Исследование антивирусов 7

[senyak]

Файл D6513f8c3.exe получен 2009.08.18 09:15:26 (UTC)
Текущий статус: закончено
Результат: 17/41 (41.47%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.18 Trojan-Downloader.Win32.Bredolab!IK
AhnLab-V3 5.0.0.2 2009.08.18 Win-Trojan/Bredolab.37888.D
AntiVir 7.9.1.1 2009.08.18 -
Antiy-AVL 2.0.3.7 2009.08.18 -
Authentium 5.1.2.4 2009.08.18 W32/Bredolab.H
Avast 4.8.1335.0 2009.08.17 -
AVG 8.5.0.406 2009.08.18 Injector.FG
BitDefender 7.2 2009.08.18 Trojan.Downloader.Bredolab.U
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2009 2009.08.18 -
DrWeb 5.0.0.12182 2009.08.18 Trojan.Botnetlog.11
eSafe 7.0.17.0 2009.08.17 -
eTrust-Vet 31.6.6683 2009.08.18 -
F-Prot 4.4.4.56 2009.08.18 W32/Bredolab.H
F-Secure 8.0.14470.0 2009.08.18 -
Fortinet 3.120.0.0 2009.08.18 -
GData 19 2009.08.18 Trojan.Downloader.Bredolab.U
Ikarus T3.1.1.68.0 2009.08.18 Trojan-Downloader.Win32.Bredolab
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.820 2009.08.17 -
Kaspersky 7.0.0.125 2009.08.18 Backdoor.Win32.Bredolab.hi
McAfee 5712 2009.08.17 -
McAfee+Artemis 5712 2009.08.17 Artemis!0F94ECC9F6D7
McAfee-GW-Edition 6.8.5 2009.08.18 -
Microsoft 1.4903 2009.08.18 TrojanDownloader:Win32/Bredolab.X
NOD32 4344 2009.08.18 a variant of Win32/Kryptik.AEU
Norman 6.01.09 2009.08.17 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 10.0.0.14 2009.08.17 Trj/CI.A
PCTools 4.4.2.0 2009.08.17 -
Prevx 3.0 2009.08.18 -
Rising 21.43.11.00 2009.08.18 Unknown Win32 Virus
Sophos 4.44.0 2009.08.18 Mal/Behav-340
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 1.4.4.12 2009.08.18 Packed.Generic.243
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 3.12.10.9 2009.08.18 -
ViRobot 2009.8.18.1888 2009.08.18 -
VirusBuster 4.6.5.0 2009.08.17 -

Дополнительная информация
File size: 37888 bytes
MD5...: 0f94ecc9f6d7f6b95f9f2ef03064322b
SHA1..: 47406ca931d2f11f97c7f324893256ce44dcb694
SHA256: 757b2224a172d66a7f701771445b778a0bdb83b07689e9e542 32268ba34523ee
ssdeep: 768wMA6Qfjjk1rtfWxMm3xP1mETgHZUx84bTZAjSLy63:dZujkpWx xP19+ZEZ
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...3ee-1250586926

