Исследование антивирусов 7

**Surfer** · 16.07.2009, 20:21

File SecureZIP.12.2.exe received on 2009.07.16 15:43:22 (UTC)
Result: 13/41 (31.71%)

a-squared 4.5.0.24 2009.07.16 Trojan.Win32.Alureon!IK
AhnLab-V3 5.0.0.2 2009.07.16 -
AntiVir 7.9.0.215 2009.07.16 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.07.16 -
Authentium 5.1.2.4 2009.07.16 -
Avast 4.8.1335.0 2009.07.16 NSIS:Fasec-AR
AVG 8.5.0.387 2009.07.16 -
BitDefender 7.2 2009.07.16 -
CAT-QuickHeal 10.00 2009.07.16 -
ClamAV 0.94.1 2009.07.16 -
Comodo 1671 2009.07.16 -
DrWeb 5.0.0.12182 2009.07.16 -
eSafe 7.0.17.0 2009.07.16 Suspicious File
eTrust-Vet 31.6.6617 2009.07.15 -
F-Prot 4.4.4.56 2009.07.16 -
F-Secure 8.0.14470.0 2009.07.16 Packed.Win32.Tdss.w
Fortinet 3.120.0.0 2009.07.16 -
GData 19 2009.07.16 NSIS:Fasec-AR
Ikarus T3.1.1.64.0 2009.07.16 Trojan.Win32.Alureon
Jiangmin 11.0.800 2009.07.16 Trojan/TDSS.daa
K7AntiVirus 7.10.793 2009.07.15 -
Kaspersky 7.0.0.125 2009.07.16 -
McAfee 5677 2009.07.15 -
McAfee+Artemis 5677 2009.07.15 -
McAfee-GW-Edition 6.8.5 2009.07.16 Trojan.Dropper.Gen
Microsoft 1.4803 2009.07.16 Trojan:Win32/Alureon.gen!J
NOD32 4250 2009.07.16 a variant of Win32/Kryptik.YR
Norman 6.01.09 2009.07.16 -
nProtect 2009.1.8.0 2009.07.16 -
Panda 10.0.0.14 2009.07.15 -
PCTools 4.4.2.0 2009.07.16 -
Prevx 3.0 2009.07.16 Medium Risk Malware
Rising 21.38.34.00 2009.07.16 -
Sophos 4.43.0 2009.07.16 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.07.16 -
Symantec 1.4.4.12 2009.07.16 -
TheHacker 6.3.4.3.368 2009.07.15 -
TrendMicro 8.950.0.1094 2009.07.16 -
VBA32 3.12.10.8 2009.07.15 -
ViRobot 2009.7.16.1839 2009.07.16 -
VirusBuster 4.6.5.0 2009.07.16 -

http://www.virustotal.com/analisis/f...1bd-1247759002

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**ALEX(XX)** · 16.07.2009, 21:51

File sdra64.exe received on 2009.07.16 17:41:52 (UTC)

Код:

Antivirus	Version	Last Update	Result
a-squared	4.5.0.24	2009.07.16	-
AhnLab-V3	5.0.0.2	2009.07.16	-
AntiVir	7.9.0.220	2009.07.16	TR/Crypt.ZPACK.Gen
Antiy-AVL	2.0.3.7	2009.07.16	-
Authentium	5.1.2.4	2009.07.16	-
Avast	4.8.1335.0	2009.07.16	Win32:MalOb-A
AVG	8.5.0.387	2009.07.16	Win32/Cryptor
BitDefender	7.2	2009.07.16	Gen:Trojan.Heur.Hype.90A35C5C5C
CAT-QuickHeal	10.00	2009.07.16	-
ClamAV	0.94.1	2009.07.16	-
Comodo	1672	2009.07.16	-
DrWeb	5.0.0.12182	2009.07.16	-
eSafe	7.0.17.0	2009.07.16	-
eTrust-Vet	31.6.6617	2009.07.15	-
F-Prot	4.4.4.56	2009.07.16	-
F-Secure	8.0.14470.0	2009.07.16	Trojan-Spy.Win32.Zbot.gen
Fortinet	3.120.0.0	2009.07.16	-
GData	19	2009.07.16	Gen:Trojan.Heur.Hype.90A35C5C5C
Ikarus	T3.1.1.64.0	2009.07.16	-
Jiangmin	11.0.800	2009.07.16	-
K7AntiVirus	7.10.794	2009.07.16	Trojan-Spy.Win32.Zbot.gen
Kaspersky	7.0.0.125	2009.07.16	Trojan-Spy.Win32.Zbot.gen
McAfee	5678	2009.07.16	-
McAfee+Artemis	5678	2009.07.16	-
McAfee-GW-Edition	6.8.5	2009.07.16	Trojan.Crypt.ZPACK.Gen
Microsoft	1.4803	2009.07.16	PWS:Win32/Zbot.gen!R
NOD32	4250	2009.07.16	a variant of Win32/Kryptik.TL
Norman	6.01.09	2009.07.16	W32/Zbot.ESV
nProtect	2009.1.8.0	2009.07.16	-
Panda	10.0.0.14	2009.07.16	-
PCTools	4.4.2.0	2009.07.16	-
Prevx	3.0	2009.07.16	-
Rising	21.38.34.00	2009.07.16	-
Sophos	4.43.0	2009.07.16	Mal/Zbot-O
Sunbelt	3.2.1858.2	2009.07.16	Trojan-Spy.Win32.Zbot.gen (v)
Symantec	1.4.4.12	2009.07.16	Packed.Generic.232
TheHacker	6.3.4.3.368	2009.07.15	-
TrendMicro	8.950.0.1094	2009.07.16	-
VBA32	3.12.10.8	2009.07.15	-
ViRobot	2009.7.16.1839	2009.07.16	-
VirusBuster	4.6.5.0	2009.07.16	-

Код:

Additional information
File size: 156160 bytes
MD5...: f7cd54f260e52fb08dc7f38db11bb34a
SHA1..: 99c40ae7bdaa1d287178a6bb713281d543369a54
SHA256: 748ac452367616eb940189dee2caba47d7030f3ebf4151972a55da6b309d462e
ssdeep: 3072:VMrS7qraRKxp/0mrAu6hwImYKmAJOIN39+wYC6LdiBxrBQv4naihOvE25:S<BR>MKxWmrAthwIU7OINt+QNxr+7vEi<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (42.3%)<BR>Win32 Dynamic Link Library (generic) (37.6%)<BR>Generic Win/DOS Executable (9.9%)<BR>DOS Executable Generic (9.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x8787<BR>timedatestamp.....: 0x48defc33 (Sun Sep 28 03:38:27 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xea70 0xec00 7.27 b197c185c06657282ce7f4e6a071c866<BR>.rdata 0x10000 0x13a8 0x1400 5.63 55a5cbaae3794760187605f491e46a6d<BR>.data 0x12000 0x40af 0x200 2.23 aad0214b1ece39af48ce1dfb9d061b14<BR><BR>( 4 imports ) <BR>&gt; ADVAPI32.dll: StartServiceCtrlDispatcherW, RegEnumKeyExA, GetAuditedPermissionsFromAclA, RegGetKeySecurity, FreeSid, InitiateSystemShutdownA, CryptContextAddRef, SetNamedSecurityInfoExW, GetCurrentHwProfileW, LookupAccountSidA, LookupAccountNameW, RegLoadKeyW, RegisterEventSourceW, BuildTrusteeWithSidW, DuplicateTokenEx, RegSaveKeyW, QueryServiceConfigA, CryptCreateHash, LookupAccountNameA, GetMultipleTrusteeA, SetFileSecurityW, CloseServiceHandle, MakeAbsoluteSD, CryptAcquireContextA, AccessCheck, RegSetKeySecurity, AccessCheckAndAuditAlarmW, RegOpenKeyExW, GetSecurityDescriptorLength, LookupSecurityDescriptorPartsW, ConvertSecurityDescriptorToAccessA, RegConnectRegistryA, SetAclInformation, OpenEventLogW, GetFileSecurityA, RegCloseKey, RegQueryValueExA, RegQueryMultipleValuesW, RegDeleteKeyA, SetNamedSecurityInfoExA<BR>&gt; KERNEL32.dll: GetProcessHeap, GetDefaultCommConfigA, GetProcessShutdownParameters, Module32Next, Thread32Next, lstrcmp, GetTempPathW, LCMapStringW, ConvertDefaultLocale, GetThreadContext, ReadConsoleInputA, TransmitCommChar, GetCPInfoExW, LocalAlloc, SetTapeParameters, SetThreadPriorityBoost, SetThreadContext, GetFileAttributesA, WaitNamedPipeA, FillConsoleOutputCharacterW, SetComputerNameW, CreateIoCompletionPort, CompareFileTime, PeekNamedPipe, FindResourceExW, CreateWaitableTimerA, CreateFileA, MoveFileW, LocalFree, GetPrivateProfileStructA, FatalAppExitW, OpenWaitableTimerA, EraseTape, WaitForSingleObjectEx, WaitForSingleObject, WriteFile, EnumDateFormatsExW, FoldStringA, VirtualProtect, VirtualAlloc<BR>&gt; SHLWAPI.dll: PathIsUNCW, SHRegDuplicateHKey, SHDeleteEmptyKeyW, SHIsLowMemoryMachine, SHAutoComplete, StrStrA, UrlUnescapeW, PathCanonicalizeA, UrlGetLocationA, PathAddExtensionA, PathIsSameRootA, PathMatchSpecW, StrChrA, SHRegEnumUSKeyA, PathAddExtensionW, PathFindSuffixArrayW, SHGetThreadRef, PathFileExistsA, PathGetCharTypeA, PathGetCharTypeW, StrSpnA, PathFindExtensionA, PathUndecorateA, SHRegSetUSValueA, PathParseIconLocationW, UrlCombineA, wnsprintfA, PathIsUNCServerA, IntlStrEqWorkerA, SHRegQueryInfoUSKeyW, PathMakeSystemFolderW, PathRenameExtensionA, UrlUnescapeA, SHRegGetBoolUSValueA, SHCopyKeyW, PathCombineA, PathGetDriveNumberW, PathIsDirectoryW, SHRegEnumUSKeyW, SHRegEnumUSValueA, PathCommonPrefixA, SHRegDeleteUSValueA, StrRChrIW, PathGetArgsA, StrPBrkA, PathFindExtensionW, UrlEscapeW, PathIsUNCServerShareA, PathBuildRootA, PathIsDirectoryEmptyA, PathMakeSystemFolderA, PathIsContentTypeW, PathIsRelativeA<BR>&gt; ole32.dll: UtGetDvtd16Info, OleRegGetUserType, CoUnmarshalHresult, OleNoteObjectVisible, OleGetAutoConvert, OleQueryCreateFromData, OleMetafilePictFromIconAndLabel, OleConvertIStorageToOLESTREAM, CoInitialize, OleGetClipboard, StringFromIID, CoQueryReleaseObject, StgGetIFillLockBytesOnFile, CoQueryClientBlanket, OleIsCurrentClipboard, CoTaskMemFree, OleConvertOLESTREAMToIStorageEx, CoDosDateTimeToFileTime, CoFreeAllLibraries, OleCreateFromData, OleIsRunning, OleQueryLinkFromData, CreateDataCache, SetConvertStg, CoGetCurrentLogicalThreadId, CoMarshalHresult, OleSetClipboard, OleLoad, ProgIDFromCLSID, OleCreateLinkFromData, CoGetCurrentProcess, CoGetObject<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

