 7.10.754 2009.06.04 -
Kaspersky 7.0.0.125 2009.06.07 -
McAfee 5638 2009.06.06 -
McAfee+Artemis 5638 2009.06.06 -
McAfee-GW-Edition 6.7.6 2009.06.07 Trojan.LooksLike.BurnInHell
Microsoft 1.4701 2009.06.07 Trojan:Win32/FakeXPA
NOD32 4136 2009.06.07 -
Norman 6.01.09 2009.06.05 -
nProtect 2009.1.8.0 2009.06.07 -
Panda 10.0.0.14 2009.06.07 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.07 Medium Risk Malware
Rising 21.32.62.00 2009.06.07 -
Sophos 4.42.0 2009.06.07 -
Sunbelt 3.2.1858.2 2009.06.06 -
Symantec 1.4.4.12 2009.06.07 -
TrendMicro 8.950.0.1092 2009.06.06 -
VBA32 3.12.10.6 2009.06.06 -
ViRobot 2009.6.5.1771 2009.06.05 -

Дополнительная информация
File size: 147456 bytes
MD5   : 7d96921eebcc78ba717cfeb4e1dbdf3b
SHA1  : 990d50214c6e3dc660830dce4f2720ae8cd7122e
SHA256: 6a4547ca8aa3634633a23ec4578ab4aa982f54deea263b6723 78b7b5896ba5b9

**senyak** · 09.06.2009, 08:49

Файл codec.exe получен 2009.06.09 04:32:51 (UTC)
Текущий статус: закончено
Результат: 12/39 (30.77%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.08 -
AntiVir 7.9.0.180 2009.06.08 -
Antiy-AVL 2.0.3.1 2009.06.08 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.08 SHeur2.AKFZ
BitDefender 7.2 2009.06.09 Gen:Trojan.Heur.6025DA8FFE
CAT-QuickHeal 10.00 2009.06.09 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.06.08 -
Comodo 1289 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 -
eSafe 7.0.17.0 2009.06.07 Suspicious File
eTrust-Vet 31.6.6548 2009.06.08 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.08 -
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 Gen:Trojan.Heur.6025DA8FFE
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 Trojan-Downloader.Win32.CodecPack.hze
McAfee 5640 2009.06.08 FakeAlert-CM
McAfee+Artemis 5640 2009.06.08 FakeAlert-CM
McAfee-GW-Edition 6.7.6 2009.06.09 -
Microsoft 1.4701 2009.06.08 -
NOD32 4139 2009.06.08 a variant of Win32/Kryptik.SM
Norman 6.01.09 2009.06.08 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.08 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.09 Medium Risk Malware Downloader
Rising 21.33.10.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 Mal/EncPk-HH
Sunbelt 3.2.1858.2 2009.06.09 VIPRE.Suspicious
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1774 2009.06.09 -

Дополнительная информация
File size: 109571 bytes
MD5...: 6f518582e2159c94d9eb755878191c5a
SHA1..: 900488b5473f84df5885e201bf2445e7dfc9a926
SHA256: 3cbadaf4d3ab86349460a35eaab5c3a096494aef06d56c5427 0c546fa430c462
ssdeep: -
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Файл install.48108.exe получен 2009.06.09 04:33:46 (UTC)
Текущий статус: закончено
Результат: 17/40 (42.5%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.18 2009.06.09 Trojan-Downloader.Win32.CodecPack!IK
AhnLab-V3 5.0.0.2 2009.06.08 -
AntiVir 7.9.0.180 2009.06.08 TR/Dldr.CodecPack.hza.15
Antiy-AVL 2.0.3.1 2009.06.08 Trojan/Win32.CodecPack
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.08 Downloader.Zlob.ANDE
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.08 -
Comodo 1289 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 Trojan.DownLoad.38156
eSafe 7.0.17.0 2009.06.07 -
eTrust-Vet 31.6.6548 2009.06.08 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.08 Trojan-Downloader.Win32.CodecPack.hza
Fortinet 3.117.0.0 2009.06.08 W32/BQI.HZA!tr.dldr
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 Trojan-Downloader.Win32.CodecPack.hza
McAfee 5640 2009.06.08 Downloader-BQI
McAfee+Artemis 5640 2009.06.08 Downloader-BQI
McAfee-GW-Edition 6.7.6 2009.06.09 Trojan.Dldr.CodecPack.hza.15
Microsoft 1.4701 2009.06.08 TrojanDownloader:Win32/Renos.IP
NOD32 4139 2009.06.08 Win32/TrojanDownloader.FakeAlert.ACE
Norman 6.01.09 2009.06.08 W32/DLoader.OWME
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.08 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.09 Medium Risk Malware
Rising 21.33.10.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 -
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 Downloader.MisleadApp
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 TROJ_CODECPAC.AM
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1774 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -

Дополнительная информация
File size: 96253 bytes
MD5...: 53d1428bfcd60491aa9421cdb0b8b5cd
SHA1..: 8e33282c77a6f1ce5882335b7298958140c5a79c
SHA256: 30cad740bb15d3834eca7b65acc5d39611480d698aa50c8dfb e296ad578ea80e
ssdeep: -
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)