Добавлено через 10 часов 29 минут

Файл foto20.scr получен 2009.08.18 19:45:10 (UTC)
Текущий статус: закончено
Результат: 15/41 (36.59%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.18 Riskware.Win32.Injector!IK
AhnLab-V3 5.0.0.2 2009.08.18 -
AntiVir 7.9.1.3 2009.08.18 DR/Delphi.Gen
Antiy-AVL 2.0.3.7 2009.08.18 -
Authentium 5.1.2.4 2009.08.18 -
Avast 4.8.1335.0 2009.08.17 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.18 Dropper.Agent.NXB
BitDefender 7.2 2009.08.18 -
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2014 2009.08.18 -
DrWeb 5.0.0.12182 2009.08.18 Trojan.MulDrop.30762
eSafe 7.0.17.0 2009.08.18 -
eTrust-Vet 31.6.6685 2009.08.18 -
F-Prot 4.4.4.56 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.18 Trojan-Dropper.Win32.Agent.balg
Fortinet 3.120.0.0 2009.08.18 -
GData 19 2009.08.18 Win32:Trojan-gen {Other}
Ikarus T3.1.1.68.0 2009.08.18 VirTool.Win32.Injector
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 7.0.0.125 2009.08.18 Trojan-Dropper.Win32.Agent.balg
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 Artemis!DDE1A0399B8B
McAfee-GW-Edition 6.8.5 2009.08.18 Trojan.Dropper.Delphi.Gen
Microsoft 1.4903 2009.08.18 VirTool:Win32/Injector.gen!Z
NOD32 4346 2009.08.18 a variant of Win32/Injector.WY
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 10.0.0.14 2009.08.18 Trj/CI.A
PCTools 4.4.2.0 2009.08.18 -
Prevx 3.0 2009.08.18 -
Rising 21.43.14.00 2009.08.18 -
Sophos 4.44.0 2009.08.18 -
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 1.4.4.12 2009.08.18 Suspicious.MH690.A
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 3.12.10.9 2009.08.18 -
ViRobot 2009.8.18.1889 2009.08.18 -
VirusBuster 4.6.5.0 2009.08.18 -

Дополнительная информация
File size: 255488 bytes
MD5...: dde1a0399b8bc55b12e82d3ff4fc2639
SHA1..: 6951a2e208d5d9cffdea80a0d80069df43f084a4
SHA256: 639588febe1c84896d20506be659a3e34db2254d89171f934b fe52740b6fd26a
ssdeep: 6144:nkwVMPJO3WKxzwo6wy6G/EmCGWYogcavy5qSGDN8TwYUJIZs62d:neSjNwN
wtdmCGrZy5DTMJIZsjd
PEiD..: BobSoft Mini Delphi -> BoB / BobSoft
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...26a-1250624710

[valho]

File qip.exe received on 2009.08.18 20:05:57 (UTC)
Current status: finished
Result: 16/41 (39.03%)

a-squared 4.5.0.24 2009.08.18 Virus.Win32.Induc!IK
AhnLab-V3 5.0.0.2 2009.08.18 -
AntiVir 7.9.1.3 2009.08.18 W32/Induc.A
Antiy-AVL 2.0.3.7 2009.08.18 Virus/Win32.Induc
Authentium 5.1.2.4 2009.08.18 -
Avast 4.8.1335.0 2009.08.17 -
AVG 8.5.0.406 2009.08.18 -
BitDefender 7.2 2009.08.18 -
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2014 2009.08.18 -
DrWeb 5.0.0.12182 2009.08.18 Win32.Induc
eSafe 7.0.17.0 2009.08.18 -
eTrust-Vet 31.6.6685 2009.08.18 -
F-Prot 4.4.4.56 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.18 Virus.Win32.Induc.a
Fortinet 3.120.0.0 2009.08.18 -
GData 19 2009.08.18 -
Ikarus T3.1.1.68.0 2009.08.18 Virus.Win32.Induc
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 7.0.0.125 2009.08.18 Virus.Win32.Induc.a
McAfee 5713 2009.08.18 W32/Induc
McAfee+Artemis 5713 2009.08.18 W32/Induc
McAfee-GW-Edition 6.8.5 2009.08.18 Win32.Induc.A
Microsoft 1.4903 2009.08.18 Virus:Win32/Induc.A
NOD32 4346 2009.08.18 a variant of Win32/Induc.A
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 10.0.0.14 2009.08.18 Suspicious file
PCTools 4.4.2.0 2009.08.18 -
Prevx 3.0 2009.08.18 Medium Risk Malware
Rising 21.43.14.00 2009.08.18 -
Sophos 4.44.0 2009.08.18 W32/Induc-A
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 1.4.4.12 2009.08.18 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 3.12.10.9 2009.08.18 -
ViRobot 2009.8.18.1889 2009.08.18 -
VirusBuster 4.6.5.0 2009.08.18 Virus.Win32.Induc