**Surfer** · 17.07.2009, 18:43

Файл uwpifur.html получен 2009.07.17 13:29:43 (UTC)
Результат: 3/41 (7.32%)

a-squared 4.5.0.24 2009.07.17 -
AhnLab-V3 5.0.0.2 2009.07.17 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.17 -
Avast 4.8.1335.0 2009.07.16 HTML:IFrame-IE
AVG 8.5.0.387 2009.07.17 -
BitDefender 7.2 2009.07.17 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.17 -
Comodo 1679 2009.07.17 -
DrWeb 5.0.0.12182 2009.07.17 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6622 2009.07.17 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.17 -
Fortinet 3.120.0.0 2009.07.17 -
GData 19 2009.07.17 HTML:IFrame-IE
Ikarus T3.1.1.64.0 2009.07.17 -
Jiangmin 11.0.800 2009.07.17 -
K7AntiVirus 7.10.794 2009.07.16 -
Kaspersky 7.0.0.125 2009.07.17 -
McAfee 5678 2009.07.16 -
McAfee+Artemis 5678 2009.07.16 -
McAfee-GW-Edition 6.8.5 2009.07.17 Heuristic.BehavesLike.JS.CodeUnfolding.A
Microsoft 1.4803 2009.07.17 -
NOD32 4254 2009.07.17 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.17 -
Panda 10.0.0.14 2009.07.16 -
PCTools 4.4.2.0 2009.07.17 -
Prevx 3.0 2009.07.17 -
Rising 21.38.44.00 2009.07.17 -
Sophos 4.43.0 2009.07.17 -
Sunbelt 3.2.1858.2 2009.07.17 -
Symantec 1.4.4.12 2009.07.17 -
TheHacker 6.3.4.3.369 2009.07.16 -
TrendMicro 8.950.0.1094 2009.07.17 -
VBA32 3.12.10.8 2009.07.16 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -

http://www.virustotal.com/ru/analisi...f63-1247837383

**valho** · 17.07.2009, 21:51

File foto18.scr received on 2009.07.17 17:30:58 (UTC)
Current status: finished
Result: 9/40 (22.50%)

a-squared 4.5.0.24 2009.07.17 Trojan.Win32.FakeXPA!IK
AhnLab-V3 5.0.0.2 2009.07.17 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.17 -
Avast 4.8.1335.0 2009.07.17 -
AVG 8.5.0.387 2009.07.17 -
BitDefender 7.2 2009.07.17 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.17 -
Comodo 1681 2009.07.17 -
DrWeb 5.0.0.12182 2009.07.17 Trojan.MulDrop.30762
eSafe 7.0.17.0 2009.07.16 Suspicious File
eTrust-Vet 31.6.6622 2009.07.17 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.17 -
Fortinet 3.120.0.0 2009.07.17 -
GData 19 2009.07.17 -
Ikarus T3.1.1.64.0 2009.07.17 Trojan.Win32.FakeXPA
Jiangmin 11.0.800 2009.07.17 -
K7AntiVirus 7.10.794 2009.07.16 -
Kaspersky 7.0.0.125 2009.07.17 -
McAfee 5679 2009.07.17 New Malware.ix
McAfee+Artemis 5679 2009.07.17 Artemis!0BB14FB2F387
McAfee-GW-Edition 6.8.5 2009.07.17 -
Microsoft 1.4803 2009.07.17 TrojanDropper:Win32/Forcud.A
NOD32 4254 2009.07.17 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.17 -
PCTools 4.4.2.0 2009.07.17 -
Prevx 3.0 2009.07.17 High Risk Cloaked Malware
Rising 21.38.44.00 2009.07.17 Packer.Win32.Mian007.a
Sophos 4.43.0 2009.07.17 -
Sunbelt 3.2.1858.2 2009.07.17 -
Symantec 1.4.4.12 2009.07.17 -
TheHacker 6.3.4.3.369 2009.07.16 -
TrendMicro 8.950.0.1094 2009.07.17 -
VBA32 3.12.10.8 2009.07.16 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -

Additional information
File size: 196608 bytes
MD5 : 0bb14fb2f38777f6b64b60dc8f1978ce
SHA1 : 4be7e0e8a3a5753b75cf1a2cec9c17a8595469bf
SHA256: 6be4d1588541bc4a1826b1a52d3046ea6ad2e720a8b1a93c81 e97b793d09c8f1
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1187
timedatestamp.....: 0x373ADC16 (Thu May 13 16:05:10 1999)
machinetype.......: 0x14C (Intel I386)
http://info.prevx.com/aboutprogramte...52F7004167BEF2

**valho** · 19.07.2009, 00:44

File gsmlokator_nokia.jad received on 2009.07.18 20:43:03 (UTC)
Current status: finished
Result: 0/41 (0%)

a-squared 4.5.0.24 2009.07.18 -
AhnLab-V3 5.0.0.2 2009.07.18 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.18 -
Avast 4.8.1335.0 2009.07.18 -
AVG 8.5.0.387 2009.07.18 -
BitDefender 7.2 2009.07.18 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.18 -
Comodo 1695 2009.07.18 -
DrWeb 5.0.0.12182 2009.07.18 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6623 2009.07.18 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.18 -
Fortinet 3.120.0.0 2009.07.18 -
GData 19 2009.07.18 -
Ikarus T3.1.1.64.0 2009.07.18 -
Jiangmin 11.0.800 2009.07.18 -
K7AntiVirus 7.10.796 2009.07.18 -
Kaspersky 7.0.0.125 2009.07.18 -
McAfee 5680 2009.07.18 -
McAfee+Artemis 5680 2009.07.18 -
McAfee-GW-Edition 6.8.5 2009.07.18 -
Microsoft 1.4803 2009.07.18 -
NOD32 4257 2009.07.18 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.18 -
Panda 10.0.0.14 2009.07.18 -
PCTools 4.4.2.0 2009.07.18 -
Prevx 3.0 2009.07.18 -
Rising 21.38.52.00 2009.07.18 -
Sophos 4.43.0 2009.07.18 -
Sunbelt 3.2.1858.2 2009.07.18 -
Symantec 1.4.4.12 2009.07.18 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.18 -
VBA32 3.12.10.8 2009.07.17 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -

Additional information
File size: 394 bytes
MD5...: f4b911f5a6922dfa86cbad1b5751f5d5
SHA1..: 2534a0e3ba2750adf82b47fbc10158e153a1859c
SHA256: a2bfeed9aa5962f32a4171436cee7ba6b58a86972636f7fca9 ca64a9859ca6b6
ssdeep: 6:1KItJtf9FyuF35rB9oU+KMIgzB9ovXe2nkfSUu9VtUqYoESl eOdaivv:1Tt/ff
xp5tX+KVSMX+u9VOFMleOfvv
PEiD..: -
TrID..: File type identification
Java Manifest (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

**VirCode** · 21.07.2009, 12:59

Нашёл на работе в папке %USERPROFILE%

Файл User.exe получен 2009.07.21 09:00:24 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.21 -
AhnLab-V3 5.0.0.2 2009.07.21 Win-Trojan/Downloader.39424.CQ
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.21 -
Avast 4.8.1335.0 2009.07.20 -
AVG 8.5.0.387 2009.07.20 Downloader.Generic8.BCXT
BitDefender 7.2 2009.07.21 -
CAT-QuickHeal 10.00 2009.07.21 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.07.21 -
Comodo 1723 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.21 -
eSafe 7.0.17.0 2009.07.20 -
eTrust-Vet 31.6.6629 2009.07.21 -
F-Prot 4.4.4.56 2009.07.20 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.21 Misc/Renos
GData 19 2009.07.21 -
Ikarus T3.1.1.64.0 2009.07.21 -
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.797 2009.07.20 -
Kaspersky 7.0.0.125 2009.07.21 Hoax.Win32.Renos.vcgo
McAfee 5682 2009.07.20 -
McAfee+Artemis 5682 2009.07.20 -
McAfee-GW-Edition 6.8.5 2009.07.21 -
Microsoft 1.4803 2009.07.21 VirTool:Win32/Obfuscator.ES
NOD32 4262 2009.07.20 -
Norman 6.01.09 2009.07.20 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.20 Suspicious file
PCTools 4.4.2.0 2009.07.20 -
Prevx 3.0 2009.07.21 High Risk Cloaked Malware
Rising 21.39.10.00 2009.07.21 -
Sophos 4.43.0 2009.07.21 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.21 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.21 -
VBA32 3.12.10.8 2009.07.21 -
ViRobot 2009.7.21.1844 2009.07.21 -
VirusBuster 4.6.5.0 2009.07.20 -

File size: 39424 bytes
MD5...: e17a03336c1db4cfa0f83a1de511efe7
SHA1..: 4de1074c88cb6fb3f432dd2cbf2884100d2ad6a9
SHA256: 0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d5 6d75be1b0ecb00
ssdeep: 768:b4doDtuG3FBR8GXMz5Fi/XzdqAjSomBg:b4uJuG3/R8GXkFlAjSoM
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