Файл softwarefortubeview.45013.exe получен 2009.06.09 04:39:17 (UTC)
Текущий статус: закончено
Результат: 7/40 (17.5%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.08 -
AntiVir 7.9.0.180 2009.06.08 -
Antiy-AVL 2.0.3.1 2009.06.08 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.08 Generic13.BECY
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.08 -
Comodo 1289 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 -
eSafe 7.0.17.0 2009.06.07 -
eTrust-Vet 31.6.6548 2009.06.08 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.08 -
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 Trojan-Downloader.Win32.FraudLoad.epc
McAfee 5640 2009.06.08 Downloader-BQI
McAfee+Artemis 5640 2009.06.08 Downloader-BQI
McAfee-GW-Edition 6.7.6 2009.06.09 -
Microsoft 1.4701 2009.06.08 -
NOD32 4139 2009.06.08 -
Norman 6.01.09 2009.06.08 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.08 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.09 High Risk Cloaked Malware
Rising 21.33.10.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 Mal/FakeAV-AY
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 Trojan.Zlob
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1774 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -

Дополнительная информация
File size: 80073 bytes
MD5...: 465502cf982f73cc36fcb489fe842db8
SHA1..: 6de7c78be853ef4962e4df29e7eaf799c866cd97
SHA256: e8f4d8bd8ee4f75c36d99c8a2ae12d5130ea5c2e1a1531e984 cefcc874c8b6af
ssdeep: -
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)

Файл tmp62.exe получен 2009.06.09 04:39:25 (UTC)
Текущий статус: закончено
Результат: 12/40 (30%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.18 2009.06.09 Trojan.Win32.Tdss!IK
AhnLab-V3 5.0.0.2 2009.06.08 -
AntiVir 7.9.0.180 2009.06.08 SPR/Tool.Obfuscator.ET.5
Antiy-AVL 2.0.3.1 2009.06.08 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.08 Injector.EH
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.08 -
Comodo 1289 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 BackDoor.Tdss.235
eSafe 7.0.17.0 2009.06.07 Suspicious File
eTrust-Vet 31.6.6548 2009.06.08 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.08 Trojan.Win32.TDSS.agmf
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 Trojan.Win32.TDSS.agmf
McAfee 5640 2009.06.08 -
McAfee+Artemis 5640 2009.06.08 Artemis!8210F79EBBB7
McAfee-GW-Edition 6.7.6 2009.06.09 Riskware.Tool.Obfuscator.ET.5
Microsoft 1.4701 2009.06.08 VirTool:Win32/Obfuscator.ET
NOD32 4139 2009.06.08 a variant of Win32/Kryptik.RQ
Norman 6.01.09 2009.06.08 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.08 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.09 Medium Risk Malware
Rising 21.33.10.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 -
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1774 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -

Дополнительная информация
File size: 91648 bytes
MD5...: 8210f79ebbb7fb95ca735b8a25b164f1
SHA1..: b4b3bd927efe143f117b2afbb084d4958932b4de
SHA256: a958cac8bb97344b1153582cfbb6b54746b6f0ce7762a71063 2c3d1708201fe9
ssdeep: -
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Файл pcdef.exe получен 2009.06.09 04:41:40 (UTC)
Текущий статус: закончено
Результат: 11/40 (27.5%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.08 -
AntiVir 7.9.0.180 2009.06.08 -
Antiy-AVL 2.0.3.1 2009.06.08 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.08 -
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.06.09 -
Comodo 1289 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 Trojan.Fakealert.4128
eSafe 7.0.17.0 2009.06.07 Suspicious File
eTrust-Vet 31.6.6548 2009.06.08 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.08 -
Fortinet 3.117.0.0 2009.06.08 Misc/FakeAlert
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 -
McAfee 5640 2009.06.08 FakeAlert-CM
McAfee+Artemis 5640 2009.06.08 FakeAlert-CM
McAfee-GW-Edition 6.7.6 2009.06.09 Trojan.LooksLike.Dropper
Microsoft 1.4701 2009.06.08 -
NOD32 4139 2009.06.08 Win32/Adware.WinPCDefender
Norman 6.01.09 2009.06.08 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.08 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.09 Medium Risk Malware
Rising 21.33.10.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.06.09 FraudTool.Win32.RogueSecurity (v)
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1774 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -

Дополнительная информация
File size: 1022976 bytes
MD5...: 30a043aacec88b00e78686c239961661
SHA1..: 1ed15d677d19ab9c7a4244f767bf9b0b973b7ce7
SHA256: b9be93c3c37292cc26207a155f413118be21ccecfd3a517727 62056196d2dced
ssdeep: -
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

Исследование антивирусов 7

Опции темы

Похожие темы

Исследование антивирусов 6

Исследование антивирусов 5

Исследование антивирусов 4

Исследование антивирусов 3

Исследование антивирусов 2

Метки для этой темы

Ваши права в разделе