Additional information
File size: 3281408 bytes
MD5...: 8b47125b2ccadcddd45ed8dd53c7dcf2
SHA1..: 9f6c4aff36669b591905180dd2e5c5706ae29edb
SHA256: 3a99d3df2b1461456c1962c00b3f831c795d427d6475a6b92f 145c3aafc1f2cc
ssdeep: 49152:63/FrwrF+ORrT8XkirH2cAk2bhDNzgb4yz8UGDsTDy1/Qzf9am:63Nrwx+
orT8XktZk2bDzLPVDZ1/Q9
PEiD..: -
TrID..: File type identification
InstallShield setup (37.7%)
Win32 EXE PECompact compressed (generic) (36.4%)
Win32 Executable Delphi generic (12.8%)
Win32 Executable Generic (7.4%)
Win16/32 Executable Delphi generic (1.8%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2951b8
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

Prevx info: http://info.prevx.com/aboutprogramte...18C4007D4D7751

[senyak]

Файл Avira-Key-FinderV2.00.exe получен 2009.08.19 20:32:39 (UTC)
Текущий статус: закончено
Результат: 17/41 (41.47%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.19 Trojan-Dropper.Win32.Hupigon!IK
AhnLab-V3 5.0.0.2 2009.08.19 -
AntiVir 7.9.1.3 2009.08.19 BDS/Bifrose.fqs.2
Antiy-AVL 2.0.3.7 2009.08.18 Backdoor/Win32.Bifrose.gen
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.19 -
AVG 8.5.0.406 2009.08.19 Agent.4.AP
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2026 2009.08.19 -
DrWeb 5.0.0.12182 2009.08.19 BackDoor.Bifrost.8
eSafe 7.0.17.0 2009.08.19 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.19 Backdoor.Win32.Bifrose.fqs
Fortinet 3.120.0.0 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3.1.1.68.0 2009.08.19 Trojan-Dropper.Win32.Hupigon
Jiangmin 11.0.800 2009.08.19 Backdoor/Agent.cidw
K7AntiVirus 7.10.822 2009.08.19 -
Kaspersky 7.0.0.125 2009.08.19 Backdoor.Win32.Bifrose.fqs
McAfee 5714 2009.08.19 BackDoor-CEP.gen.am
McAfee+Artemis 5714 2009.08.19 Suspect-29!84420B71249B
McAfee-GW-Edition 6.8.5 2009.08.19 Heuristic.BehavesLike.Win32.Dropper.H
Microsoft 1.4903 2009.08.19 -
NOD32 4349 2009.08.19 -
Norman 6.01.09 2009.08.19 -
nProtect 2009.1.8.0 2009.08.19 -
Panda 10.0.0.14 2009.08.19 Trj/CI.A
PCTools 4.4.2.0 2009.08.19 -
Prevx 3.0 2009.08.19 High Risk System Back Door
Rising 21.43.24.00 2009.08.19 Backdoor.Win32.Mnless.clm
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 1.4.4.12 2009.08.19 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 3.12.10.9 2009.08.19 Backdoor.Win32.Bifrose.fqs
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 4.6.5.0 2009.08.19 Backdoor.Bifrose.AHHB

Дополнительная информация
File size: 253304 bytes
MD5...: 84420b71249baef0d642dc1384cbd2bb
SHA1..: 0f845978132c80998bffc2c54ab759daa93336f9
SHA256: 5baca7bc80efb19bb87ea517bf07dfdd6687ab8a35bb0567bc 89ce848a72a115
ssdeep: 3072:uwxVMhOC/dTDbq91+mno3t4QZQ3rVbpMgAITNzYpvGUJ9ROfr7w4lh+vC9Y
zDOCj:uTfFDbRnOTrVbpMQTQbUz7ww+6nF3k
PEiD..: -
TrID..: File type identification
WinRAR Self Extracting archive (96.2%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Generic Win/DOS Executable (0.3%)
DOS Executable Generic (0.3%)
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...115-1250713959