P.S: http://camas.comodo.com/cgi-bin/subm...6d75be1b0ecb00

**valho** · 22.07.2009, 08:53

File syschost.exe received on 2009.07.22 04:43:54 (UTC)
Current status: finished
Result: 4/41 (9.76%)

a-squared 4.5.0.24 2009.07.22 Trojan-Dropper.Agent!IK
AhnLab-V3 5.0.0.2 2009.07.21 -
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.22 -
Avast 4.8.1335.0 2009.07.21 -
AVG 8.5.0.387 2009.07.21 -
BitDefender 7.2 2009.07.22 -
CAT-QuickHeal 10.00 2009.07.21 -
ClamAV 0.94.1 2009.07.22 -
Comodo 1729 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.22 -
eSafe 7.0.17.0 2009.07.21 Suspicious File
eTrust-Vet 31.6.6632 2009.07.22 -
F-Prot 4.4.4.56 2009.07.21 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.22 -
GData 19 2009.07.22 -
Ikarus T3.1.1.64.0 2009.07.22 Trojan-Dropper.Agent
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.798 2009.07.21 -
Kaspersky 7.0.0.125 2009.07.22 -
McAfee 5683 2009.07.21 -
McAfee+Artemis 5683 2009.07.21 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4265 2009.07.21 -
Norman 6.01.09 2009.07.21 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.21 -
PCTools 4.4.2.0 2009.07.21 -
Prevx 3.0 2009.07.22 -
Rising 21.39.20.00 2009.07.22 -
Sophos 4.43.0 2009.07.22 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.22 -
TheHacker 6.3.4.3.372 2009.07.21 -
TrendMicro 8.950.0.1094 2009.07.21 PAK_Generic.001
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.22.1846 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.21 -

dditional information
File size: 18432 bytes
MD5...: c5640feb5a62af27c4ae0efdf75c54c1
SHA1..: 421a9c1fe8bb604dee24f4a85c40695c8ef03f59
SHA256: eae88ba28b1c86e776a37f163c264b4b230b7788155ddf782a 487b50733a59f8
ssdeep: 384:fy+x6lI2M/1EJRPjTlm1sxsB8bdhzoZlV73kYkheTj3w4:ff6JRI1sqche70
zheJ
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xfda0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

File explopep.exe received on 2009.07.22 04:44:21 (UTC)
Current status: finished
Result: 2/41 (4.88%)

a-squared 4.5.0.24 2009.07.22 -
AhnLab-V3 5.0.0.2 2009.07.21 -
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.22 -
Avast 4.8.1335.0 2009.07.21 -
AVG 8.5.0.387 2009.07.21 -
BitDefender 7.2 2009.07.22 -
CAT-QuickHeal 10.00 2009.07.21 -
ClamAV 0.94.1 2009.07.22 -
Comodo 1729 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.22 -
eSafe 7.0.17.0 2009.07.21 Suspicious File
eTrust-Vet 31.6.6632 2009.07.22 -
F-Prot 4.4.4.56 2009.07.21 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.22 -
GData 19 2009.07.22 -
Ikarus T3.1.1.64.0 2009.07.22 -
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.798 2009.07.21 -
Kaspersky 7.0.0.125 2009.07.22 -
McAfee 5683 2009.07.21 -
McAfee+Artemis 5683 2009.07.21 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4265 2009.07.21 -
Norman 6.01.09 2009.07.21 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.21 -
PCTools 4.4.2.0 2009.07.21 -
Prevx 3.0 2009.07.22 -
Rising 21.39.20.00 2009.07.22 -
Sophos 4.43.0 2009.07.22 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.22 -
TheHacker 6.3.4.3.372 2009.07.21 -
TrendMicro 8.950.0.1094 2009.07.21 PAK_Generic.001
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.22.1846 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.21 -

Additional information
File size: 19968 bytes
MD5...: 7be149ee77fa31b3f8bab455937ac76f
SHA1..: 1b226b0ef31388ebe23421ec566dc14e2d57aa6e
SHA256: 9b05fb900ef5744cded0a53ed024fdb5b79becfdd6b03c9a71 c7b1a8c7151348
ssdeep: 384:Pd916tjMZUcCdOSMIOu5TFpTJ1jMBtdfir81LGDYVpmzl8 :P/1cjeU0AOu5x
r5M/daOJ0
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x112d0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

**valho** · 23.07.2009, 07:06

File WindoFixSetup.exe received on 2009.07.23 02:33:50 (UTC)
Current status: finished
Result: 0/40 (0%)

a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.22 -
AntiVir 7.9.0.222 2009.07.22 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
CAT-QuickHeal 10.00 2009.07.22 -
ClamAV 0.94.1 2009.07.23 -
Comodo 1738 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.22 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
McAfee 5684 2009.07.22 -
McAfee+Artemis 5684 2009.07.22 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4268 2009.07.23 -
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
Rising 21.39.24.00 2009.07.22 -
Sophos 4.44.0 2009.07.23 -
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.22 -
ViRobot 2009.7.22.1847 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.22 -

File size: 1192959 bytes
MD5...: 12a351a1efce6b76bab9f66e41f8343b
SHA1..: 4215e12971ef73057f0354a0b2abbeadaeb51251
SHA256: 6f74cc72c14659467ede114873cb8d8ee53295f5f87af19e3c 4d456c3d628aac
ssdeep: 24576:v2U3grE9z9ZWn9HGpYVViu60r0otygrOeWKgXsxtiCn1 tN8YaXag:v2w2E
99cntGpYVVH6O0oRHkcXJbhaV
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x9a58
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

Добавлено через 31 минуту

Файл RegDefense.exe получен 2009.07.23 02:54:49 (UTC)
Результат: 1/41 (2.44%)

a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.22 -
AntiVir 7.9.0.222 2009.07.22 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
CAT-QuickHeal 10.00 2009.07.22 -
ClamAV 0.94.1 2009.07.23 -
Comodo 1738 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.22 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
McAfee 5684 2009.07.22 -
McAfee+Artemis 5684 2009.07.22 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4268 2009.07.23 -
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
Rising 21.39.24.00 2009.07.22 -
Sophos 4.44.0 2009.07.23 PsKill
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.22 -
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.23.1848 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -

File size: 2018352 bytes
MD5...: e172a33b36458384f2422f2b4c65c2fb
SHA1..: 2f6a891b2fca21f6e03c318e88306e03eef3bc83
SHA256: c23ef87124181107bba9b0a9a2d6891839511d2bf3626342e0 fdd8f195ef237c
ssdeep: 49152:pIAJPWQJKWDW+BRxj+v2HDHkPrKQhzVGRXEVF8qMXf:p rJP3KWDlBCvUHs
rKQDMUVF8qe
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x323c
timedatestamp.....: 0x49a05a1a (Sat Feb 21 19:46:34 2009)
machinetype.......: 0x14c (I386)

**ALEX(XX)** · 23.07.2009, 13:40

Свяжак
Файл avz00007.dta получен 2009.07.23 09:34:03 (UTC)

Код:

Антивирус    Версия    Обновление    Результат
a-squared    4.5.0.24    2009.07.23    -
AhnLab-V3    5.0.0.2    2009.07.23    -
AntiVir    7.9.0.228    2009.07.23    TR/Dropper.Gen
Antiy-AVL    2.0.3.7    2009.07.23    -
Authentium    5.1.2.4    2009.07.23    -
Avast    4.8.1335.0    2009.07.22    -
AVG    8.5.0.387    2009.07.22    -
BitDefender    7.2    2009.07.23    -
CAT-QuickHeal    10.00    2009.07.23    (Suspicious) - DNAScan
ClamAV    0.94.1    2009.07.23    -
Comodo    1741    2009.07.23    -
DrWeb    5.0.0.12182    2009.07.23    -
eSafe    7.0.17.0    2009.07.21    -
eTrust-Vet    31.6.6634    2009.07.22    -
F-Prot    4.4.4.56    2009.07.22    -
F-Secure    8.0.14470.0    2009.07.23    -
Fortinet    3.120.0.0    2009.07.23    -
GData    19    2009.07.23    -
Ikarus    T3.1.1.64.0    2009.07.23    -
Jiangmin    11.0.800    2009.07.23    -
K7AntiVirus    7.10.799    2009.07.22    -
Kaspersky    7.0.0.125    2009.07.23    -
McAfee    5684    2009.07.22    FakeAlert-DZ
McAfee+Artemis    5684    2009.07.22    FakeAlert-DZ
McAfee-GW-Edition    6.8.5    2009.07.23    Trojan.Dropper.Gen
Norman    6.01.09    2009.07.22    -
nProtect    2009.1.8.0    2009.07.23    -
Panda    10.0.0.14    2009.07.22    -
PCTools    4.4.2.0    2009.07.22    -
Prevx    3.0    2009.07.23    -
Rising    21.39.32.00    2009.07.23    Unknown Win32 Virus
Sophos    4.44.0    2009.07.23    -
Sunbelt    3.2.1858.2    2009.07.22    -
Symantec    1.4.4.12    2009.07.23    -
TheHacker    6.3.4.3.372    2009.07.23    -
TrendMicro    8.950.0.1094    2009.07.23    -
VBA32    3.12.10.9    2009.07.23    -
ViRobot    2009.7.23.1849    2009.07.23    -
VirusBuster    4.6.5.0    2009.07.22    -

Код:

Дополнительная информация
File size: 742482 bytes
MD5...: 42893aa9d384edcbc1a9ca032f3ab490
SHA1..: bdd61934d7515b7a0096bcf293bf6cfab5cf8f3d
SHA256: a3620607e76385d0e2b3c8ad570a3622954df3b76ca96772450f1f3d36cc4759
ssdeep: 12288:QTC1mFBuXfXQ9sHc7rmfTwl0IbZfKrVxNIok51r6Jm:Qe1lpc7rmfT0b8B<br>Aam<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0xb2388<br>timedatestamp.....: 0x470a9cb6 (Mon Oct 08 21:10:14 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name        viradd    virsiz   rawdsiz  ntrpy  md5<br>.text       0x1000  0x15d000   0xb3e00   7.21  75112b42922338fd2df30e5a9ab440b7<br>.data     0x15e000    0x1000     0x200   0.00  bf619eac0cdf3f68d496ea9344137e8b<br>.rdata    0x15f000    0x1000     0xc00   4.80  e2fa41bfcd45e3b2d083bea433814491<br>.rsrc     0x160000    0x1000     0x400   3.02  e10879d0fd2c52238d8d79e944ed807c<br><br>( 2 imports )  <br>&gt; KERNEL32.DLL: GetModuleFileNameA, InterlockedIncrement, GetCurrentProcess, GetSystemTimeAsFileTime, GetModuleFileNameW, InterlockedCompareExchange, LoadLibraryA, VirtualAlloc, GetProcAddress, GetProcAddress, HeapDestroy, GetProcessHeap, HeapDestroy, UnhandledExceptionFilter, DisableThreadLibraryCalls, GetModuleHandleA, GetTickCount, GetProcAddress, HeapDestroy, InterlockedDecrement, GetModuleFileNameA, EnterCriticalSection, InterlockedIncrement, lstrcmpiW, GetModuleFileNameW, InterlockedExchange, LocalFree, EnterCriticalSection, LoadLibraryA, GetModuleFileNameA, EnterCriticalSection, HeapFree, QueryPerformanceCounter, CloseHandle, LeaveCriticalSection, lstrlenA, GetModuleHandleW, lstrlenA, LocalFree, Sleep, EnterCriticalSection, CreateEventW, HeapFree, CreateFileW, HeapDestroy, GetModuleFileNameW, lstrcmpiW, QueryPerformanceCounter, UnhandledExceptionFilter, SetLastError, UnhandledExceptionFilter, ReadFile, GetTickCount<br>&gt; USER32.DLL: BeginPaint, EndPaint, PostQuitMessage, MessageBoxW, SendMessageW, KillTimer, DialogBoxParamW, SetForegroundWindow, GetDesktopWindow, GetWindowLongW, SetDlgItemTextW, DispatchMessageW, BeginPaint, GetDlgItem, EndDialog, DefWindowProcW, CreateWindowExW, DialogBoxParamW, GetSysColor, SetTimer, IsWindow, DialogBoxParamW, IsDlgButtonChecked, KillTimer, GetDesktopWindow, SetWindowLongW, PostQuitMessage, EnableWindow, SetWindowPos, GetDC, KillTimer, SetDlgItemTextW, SetWindowPos, ReleaseDC, ReleaseDC, PostQuitMessage, CreateWindowExW, LoadCursorW, GetClientRect, GetSysColor, SetWindowLongW, TranslateMessage, SendDlgItemMessageW, GetDesktopWindow, wsprintfA, GetDesktopWindow, SetCursor, GetFocus, LoadIconW, InvalidateRect, TranslateMessage, LoadStringW, SetTimer, PostQuitMessage, BeginPaint<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-

Добавлено через 8 минут

Файл avz00006.dta получен 2009.07.23 09:43:29 (UTC)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.5.0.24	2009.07.23	Email-Worm.Win32.Iksmas!IK
AhnLab-V3	5.0.0.2	2009.07.23	-
AntiVir	7.9.0.228	2009.07.23	-
Antiy-AVL	2.0.3.7	2009.07.23	-
Authentium	5.1.2.4	2009.07.23	-
Avast	4.8.1335.0	2009.07.22	-
AVG	8.5.0.387	2009.07.23	PSW.Generic7.SFW
BitDefender	7.2	2009.07.23	-
CAT-QuickHeal	10.00	2009.07.23	(Suspicious) - DNAScan
ClamAV	0.94.1	2009.07.23	-
Comodo	1741	2009.07.23	-
DrWeb	5.0.0.12182	2009.07.23	Trojan.Spambot.4331
eSafe	7.0.17.0	2009.07.21	-
eTrust-Vet	31.6.6634	2009.07.22	-
F-Prot	4.4.4.56	2009.07.22	-
F-Secure	8.0.14470.0	2009.07.23	Email-Worm.Win32.Iksmas.dgr
Fortinet	3.120.0.0	2009.07.23	W32/Iksmas.DGR@mm
GData	19	2009.07.23	-
Ikarus	T3.1.1.64.0	2009.07.23	Email-Worm.Win32.Iksmas
Jiangmin	11.0.800	2009.07.23	-
K7AntiVirus	7.10.799	2009.07.22	-
Kaspersky	7.0.0.125	2009.07.23	Email-Worm.Win32.Iksmas.dgr
McAfee	5684	2009.07.22	-
McAfee+Artemis	5684	2009.07.22	Artemis!7329B2096B15
McAfee-GW-Edition	6.8.5	2009.07.23	Heuristic.BehavesLike.Win32.Packed.I
Microsoft	1.4903	2009.07.23	Trojan:Win32/Waledac.gen!A
NOD32	4269	2009.07.23	a variant of Win32/Waledac.KA
Norman	6.01.09	2009.07.22	-
nProtect	2009.1.8.0	2009.07.23	-
Panda	10.0.0.14	2009.07.22	Trj/CI.A
PCTools	4.4.2.0	2009.07.22	-
Prevx	3.0	2009.07.23	Medium Risk Malware
Rising	21.39.32.00	2009.07.23	Unknown Win32 Virus
Sophos	4.44.0	2009.07.23	Mal/WaledPak-H
Sunbelt	3.2.1858.2	2009.07.22	Email-Worm.Win32.Waledac.Gen (v)
Symantec	1.4.4.12	2009.07.23	-
TheHacker	6.3.4.3.372	2009.07.23	-
TrendMicro	8.950.0.1094	2009.07.23	-
VBA32	3.12.10.9	2009.07.23	-
ViRobot	2009.7.23.1849	2009.07.23	-
VirusBuster	4.6.5.0	2009.07.22	-

Код:

Дополнительная информация
File size: 498688 bytes
MD5...: 7329b2096b156842c7bd576b1918ec58
SHA1..: 56a6d2634f2759b425e3cc20c0c51bedd1664aac
SHA256: 8f5c16bc2b368cc4dbea79a7a84151b454f9a8dc7405e615af585b9883f9e2ff
ssdeep: 12288:0qy5DTAlioxxYRr5BeQPbd4kJqG1TskXiIedH:0qG3AlioxEfPbd4kJqwM<br>bd<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x76804<br>timedatestamp.....: 0x435eac41 (Tue Oct 25 22:05:53 2005)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name        viradd    virsiz   rawdsiz  ntrpy  md5<br>.text       0x1000   0xf3000   0x78600   7.22  ef8c82cbc04d20d825f48695fae1836f<br>.data      0xf4000    0x1000     0x200   0.00  bf619eac0cdf3f68d496ea9344137e8b<br>.rdata     0xf5000    0x1000     0xc00   4.49  f17d28d20a8d830c8416c375a6cf939d<br>.rsrc      0xf6000    0x1000     0x400   2.98  f060e5acc6c09b946f5c69aacf27f77c<br><br>( 2 imports )  <br>&gt; KERNEL32.DLL: LocalFree, InterlockedExchange, GetCurrentProcessId, MultiByteToWideChar, GetProcAddress, GetCurrentThreadId, MultiByteToWideChar, GetModuleHandleA, InterlockedExchange, SetLastError, LeaveCriticalSection, QueryPerformanceCounter, Sleep, HeapFree, InterlockedCompareExchange, HeapFree, GetTickCount, GetProcessHeap, FreeLibrary, DisableThreadLibraryCalls, UnhandledExceptionFilter, LocalFree, ReadFile, GetCurrentProcessId, GetModuleFileNameW, GetCurrentProcessId, UnhandledExceptionFilter, ReadFile, UnhandledExceptionFilter, FreeLibrary, GetProcAddress, LoadLibraryW, GetCurrentProcessId, GetCurrentProcessId, GetProcAddress, HeapDestroy, GetModuleFileNameA, VirtualAlloc, InterlockedIncrement, CreateFileW, VirtualAlloc, LoadLibraryA, HeapFree, LocalFree, UnhandledExceptionFilter, HeapFree, LoadLibraryW, LoadLibraryA, LocalFree, GetTickCount<br>&gt; USER32.DLL: LoadIconW, SetTimer, LoadStringW, KillTimer, DestroyWindow, PostQuitMessage, DestroyWindow, DialogBoxParamW, SetFocus, wsprintfA, SendDlgItemMessageW, ReleaseDC, GetFocus, GetParent, PostMessageW, ReleaseDC, IsDlgButtonChecked, InvalidateRect, SetWindowLongW, SetCursor, CreateWindowExW, GetSystemMetrics, PostQuitMessage, SetWindowTextW, SetForegroundWindow, EndDialog, LoadStringW, InvalidateRect, SetDlgItemTextW, GetWindowLongW, CreateWindowExW, SetTimer, IsWindow, wsprintfA, InvalidateRect, SetWindowLongW, PostQuitMessage, MessageBoxW, IsDlgButtonChecked, SendMessageW, LoadIconW, CharNextW, GetDlgItem, IsDlgButtonChecked, EnableWindow, SetForegroundWindow, EndPaint, SetCursor, TranslateMessage, GetWindowRect, IsWindow<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Prevx info: &lt;a href='http://info.prevx.com/aboutprogramtext.asp?PX5=AB6C3551001E40DA9C0E07ABED62FE00BBFD3571' target='_blank'&gt;http://info.prevx.com/aboutprogramtext.asp?PX5=AB6C3551001E40DA9C0E07ABED62FE00BBFD3571&lt;/a&gt;