Добавлено через 1 час 49 минут

Файл VK_golosa_v3.8.bat получен 2009.08.19 22:02:36 (UTC)
Текущий статус: закончено
Результат: 15/41 (36.59%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.19 Trojan.BAT.Qhost!IK
AhnLab-V3 5.0.0.2 2009.08.19 BAT/Vkhost
AntiVir 7.9.1.3 2009.08.19 -
Antiy-AVL 2.0.3.7 2009.08.18 Trojan/BAT.Qhost
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.19 -
AVG 8.5.0.406 2009.08.19 Hosts
BitDefender 7.2 2009.08.19 Trojan.Script.155885
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 Trojan.BAT.Qhost-4
Comodo 2026 2009.08.19 TrojWare.BAT.Qhost.ej
DrWeb 5.0.0.12182 2009.08.19 BAT.Hosts.20
eSafe 7.0.17.0 2009.08.19 -
eTrust-Vet 31.6.6688 2009.08.19 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.19 Trojan.BAT.Qhost.ej
Fortinet 3.120.0.0 2009.08.19 Adware/ChangeHost
GData 19 2009.08.19 Trojan.Script.155885
Ikarus T3.1.1.68.0 2009.08.19 Trojan.BAT.Qhost
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.822 2009.08.19 -
Kaspersky 7.0.0.125 2009.08.19 Trojan.BAT.Qhost.ej
McAfee 5714 2009.08.19 -
McAfee+Artemis 5714 2009.08.19 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4349 2009.08.19 BAT/Qhost.NCB
Norman 6.01.09 2009.08.19 -
nProtect 2009.1.8.0 2009.08.19 -
Panda 10.0.0.14 2009.08.19 -
PCTools 4.4.2.0 2009.08.19 -
Prevx 3.0 2009.08.19 -
Rising 21.43.24.00 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 1.4.4.12 2009.08.19 Trojan Horse
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 3.12.10.9 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 4.6.5.0 2009.08.19 -

Дополнительная информация
File size: 13610 bytes
MD5...: adc8fd6a2ae4e11c749445bf4bf94b7d
SHA1..: 9c88c0acb43d9126d38c98b58e356c6d698b7a3b
SHA256: a9da4d47a8b9dbd36e89bd241876cccb3861d22e092e7144aa 36d96dc151b698
ssdeep: 384:QQ705SlCsVmvNocg9CJi+xJ22z+HgDRqcxjuXoKJD44fYp M5UtzU0B1Y3DQa
QVSz:QQ705SlCsVmvNocg9CJi+xJ22z+HgDRu
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

http://www.virustotal.com/ru/analisi...698-1250719356

[senyak]

Файл Rat.exe получен 2009.08.20 17:16:49 (UTC)
Текущий статус: закончено
Результат: 8/41 (19.51%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.20 Riskware.Win32.Vbinder!IK
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 Win32:VB-NBM
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 Gen:Trojan.Heur.fm0@drDLEchi
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2036 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 BackDoor.Poison.686
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 Gen:Trojan.Heur.fm0@drDLEchi
Ikarus T3.1.1.68.0 2009.08.20 VirTool.Win32.Vbinder
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 VirTool:Win32/VBInject.gen!BW
NOD32 4352 2009.08.20 a variant of Win32/Injector.WN
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Дополнительная информация
File size: 86016 bytes
MD5 : 95412a6164bc854d1390cd796ef0fb60
SHA1 : 1ebf27edb2e4aa54dbc0c2f4201ffee530da5136
SHA256: 041c5b0f7e25a66f9312199aefbc74f73a5380eca8f1eab01f ece461fa6b84be
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x10E4
timedatestamp.....: 0x4A85A8AC (Fri Aug 14 20:10:52 2009)
machinetype.......: 0x14C (Intel I386)