**senyak** · 26.07.2009, 12:56

Файл PrivateContent.exe получен 2009.07.26 08:58:44 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.26 Trojan.Fake!IK
AhnLab-V3 5.0.0.2 2009.07.26 -
AntiVir 7.9.0.228 2009.07.24 TR/Fake.GoogleBar.2
Antiy-AVL 2.0.3.7 2009.07.24 -
Authentium 5.1.2.4 2009.07.25 -
Avast 4.8.1335.0 2009.07.25 -
AVG 8.5.0.387 2009.07.25 -
BitDefender 7.2 2009.07.26 -
CAT-QuickHeal 10.00 2009.07.25 -
ClamAV 0.94.1 2009.07.26 -
Comodo 1770 2009.07.26 -
DrWeb 5.0.0.12182 2009.07.26 -
eSafe 7.0.17.0 2009.07.23 -
eTrust-Vet 31.6.6640 2009.07.25 -
F-Prot 4.4.4.56 2009.07.25 -
F-Secure 8.0.14470.0 2009.07.25 AdWare.Win32.Cinmus.awbr
Fortinet 3.120.0.0 2009.07.26 -
GData 19 2009.07.26 -
Ikarus T3.1.1.64.0 2009.07.26 Trojan.Fake
Jiangmin 11.0.800 2009.07.26 -
K7AntiVirus 7.10.802 2009.07.25 -
Kaspersky 7.0.0.125 2009.07.26 not-a-virus:AdWare.Win32.Cinmus.awbr
McAfee 5688 2009.07.25 -
McAfee+Artemis 5688 2009.07.25 Artemis!1AA4A28552D9
McAfee-GW-Edition 6.8.5 2009.07.26 Heuristic.LooksLike.Trojan.Fake.GoogleBar.L
Microsoft 1.4903 2009.07.26 -
NOD32 4278 2009.07.26 a variant of Win32/Adware.BHO.NGL
Norman 6.01.09 2009.07.24 -
nProtect 2009.1.8.0 2009.07.26 -
Panda 10.0.0.14 2009.07.25 -
PCTools 4.4.2.0 2009.07.25 -
Prevx 3.0 2009.07.26 -
Rising 21.39.61.00 2009.07.26 -
Sophos 4.44.0 2009.07.26 -
Sunbelt 3.2.1858.2 2009.07.26 Adware.Cinmus
Symantec 1.4.4.12 2009.07.26 -
TheHacker 6.3.4.3.373 2009.07.24 -
TrendMicro 8.950.0.1094 2009.07.25 -
VBA32 3.12.10.9 2009.07.26 BScope.Trojan.Cinmus.54
ViRobot 2009.7.25.1853 2009.07.25 -
VirusBuster 4.6.5.0 2009.07.25 -

Дополнительная информация
File size: 99328 bytes
MD5...: 1aa4a28552d9cf24878c85914c3442e8
SHA1..: 68a542ea170bd52759aee48acd8ae68682328ac6
SHA256: c4e9963578075ee1b00d95bcc8a49496925183385dbb92e2dc 8fe0bd3ce0367a
ssdeep: 1536:B86UAPypaYOwPxWEMGwCcUTcDVsKdwfXpmydqjcfAp0dp v44H4YE:B86NhY
1mXUIRXwfXpmWYpgQl1
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...67a-1248598724

**senyak** · 28.07.2009, 22:38

Файл flash_player.exe получен 2009.07.28 18:37:35 (UTC)
Текущий статус: закончено
Результат: 5/41 (12.2%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.28 Trojan-Dropper!IK
AhnLab-V3 5.0.0.2 2009.07.28 -
AntiVir 7.9.0.234 2009.07.28 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.07.28 -
Authentium 5.1.2.4 2009.07.28 -
Avast 4.8.1335.0 2009.07.28 -
AVG 8.5.0.387 2009.07.28 -
BitDefender 7.2 2009.07.28 -
CAT-QuickHeal 10.00 2009.07.28 -
ClamAV 0.94.1 2009.07.28 -
Comodo 1796 2009.07.28 -
DrWeb 5.0.0.12182 2009.07.28 Trojan.Hosts.107
eSafe 7.0.17.0 2009.07.28 -
eTrust-Vet 31.6.6643 2009.07.28 -
F-Prot 4.4.4.56 2009.07.28 -
F-Secure 8.0.14470.0 2009.07.28 -
Fortinet 3.120.0.0 2009.07.28 -
GData 19 2009.07.28 -
Ikarus T3.1.1.64.0 2009.07.28 Trojan-Dropper
Jiangmin 11.0.800 2009.07.28 -
K7AntiVirus 7.10.804 2009.07.28 -
Kaspersky 7.0.0.125 2009.07.28 -
McAfee 5691 2009.07.28 -
McAfee+Artemis 5691 2009.07.28 -
McAfee-GW-Edition 6.8.5 2009.07.28 Trojan.Dropper.Gen
Microsoft 1.4903 2009.07.28 -
NOD32 4286 2009.07.28 -
Norman 6.01.09 2009.07.28 -
nProtect 2009.1.8.0 2009.07.28 -
Panda 10.0.0.14 2009.07.28 -
PCTools 4.4.2.0 2009.07.28 -
Prevx 3.0 2009.07.28 -
Rising 21.40.14.00 2009.07.28 -
Sophos 4.44.0 2009.07.28 -
Sunbelt 3.2.1858.2 2009.07.28 -
Symantec 1.4.4.12 2009.07.28 -
TheHacker 6.3.4.3.376 2009.07.28 -
TrendMicro 8.950.0.1094 2009.07.28 -
VBA32 3.12.10.9 2009.07.28 -
ViRobot 2009.7.28.1857 2009.07.28 -
VirusBuster 4.6.5.0 2009.07.28 -

Дополнительная информация
File size: 12373 bytes
MD5...: 2ece81a4431ed7908b0a088031ad3551
SHA1..: 686c75e6f401504f9f0522f04d848656ab603e1d
SHA256: 71738d8f7a8b0ee857f5dc8b89cc257f69ab4839ab59e1a30a 787cf8135784c0
ssdeep: 48:yg0wSiS3XYViUS0FeB12j2ifdv8/9kSfSWtLdBFlwyCZXuClm0mZZNHJn/+K:
U3i2IoGq12j2n1kSHtdBwsCI0SH5l
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...4c0-1248806255

**Shu_b** · 31.07.2009, 14:00

промежуточные итоги народного тестирования июнь-июль:

**Torvic99** · 31.07.2009, 15:18

Файл qip.jar получен 2009.07.31 11:13:40 (UTC)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 2/41 (4.88%)

a-squared 4.5.0.24 2009.07.31-
AhnLab-V3 5.0.0.2 2009.07.30-
AntiVir 7.9.0.236 2009.07.31-
Antiy-AVL 2.0.3.7 2009.07.31-
Authentium 5.1.2.4 2009.07.31-
Avast 4.8.1335.0 2009.07.30-
AVG 8.5.0.406 2009.07.31-
BitDefender 7.2 2009.07.31-
CAT-QuickHeal 10.00 2009.07.30-
ClamAV 0.94.1 2009.07.31-
Comodo 1822 2009.07.31-
DrWeb 5.0.0.1218 22009.07.31-
eSafe 7.0.17.0 2009.07.30-
eTrust-Vet 31.6.6649 2009.07.31-
F-Prot 4.4.4.56 2009.07.30-
F-Secure 8.0.14470.0 2009.07.31 Trojan-SMS.J2ME.Konov.n
Fortinet 3.120.0.0 2009.07.31-
GData 19 2009.07.31-
Ikarus T3.1.1.64.0 2009.07.31-
Jiangmin 11.0.800 2009.07.31-
K7AntiVirus 7.10.806 2009.07.30-
Kaspersky 7.0.0.125 2009.07.31 Trojan-SMS.J2ME.Konov.n
McAfee 5693 2009.07.30-
McAfee+Artemis 5693 2009.07.30-
McAfee-GW-Edition 6.8.5 2009.07.31-
Microsoft 1.4903 2009.07.31-
NOD32 4293 2009.07.31-
Norman 6.01.09 2009.07.30-
nProtect 2009.1.8.0 2009.07.31-
Panda 10.0.0.14 2009.07.30-
PCTools 4.4.2.0 2009.07.29-
Prevx 3.0 2009.07.31-
Rising 21.40.43.00 2009.07.31-
Sophos 4.44.0 2009.07.31-
Sunbelt 3.2.1858.2 2009.07.31-
Symantec 1.4.4.12 2009.07.31-
TheHacker 6.3.4.3.374 2009.07.30-
TrendMicro 8.950.0.1094 2009.07.31-
VBA32 3.12.10.9 2009.07.31-
ViRobot 2009.7.31.1863 2009.07.31-
VirusBuster 4.6.5.0 2009.07.30-

Дополнительная информация
File size: 3857 bytes
MD5...: be32e6cae5a2c5c01d98a9ebace6d91c
SHA1..: cfbaea4d48e1c6f65d82bbd3e65c5b2574d80c4d
SHA256: b317560a62ac5181b1efd4095625740e468318f7279c5b5bd2 bad0d1c322e00a

**mseryoga** · 01.08.2009, 13:19

Файл vk-client-new.5.exe получен 2009.08.01 07:11:37 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.31 -
AhnLab-V3 5.0.0.2 2009.07.31 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.07.31 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1832 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 -
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.07.31 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.807 2009.07.31 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 Heuristic.LooksLike.Win32.Suspicious.L!83
Microsoft 1.4903 2009.08.01 -
NOD32 4295 2009.07.31 a variant of Win32/Kryptik.LR
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.07.31 -
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 Sus/EncPk-JG
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 PAK_Generic.001
VBA32 3.12.10.9 2009.07.31 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -

Дополнительная информация
File size: 23040 bytes
MD5...: e536c9d9ceec3b8686d35dc002f1f976
SHA1..: 2b1277b00cb41748c798e341b26c346bc3c80256
SHA256: 0a8c25a01f68082edac235e5f70fac1a7d7a3dfecec42c3824 a3acc2f234ba1e
ssdeep: 384:VKhR1HopZov4tbrJFgFbMmRwoZVBN/ka2QlyT:w5opbJiFz9TN/50<
PEiD..: -

**senyak** · 02.08.2009, 14:18

Файл foto.jar получен 2009.08.02 10:21:13 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.02 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 Trojan/J2ME.Konov
Authentium 5.1.2.4 2009.08.01 -
Avast 4.8.1335.0 2009.08.01 Other:Malware-gen
AVG 8.5.0.406 2009.08.02 -
BitDefender 7.2 2009.08.02 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.02 -
Comodo 1838 2009.08.02 TrojWare.J2ME.SMS.Konov.i
DrWeb 5.0.0.12182 2009.08.02 Java.SMSSend.51
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 Java/SMSTroj
F-Prot 4.4.4.56 2009.08.01 -
F-Secure 8.0.14470.0 2009.08.01 Trojan-SMS.J2ME.Konov.i
Fortinet 3.120.0.0 2009.08.02 -
GData 19 2009.08.02 Other:Malware-gen
Ikarus T3.1.1.64.0 2009.08.02 Trojan-SMS
Jiangmin 11.0.800 2009.08.02 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.02 Trojan-SMS.J2ME.Konov.i
McAfee 5695 2009.08.01 -
McAfee+Artemis 5695 2009.08.01 -
McAfee-GW-Edition 6.8.5 2009.08.02 -
Microsoft 1.4903 2009.08.02 -
NOD32 4298 2009.08.02 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.02 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.01 -
Prevx 3.0 2009.08.02 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.02 -
Sunbelt 3.2.1858.2 2009.08.02 -
Symantec 1.4.4.12 2009.08.02 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.02 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -

Дополнительная информация
File size: 2662 bytes
MD5...: f153398fceceb5f26e840576d658e907
SHA1..: ea0b174e210c239264a3db9afc4dc0c9c4eb38ca
SHA256: f8637e1353b8339a8bd0da652ed23b67ee322f5d8c3eb60274 c83156daa53748
ssdeep: 48:91FTQo0tOURs9y3VeiTExPW387mjiAlqAxBCSZyU8/scU6p7dKNZ4w

FTiOU
Rs9qVeiTUDycSZJn6ZdkZL
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

http://www.virustotal.com/ru/analisi...748-1249208473

**valho** · 02.08.2009, 22:17

File index_1_.htm received on 2009.08.02 17:44:10 (UTC)
Current status: finished
Result: 7/40 (17.50%)

a-squared 4.5.0.24 2009.08.02 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.02 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.01 JS:Obfuscated-CV
AVG 8.5.0.406 2009.08.02 JS/Downloader.Agent
BitDefender 7.2 2009.08.02 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.02 -
Comodo 1840 2009.08.02 -
DrWeb 5.0.0.12182 2009.08.02 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.01 -
Fortinet 3.120.0.0 2009.08.02 -
GData 19 2009.08.02 JS:Obfuscated-CV
Ikarus T3.1.1.64.0 2009.08.02 -
Jiangmin 11.0.800 2009.08.02 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.02 -
McAfee 5695 2009.08.01 -
McAfee+Artemis 5695 2009.08.01 -
McAfee-GW-Edition 6.8.5 2009.08.02 Heuristic.LooksLike.JS.Suspicious.A
Microsoft 1.4903 2009.08.02 -
NOD32 4299 2009.08.02 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.02 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Rising 21.40.62.00 2009.08.02 -
Sophos 4.44.0 2009.08.02 -
Sunbelt 3.2.1858.2 2009.08.02 -
Symantec 1.4.4.12 2009.08.02 Trojan.Malscript!html
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.02 Trojan-Downloader.JS.Iframe.blg
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.08.02 -

Additional information
File size: 6501 bytes
MD5 : c8bcdb732ed5e73d802e4404b7771e10
SHA1 : 51c76ed7f908255032f9ee0c4ca06d139b1e5e82
SHA256: d9a8404ae35297ea45d514f2502b6ca777dab88d8dbf58ccb7 165689ab016ebf
TrID : File type identification
Unknown!
ssdeep: 192:bWkW3PFo3XtifBBILnfi98Ci+2XBt9PDgN/:b/so3nLK98C8Dw
PEiD : -
RDS : NSRL Reference Data Set
-

**valho** · 03.08.2009, 15:53

Эт всё от контакта

File sms-vkontakte received on 2009.08.03 11:21:09 (UTC)
Current status: finished
Result: 5/41 (12.2%)

a-squared 4.5.0.24 2009.08.03 Riskware.JS.Obfuscator!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 VirTool.JS.Obfuscator
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.Script.Crypted
Microsoft 1.4903 2009.08.03 VirTool:JS/Obfuscator.H
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -

Additional information
File size: 710 bytes
MD5...: 44493a2e5f0b3f40d78af23706e90f0e
SHA1..: 462bc9a61c5d6ad12d289c2ebbb68cdeb24d1f7a
SHA256: fff61030becae6d994f10e91d66754f133397596c6551da28e eeab8546fead0b
ssdeep: 12:X7jtNDxAqk0+qK0WEzqtjSow/EKEsN0YlE7guu5lJeinga05jwWT3wdVl:XPD
k0+qzWe2SoOdEa+7fuIin42XP
PEiD..: -
TrID..: File type identification
GZipped File (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): packed

File 549a6be38aae63e8913bd1d43b14d83a received on 2009.08.03 11:34:44 (UTC)
Current status: finished
Result: 3/41 (7.32%)

a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 HTML/Psyme.Gen
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
McAfee-GW-Edition 6.8.5 2009.08.03 Script.Psyme.Gen
Microsoft 1.4903 2009.08.03 VirTool:JS/Obfuscator.H
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -

Additional information
File size: 4072 bytes
MD5...: 549a6be38aae63e8913bd1d43b14d83a
SHA1..: 528fa966c136cd0f411227e20e09d08d2fe50893
SHA256: 323db2eb646c0b54669bd4dd2ecc48f0814464af3665a99e97 1ef2e5c453fe42
ssdeep: 96:e1M1M8Cs2Ot4LkWyC5cCJcCiw1x2TGQtqswWF7DG:kmMp9k W35JJJHgf7DG
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode

File e712330a93f5cf725ea0c6bc4c52375b received on 2009.08.03 11:34:56 (UTC)
Current status: finished
Result: 5/41 (12.2%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 HTML/Infected.WebPage.Gen
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 HTML:Iframe-inf
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 HTML:Iframe-inf
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.Script.Infected.WebPage
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 HTML/Iframe.G
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -

Additional information
File size: 188 bytes
MD5...: e712330a93f5cf725ea0c6bc4c52375b
SHA1..: 05fbff8903000d1deda96d01614cff5916e0bd99
SHA256: 3d7b276f53d1f676ebaa54da1e475bb445815b0055a2db329f 9aa2bbf4479173
ssdeep: 3:Q4giyYFI+MKXyR+plM1yClMAlW/LXCn/lFMbCn/lFIcpAYlHlBvohalhluWlgT
:QdiLMKXyR+lM1yCWAlWWncun4cp9CsB8
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (66.6%)
MP3 audio (33.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode

Файл MW2bl2ow.exe.part получен 2009.08.03 11:39:35 (UTC)
Текущий статус: Закончено
Результат: 7/41 (17.08%)

a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 TR/Dldr.Banload.zdt
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 W32/Downldr2.GAZE
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 Trojan.Downloader-73889
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 Suspicious File
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 W32/Downldr2.GAZE
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
McAfee-GW-Edition 6.8.5 2009.08.03 Trojan.Dldr.Banload.zdt
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
[B]VirusBuster 4.6.5.0 2009.08.02 Trojan.DL.Banload.ASKT[/B

Дополнительная информация
File size: 102200 bytes
MD5...: 244dc79fd7fe3eafc2570c58a16a1663
SHA1..: 97b927b350e485adf400956620c85476973cf1dd
SHA256: 634f850fcf1c58c008101fd2075eb6ea7ae843df508904a361 5e7a3770eb3a4c
ssdeep: 1536:5YNQ+cdiUBjyWgp0oNmFqXmOWRDOib6aqkSZZZ3EPGGul 5tzZWOLyfDy4cD
2IDMv:5yUBjy5OFvOWRDbbNUEPozbwDyNyID9e
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x21d00
timedatestamp.....: 0x44e24a66 (Tue Aug 15 22:27:50 2006)
machinetype.......: 0x14c (I386)

File reiting.exe received on 2009.08.03 11:45:01 (UTC)
Current status: finished
Result: 35/41 (85.37%)

a-squared 4.5.0.24 2009.08.03 Trojan.Win32.Qhost!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 TR/Qhost.lmb
Antiy-AVL 2.0.3.7 2009.08.03 Trojan/Win32.Qhost.gen
Authentium 5.1.2.4 2009.08.02 W32/Trojan2.HKKZ
Avast 4.8.1335.0 2009.08.02 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.03 Generic13.AHII
BitDefender 7.2 2009.08.03 Trojan.Generic.1910797
CAT-QuickHeal 10.00 2009.08.03 Trojan.Qhost.lmb
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 TrojWare.Win32.Qhost.lmb
DrWeb 5.0.0.12182 2009.08.03 Trojan.MulDrop.31260
eSafe 7.0.17.0 2009.07.30 Win32.TRQhost.Lmb
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 W32/Trojan2.HKKZ
F-Secure 8.0.14470.0 2009.08.03 Trojan.Win32.Qhost.lmb
Fortinet 3.120.0.0 2009.08.03 W32/Qhost.LMB!tr
GData 19 2009.08.03 Trojan.Generic.1910797
Ikarus T3.1.1.64.0 2009.08.03 Trojan.Win32.Qhost
Jiangmin 11.0.800 2009.08.03 Trojan/Qhost.tb
K7AntiVirus 7.10.808 2009.08.01 Trojan.Win32.Qhost.lmb
Kaspersky 7.0.0.125 2009.08.03 Trojan.Win32.Qhost.lmb
McAfee 5696 2009.08.02 Generic Dropper!q
McAfee+Artemis 5696 2009.08.02 Generic Dropper!q
McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.BehavesLike.Win32.ModifiedUPX.B!92
Microsoft 1.4903 2009.08.03 Trojan:Win32/Qhost.AY
NOD32 4300 2009.08.03 Win32/Qhost.NJO
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 Trojan/W32.Qhost.19968.E
Panda 10.0.0.14 2009.08.03 Trj/Spambot.C
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 High Risk Cloaked Malware
Rising 21.41.02.00 2009.08.03 Dropper.Win32.Agent.zrh
Sophos 4.44.0 2009.08.03 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.03 Bulk Trojan
Symantec 1.4.4.12 2009.08.03 Trojan.SpamThru
TheHacker 6.3.4.3.375 2009.08.01 Trojan/Qhost.lmb
TrendMicro 8.950.0.1094 2009.08.03 TROJ_QHOST.TR
VBA32 3.12.10.9 2009.08.03 Trojan.Win32.Qhost.lmb
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 Trojan.Qhost.BBF

Additional information
File size: 19968 bytes
MD5...: 280619caade6d10b81fe8c5657dd6bdd
SHA1..: 6d00a4af9c39b7c5cb5cbaceb2b363cc6fcd1392
SHA256: b290b5c559729fd65e80dfd1063ded37958fc0ccaa7b6442af ae0f38127601ae
ssdeep: 384:Iw4VGlwmBBO1IfXxZxyNVyTI7Uhy150stdRIyMaNJawcud oD7Uvm7P:rmmBI
IfDcVj15v3jFnbcuyD7UM
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xe360
timedatestamp.....: 0x49f46a61 (Sun Apr 26 14:06:25 2009)
machinetype.......: 0x14c (I386)
http://info.prevx.com/aboutprogramte...5101008711BF73

**senyak** · 03.08.2009, 18:21

Файл avz00001.dta получен 2009.08.03 13:31:49 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 TR/Buzus.brhg
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1850 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 Win32.HLLW.Autoruner.7323
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 Trojan.Win32.Buzus.brhg
Fortinet 3.120.0.0 2009.08.03 W32/Buzus.BRHG!tr
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 Trojan/Buzus.nwc
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 Trojan.Win32.Buzus.brhg
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.LooksLike.Worm.Kolab.B
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.08.03 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.03 Trj/Buzus.HA
PCTools 4.4.2.0 2009.08.03 -
Prevx 3.0 2009.08.03 High Risk Cloaked Malware
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 Suspicious.MH690.A
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -

Дополнительная информация
File size: 124928 bytes
MD5...: efb23688c0132d7fea66bcb79ad7e383
SHA1..: 1ac8bb94919d7319260313994f8d7edf6298d4a7
SHA256: 8c87381aff84664d84eb160e2c1db4ff96ce620299cebd1e1b 566eb15a146456
ssdeep: 1536:SIoXVBOlxvrSXsxhcXw+NeRqk3WZFfPMCVUli9FlH/FzZ9bKG8TIKnY56OU
MhyHr:oXzXBNEeZFXMto9FlHXxKG8TIipHKP
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...456-1249306309

Файл avz00002.dta получен 2009.08.03 13:32:20 (UTC)
Текущий статус: закончено
Результат: 13/41 (31.71%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.03 Net-Worm.Win32.Kolab!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 -
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 Injector.FF
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1850 2009.08.03 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.03 Trojan.MulDrop.33045
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 Net-Worm.Win32.Kolab.dft
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 Net-Worm.Win32.Kolab
Jiangmin 11.0.800 2009.08.03 Worm/Kolab.ro
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 Net-Worm.Win32.Kolab.dft
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 Artemis!8E10307F9B48
McAfee-GW-Edition 6.8.5 2009.08.03 -
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 Win32/Injector.UR
Norman 6.01.09 2009.08.03 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.03 -
PCTools 4.4.2.0 2009.08.03 -
Prevx 3.0 2009.08.03 High Risk Cloaked Malware
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 Net-Worm.Win32.Kolab.deo
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -

Дополнительная информация
File size: 84992 bytes
MD5...: 8e10307f9b4879a45b86ddda9ab74884
SHA1..: 8f4c38ba2059a87cdcf5ff7e5027dbffa1b01c8c
SHA256: aa531a0162ff09b4219259988a81a684e0b8c3523159a97c9d 828ceb4f7bc31b
ssdeep: 1536:C+YDy1fv/pHysT4II5UgVM7b9jA3UHvdNZMmcOr2MXlG:CnyhvBywPgVM7b
FqyVNZME1XlG
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...31b-1249306340

**senyak** · 05.08.2009, 00:04

Файл load.exe получен 2009.08.04 20:04:22 (UTC)
Текущий статус: закончено
Результат: 4/41 (9.76%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.04 -
AhnLab-V3 5.0.0.2 2009.08.04 -
AntiVir 7.9.0.240 2009.08.04 -
Antiy-AVL 2.0.3.7 2009.08.04 -
Authentium 5.1.2.4 2009.08.04 -
Avast 4.8.1335.0 2009.08.04 -
AVG 8.5.0.406 2009.08.04 -
BitDefender 7.2 2009.08.04 -
CAT-QuickHeal 10.00 2009.08.04 -
ClamAV 0.94.1 2009.08.04 -
Comodo 1865 2009.08.04 -
DrWeb 5.0.0.12182 2009.08.04 -
eSafe 7.0.17.0 2009.08.04 -
eTrust-Vet 31.6.6657 2009.08.04 -
F-Prot 4.4.4.56 2009.08.04 -
F-Secure 8.0.14470.0 2009.08.04 -
Fortinet 3.120.0.0 2009.08.04 -
GData 19 2009.08.04 -
Ikarus T3.1.1.64.0 2009.08.04 -
Jiangmin 11.0.800 2009.08.04 Trojan/Agent.cqwr
K7AntiVirus 7.10.810 2009.08.04 -
Kaspersky 7.0.0.125 2009.08.04 Trojan.Win32.Inject.ahfu
McAfee 5698 2009.08.04 -
McAfee+Artemis 5698 2009.08.04 -
McAfee-GW-Edition 6.8.5 2009.08.04 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Tr ojan.B
Microsoft 1.4903 2009.08.04 -
NOD32 4306 2009.08.04 Win32/Oficla.D
Norman 6.01.09 2009.08.04 -
nProtect 2009.1.8.0 2009.08.04 -
Panda 10.0.0.14 2009.08.04 -
PCTools 4.4.2.0 2009.08.04 -
Prevx 3.0 2009.08.04 -
Rising 21.41.14.00 2009.08.04 -
Sophos 4.44.0 2009.08.04 -
Sunbelt 3.2.1858.2 2009.08.04 -
Symantec 1.4.4.12 2009.08.04 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.04 -
VBA32 3.12.10.9 2009.08.04 -
ViRobot 2009.8.4.1867 2009.08.04 -
VirusBuster 4.6.5.0 2009.08.04 -

Дополнительная информация
File size: 19456 bytes
MD5...: 3a96e2c81dfe1e59bb805e0496fe4469
SHA1..: 70e8c60a07752d4c68f37f832e08f84d1c33d491
SHA256: f5a40dbe7b81c5b5d703481d6169f4cec5edaf3c7a40d1b23d a528f4100d103d
ssdeep: 384:1C5Km3pW2PFV9JKAQjfiKQYXnH22wtEWZCF:1C5KmZhrKz jaDQUy
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...03d-1249416262

Файл pdf.pdf получен 2009.08.04 20:04:46 (UTC)
Текущий статус: закончено
Результат: 7/41 (17.08%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.04 -
AhnLab-V3 5.0.0.2 2009.08.04 -
AntiVir 7.9.0.240 2009.08.04 -
Antiy-AVL 2.0.3.7 2009.08.04 -
Authentium 5.1.2.4 2009.08.04 -
Avast 4.8.1335.0 2009.08.04 JS:Pdfka-MM
AVG 8.5.0.406 2009.08.04 -
BitDefender 7.2 2009.08.04 -
CAT-QuickHeal 10.00 2009.08.04 -
ClamAV 0.94.1 2009.08.04 -
Comodo 1865 2009.08.04 Exploit.JS.Agent.~AB
DrWeb 5.0.0.12182 2009.08.04 -
eSafe 7.0.17.0 2009.08.04 -
eTrust-Vet 31.6.6657 2009.08.04 -
F-Prot 4.4.4.56 2009.08.04 -
F-Secure 8.0.14470.0 2009.08.04 -
Fortinet 3.120.0.0 2009.08.04 -
GData 19 2009.08.04 JS:Pdfka-MM
Ikarus T3.1.1.64.0 2009.08.04 -
Jiangmin 11.0.800 2009.08.04 -
K7AntiVirus 7.10.810 2009.08.04 -
Kaspersky 7.0.0.125 2009.08.04 -
McAfee 5698 2009.08.04 -
McAfee+Artemis 5698 2009.08.04 -
McAfee-GW-Edition 6.8.5 2009.08.04 Exploit.PDF.Recursedecrypt.gen
Microsoft 1.4903 2009.08.04 -
NOD32 4306 2009.08.04 -
Norman 6.01.09 2009.08.04 -
nProtect 2009.1.8.0 2009.08.04 -
Panda 10.0.0.14 2009.08.04 -
PCTools 4.4.2.0 2009.08.04 -
Prevx 3.0 2009.08.04 -
Rising 21.41.14.00 2009.08.04 -
Sophos 4.44.0 2009.08.04 Mal/PdfEx-C
Sunbelt 3.2.1858.2 2009.08.04 Exploit.PDF-JS.Gen (v)
Symantec 1.4.4.12 2009.08.04 Bloodhound.Exploit.196
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.04 -
VBA32 3.12.10.9 2009.08.04 -
ViRobot 2009.8.4.1867 2009.08.04 -
VirusBuster 4.6.5.0 2009.08.04 -

Дополнительная информация
File size: 2959 bytes
MD5...: 737579946352e88a6cb5d54ec102f566
SHA1..: 6853889e94b032db748edd5861b68d75258e30a2
SHA256: cfe1749cf2954e45c84bf75dd2fea339555b259d78bb542d51 2299cbe50bc260
ssdeep: 48:FuENYPNRgS+K5vkwzjYHSDTqG3LMlUJ7IAOBvod0rLNvSOC hWAdXYCOzZzEDN
Kf6:cENY1RgNK5swzz+G3wOJ8tpod+qOChdD
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (100.0%)
PEInfo: -

http://www.virustotal.com/ru/analisi...260-1249416286

**senyak** · 07.08.2009, 02:15

Файл update.exe получен 2009.08.06 10:00:53 (UTC)
Текущий статус: закончено
Результат: 22/41 (53.66%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.Win32.Bredolab!IK
AhnLab-V3 5.0.0.2 2009.08.06 Win-Trojan/Downloader.30208.BX
AntiVir 7.9.0.240 2009.08.06 BDS/Zdoogu.FA
Antiy-AVL 2.0.3.7 2009.08.05 Backdoor/Win32.Zdoogu.gen
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 SHeur2.AUGF
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 TrojWare.Win32.TrojanSpy.Zbot.~GAI
DrWeb 5.0.0.12182 2009.08.06 -
eSafe 7.0.17.0 2009.08.05 Suspicious File
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 Backdoor.Win32.Zdoogu.fa
Fortinet 3.120.0.0 2009.08.06 W32/Zdoogu.FA!tr.bdr
GData 19 2009.08.06 -
Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.Win32.Bredolab
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 Backdoor.Win32.Zdoogu.fa
McAfee 5699 2009.08.05 -
McAfee+Artemis 5699 2009.08.05 Artemis!424760B62B81
McAfee-GW-Edition 6.8.5 2009.08.06 Trojan.Backdoor.Zdoogu.FA
Microsoft 1.4903 2009.08.06 TrojanDownloader:Win32/Bredolab.X
NOD32 4311 2009.08.06 a variant of Win32/Kryptik.ZY
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 Backdoor/W32.Zdoogu.30208.B
Panda 10.0.0.14 2009.08.05 Trj/CI.A
PCTools 4.4.2.0 2009.08.05 -
Prevx 3.0 2009.08.06 High Risk Cloaked Malware
Rising 21.41.32.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.05 Bulk Trojan
Symantec 1.4.4.12 2009.08.06 Packed.Generic.235
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -

Дополнительная информация

File size: 30208 bytes
MD5...: 424760b62b811166b318e1200734be32
SHA1..: d1e2f80afdcd407eba63943cca789d3be075a484
SHA256: 6b4e3937cca31eca5b1b724ac27eccdd9a62f273b1f4668ceb e909a9da36eb90
ssdeep: 384:91+mSCAkKT0W8kVuAxNVtqfUVas0cW/87GD+XECSQSuuQQYcMsmhCSd4jdeg
bRe/:98/rRbtq9QWk7GDz30QYJBGjjbpG5
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...b90-1249552853

Файл xpdeluxe.exe получен 2009.08.06 10:01:34 (UTC)
Текущий статус: закончено
Результат: 24/41 (58.54%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.06 Trojan.Win32.FakeRean!IK
AhnLab-V3 5.0.0.2 2009.08.06 Win-Trojan/FakeAlert.1225728
AntiVir 7.9.0.240 2009.08.06 TR/FakeRean.A.45
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 Win32:Fraudo
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 ApplicUnwnt.Win32.FraudTool.XPDeluxeProtector.~B
DrWeb 5.0.0.12182 2009.08.06 -
eSafe 7.0.17.0 2009.08.05 Win32.TrojanFakeRean
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 FraudTool.Win32.XPDeluxeProtector.e
Fortinet 3.120.0.0 2009.08.06 W32/FakeAlert.D!tr
GData 19 2009.08.06 Win32:Fraudo
Ikarus T3.1.1.64.0 2009.08.06 Trojan.Win32.FakeRean
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.08.06 not-a-virus:FraudTool.Win32.XPDeluxeProtector.e
McAfee 5699 2009.08.05 Generic FakeAlert.d!gen
McAfee+Artemis 5699 2009.08.05 Generic FakeAlert.d!gen
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.LooksLike.Worm.Wangy.H
Microsoft 1.4903 2009.08.06 Trojan:Win32/FakeRean
NOD32 4311 2009.08.06 Win32/Adware.WinPCDefender
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.05 Trj/CI.A
PCTools 4.4.2.0 2009.08.05 -
Prevx 3.0 2009.08.06 High Risk Cloaked Malware
Rising 21.41.32.00 2009.08.06 Trojan.Win32.FakeVir.rd
Sophos 4.44.0 2009.08.06 Mal/EncPk-IF
Sunbelt 3.2.1858.2 2009.08.05 FraudTool.Win32.RogueSecurity (v)
Symantec 1.4.4.12 2009.08.06 Packed.Generic.233
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 Trojan.FakeRean.Gen

Дополнительная информация
File size: 1225728 bytes
MD5...: 307e6d02ed26ff516827c6469401456e
SHA1..: 2b04ca909c2f862b8c730f4ff89be4edaa3a5673
SHA256: f1234e05df628d43db8b41e92b4ceac19a1bd9996ced88ab94 c7383d7772ea09
ssdeep: 24576:0kZ67bkLe3HCGB5agRMvvsknKfqLYC1WEFNIcypeWWqx apxRd1+0:V67bY
4sgRKTnAXWNPdD
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...a09-1249552894

Добавлено через 28 минут

Только что у себя выцепил эти два файлика. Чет хотели мне наделать

Файл avz00001.dta получен 2009.08.06 10:15:14 (UTC)
Текущий статус: закончено
Результат: 11/41 (26.83%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.06 Trojan.Win32.Refroso!IK
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 Trojan/Win32.Refroso.gen
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 Generic14.PPK
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 -
DrWeb 5.0.0.12182 2009.08.06 Trojan.MulDrop.33183
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.06 -
Ikarus T3.1.1.64.0 2009.08.06 Trojan.Win32.Refroso
Jiangmin 11.0.800 2009.08.06 Trojan/Refroso.fv
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 -
McAfee 5699 2009.08.05 -
McAfee+Artemis 5699 2009.08.05 Artemis!4FF8880DC2FF
McAfee-GW-Edition 6.8.5 2009.08.06 -
Microsoft 1.4903 2009.08.06 VirTool:Win32/Injector.gen!AD
NOD32 4311 2009.08.06 -
Norman 6.01.09 2009.08.06 W32/Malware
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.05 -
PCTools 4.4.2.0 2009.08.05 -
Prevx 3.0 2009.08.06 Medium Risk Malware
Rising 21.41.32.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.05 -
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 Trojan-Downloader.Win32.Agent.ckvv
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -

Дополнительная информация

File size: 300032 bytes
MD5 : 4ff8880dc2ff94dd6d04e16b18d7c073
SHA1 : 294a06c988efc569a4165e56e6092a765f8c2c4c
SHA256: a88eda6dd4c1096bacd6ecc1170e4a71349b6f94e66b23ac6b ce7d25ed5905e6
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x439A
timedatestamp.....: 0x4A6FBC08 (Wed Jul 29 05:03:36 2009)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x357E 0x3600 5.76 6eaaccffcc4851eee5cf1357ee38bba1
.rdata 0x5000 0x8BA 0xA00 4.74 cf673cbdc6fd492858e8da108b3743da
.data 0x6000 0xB74 0x800 6.12 9cf3a4d11527acea903610620162d3e2
.rsrc 0x7000 0x44780 0x44800 7.78 f8e0f63f93948b8b5eed39e6a0a3886f

http://www.virustotal.com/ru/analisi...5e6-1249553714

Файл 85.rar получен 2009.08.06 10:34:49 (UTC)
Текущий статус: закончено
Результат: 9/41 (21.96%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.06 Spammer!IK
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 SHeur2.AUTZ
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 -
DrWeb 5.0.0.12182 2009.08.06 Trojan.Spambot.3531
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.06 -
Ikarus T3.1.1.64.0 2009.08.06 Spammer
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 -
McAfee 5699 2009.08.05 -
McAfee+Artemis 5699 2009.08.05 Artemis!5A62D71884FA
McAfee-GW-Edition 6.8.5 2009.08.06 -
Microsoft 1.4903 2009.08.06 Spammer:Win32/Tedroo.I
NOD32 4311 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.05 Trj/CI.A
PCTools 4.4.2.0 2009.08.05 -
Prevx 3.0 2009.08.06 -
Rising 21.41.32.00 2009.08.06 Unknown Win32 Virus
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.05 Bulk Trojan
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -

Дополнительная информация

File size: 45501 bytes
MD5...: 51cec740816a99f5cd1171243f74f9ae
SHA1..: cd1c8244cee634d88f6d274130aeaa604af4d059
SHA256: 92e71c4abb60c51bd5e197148d22512a3fcc83e87eade49958 784c4ff3b1315d
ssdeep: 768:az2T5ey7hQKBauUNuOkPnkUu6M6aNvoVpgRwVmHuG3Tqc/KiLUO/10VAQ987
yw04:K2IIouOSkUudwVORbTjj7LU616AD7304
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

http://www.virustotal.com/ru/analisi...15d-1249554889

Добавлено через 4 часа 26 минут

Еще какая-то гадость сидела в папке Windows

Файл tapi.nfo получен 2009.08.06 15:00:28 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.Win32.Small!IK
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 TR/Dldr.Small.alyr
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 Downloader.Generic8.BFZA
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1887 2009.08.06 -
DrWeb 5.0.0.12182 2009.08.06 -
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 Trojan-Downloader.Win32.Small.alyr
Fortinet 3.120.0.0 2009.08.06 W32/Small.ALYR!tr.dldr
GData 19 2009.08.06 -
Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.Win32.Small
Jiangmin 11.0.800 2009.08.06 TrojanDownloader.Small.amya
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 Trojan-Downloader.Win32.Small.alyr
McAfee 5699 2009.08.05 -
McAfee+Artemis 5699 2009.08.05 Artemis!AED17B841272
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.LooksLike.Win32.Small.L
Microsoft 1.4903 2009.08.06 -
NOD32 4312 2009.08.06 Win32/Oficla.A
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.05 Trj/CI.A
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.06 -
Rising 21.41.34.00 2009.08.06 Trojan.DL.Win32.Undef.gds
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.06 SecurityRisk.Downldr
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -

Дополнительная информация
File size: 24576 bytes
MD5...: aed17b841272d835657a5c32f18e7046
SHA1..: c02cbfa8887016e74bb46dcafae238b4a5b7764a
SHA256: a704cf809922c83764c9575520237b746bca99dc373a908156 9515b158823f6a
ssdeep: 384:5JtXqCog7f+9A31rhs+OgQN0On16SZTXkGT5:/QCV7W9Q5hs+uyO16Irp
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...f6a-1249570828

Добавлено через 7 часов 16 минут

Файл VK.exe получен 2009.08.06 22:18:58 (UTC)
Текущий статус: закончено
Результат: 11/41 (26.83%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.06 Trojan.BAT.Agent!IK
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.06 Trojan.Hosts.52
eSafe 7.0.17.0 2009.08.06 Suspicious File
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 Trojan.BAT.Qhost.eu
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 Trojan.BAT.Agent
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.06 Trojan.BAT.Qhost.eu
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.Win32.ModifiedUPX.B!92
Microsoft 1.4903 2009.08.06 Trojan:Win32/Qhost.AY
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 Dropper.Win32.Agent.zrh
Sophos 4.44.0 2009.08.06 Sus/Dropper-A
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 PAK_Generic.001
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -

Дополнительная информация
File size: 19968 bytes
MD5...: 55555d8215040c839dcfc2dc1f6da85e
SHA1..: facd21a1be7ac500d2b46826b5fdbaf137f9de3b
SHA256: bd2776b7e17307c480158cfed0c0c3e58a131e7fe78bacfc10 938f2541429f9c
ssdeep: 384:4I38pS558OMoXvzRpKAQ9iJs3s/C20qEMu5OcZvjMaNJawcudoD7URm7P:4I
LpMSTQ9G1xhENBFnbcuyD7UW
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...f9c-1249597138

Исследование антивирусов 7

Опции темы

Похожие темы

Исследование антивирусов 6

Исследование антивирусов 5

Исследование антивирусов 4

Исследование антивирусов 3

Исследование антивирусов 2

Метки для этой темы

Ваши права в разделе