http://www.virustotal.com/ru/analisi...4be-1250788609




Файл StartServ.exe получен 2009.08.20 17:17:10 (UTC)
Текущий статус: закончено
Результат: 9/41 (21.95%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.20 Riskware.Win32.Vbinder!IK
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 Win32:VB-NBM
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 Gen:Trojan.Heur.nm0@sOSvuZgi
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2036 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 Trojan.PWS.Multi.75
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 Gen:Trojan.Heur.nm0@sOSvuZgi
Ikarus T3.1.1.68.0 2009.08.20 VirTool.Win32.Vbinder
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 Heuristic.LooksLike.Trojan.Refroso.Awi.H
Microsoft 1.4903 2009.08.20 VirTool:Win32/VBInject.gen!BW
NOD32 4352 2009.08.20 a variant of Win32/Injector.WN
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Дополнительная информация
File size: 217088 bytes
MD5 : 79aec5d1f68efcc305c8448be8cd5865
SHA1 : bf98d92dee1ac5bbb5982a9e2384977c90c108e0
SHA256: fd2d42c44eb4493b20ea47366111bd20d33200bec4d99b262a ff75633f32da85
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x10E4
timedatestamp.....: 0x4A84EE6B (Fri Aug 14 06:56:11 2009)
machinetype.......: 0x14C (Intel I386)

http://www.virustotal.com/ru/analisi...a85-1250788630

[valho]

File vk.exe received on 2009.08.23 00:26:29 (UTC)
Current status: finished
Result: 7/41 (17.08%)

a-squared 4.5.0.24 2009.08.22 Trojan.Win32.Buzus!IK
AhnLab-V3 5.0.0.2 2009.08.21 -
AntiVir 7.9.1.3 2009.08.21 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.08.21 -
Authentium 5.1.2.4 2009.08.22 -
Avast 4.8.1335.0 2009.08.22 -
AVG 8.5.0.406 2009.08.22 -
BitDefender 7.2 2009.08.23 -
CAT-QuickHeal 10.00 2009.08.22 -
ClamAV 0.94.1 2009.08.22 -
Comodo 2063 2009.08.23 -
DrWeb 5.0.0.12182 2009.08.23 Trojan.DownLoad.41341
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6694 2009.08.21 -
F-Prot 4.4.4.56 2009.08.22 -
F-Secure 8.0.14470.0 2009.08.23 -
Fortinet 3.120.0.0 2009.08.22 -
GData 19 2009.08.23 -
Ikarus T3.1.1.68.0 2009.08.22 Trojan.Win32.Buzus
Jiangmin 11.0.800 2009.08.21 -
K7AntiVirus 7.10.825 2009.08.22 -
Kaspersky 7.0.0.125 2009.08.23 Trojan.Win32.Buzus.bvrg
McAfee 5717 2009.08.22 -
McAfee+Artemis 5717 2009.08.22 Suspect-29!A1FF39154E38
McAfee-GW-Edition 6.8.5 2009.08.22 Trojan.Dropper.Gen
Microsoft 1.4903 2009.08.22 -
NOD32 4359 2009.08.22 -
Norman 6.01.09 2009.08.21 -
nProtect 2009.1.8.0 2009.08.22 -
Panda 10.0.0.14 2009.08.22 -
PCTools 4.4.2.0 2009.08.22 -
Prevx 3.0 2009.08.23 -
Rising 21.43.50.00 2009.08.22 -
Sophos 4.44.0 2009.08.22 -
Sunbelt 3.2.1858.2 2009.08.22 -
Symantec 1.4.4.12 2009.08.23 -
TheHacker 6.3.4.3.386 2009.08.22 -
TrendMicro 8.950.0.1094 2009.08.22 -
VBA32 3.12.10.9 2009.08.23 -
ViRobot 2009.8.22.1897 2009.08.22 -
VirusBuster 4.6.5.0 2009.08.22 -

Additional information
File size: 36699 bytes
MD5...: a1ff39154e384a4466b26273310eab8d
SHA1..: e4cdd4bc80c9a0a2d9d5f7dc03eb74f98695cc6a
SHA256: 7b0f5b716119791ae83b02eb945758976b8695f5362a5ad2de 8c2c7979d07cfa
ssdeep: 768:CVKpOHT9gseyDHlWZMnJGy9+4t7eh/tp0u+4:3ZMo6wB+4
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1088
timedatestamp.....: 0x4a8f3350 (Fri Aug 21 23:52:48 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x28b8 0x3000 4.49 bcd95f1c4d4b3a41c16358d27468375e
.data 0x4000 0x3c4 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x5000 0x1000 0x1000 1.99 ea62b9a1b5caef3b58665c8382eac421

( 1 imports )
> MSVBVM60.DLL: -, DllFunctionCall, __vbaExceptHandler, -, -, -, ProcCallEngine, -, -, -, -, -

( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-

[valho]

File VashBonus.exe received on 2009.08.24 22:41:28 (UTC)
Current status: finished
Result: 27/41 (65.86%)

a-squared 4.5.0.24 2009.08.24 Trojan-Banker.Win32.Banker!IK
AhnLab-V3 5.0.0.2 2009.08.24 -
AntiVir 7.9.1.3 2009.08.24 TR/Click.Delf.bzo
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.24 -
Avast 4.8.1335.0 2009.08.24 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.24 Clicker.XBG
BitDefender 7.2 2009.08.25 Trojan.Generic.1691387
CAT-QuickHeal 10.00 2009.08.24 TrojanClicker.Delf.bzo
ClamAV 0.94.1 2009.08.24 Trojan.Clicker-3215
Comodo 2080 2009.08.25 TrojWare.Win32.TrojanClicker.Delf.bzo
DrWeb 5.0.0.12182 2009.08.25 -
eSafe 7.0.17.0 2009.08.24 -
eTrust-Vet 31.6.6698 2009.08.24 -
F-Prot 4.4.4.56 2009.08.24 -
F-Secure 8.0.14470.0 2009.08.24 Trojan-Clicker.Win32.Delf.bzo
Fortinet 3.120.0.0 2009.08.24 Adware/Delf
GData 19 2009.08.25 Trojan.Generic.1691387
Ikarus T3.1.1.68.0 2009.08.24 Trojan-Banker.Win32.Banker
Jiangmin 11.0.800 2009.08.23 -
K7AntiVirus 7.10.826 2009.08.24 Trojan-Clicker.Win32.Delf
Kaspersky 7.0.0.125 2009.08.24 Trojan-Clicker.Win32.Delf.bzo
McAfee 5719 2009.08.24 -
McAfee+Artemis 5719 2009.08.24 Artemis!CB7512439905
McAfee-GW-Edition 6.8.5 2009.08.24 Trojan.Click.Delf.cjk
Microsoft 1.4903 2009.08.24 -
NOD32 4364 2009.08.24 probably a variant of Win32/TrojanClicker.Delf
Norman 2009.08.24 W32/Delf.DGGA
nProtect 2009.1.8.0 2009.08.24 Trojan-Clicker/W32.Agent.1675264
Panda 10.0.0.14 2009.08.24 Trj/Downloader.MDW
PCTools 4.4.2.0 2009.08.24 -
Prevx 3.0 2009.08.25 High Risk Worm
Rising 21.43.62.00 2009.08.24 -
Sophos 4.44.0 2009.08.24 Mal/Behav-053
Sunbelt 3.2.1858.2 2009.08.24 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.08.25 Trojan Horse
TheHacker 6.3.4.3.386 2009.08.22 Trojan/Clicker.Delf.bzo
TrendMicro 8.950.0.1094 2009.08.24 -
VBA32 3.12.10.9 2009.08.24 Trojan-Clicker.Win32.Delf.bzo
ViRobot 2009.8.24.1899 2009.08.24 -
VirusBuster 4.6.5.0 2009.08.24 Trojan.CL.Delf.CQXH

Additional information
File size: 1675264 bytes
MD5...: cb75124399057819a8262fda0bcabd8b
SHA1..: 2dbc57848ba77c5b329b7c18a0949d38673421fa
SHA256: 38b30ed40e6c28326b641dbdda9f246b705a4b5790f8d6a6e3 677d4c320fee51
ssdeep: 24576:D2DMNBZzRTYHcagijozx7uC29IbnxHxLRhzMoYRuYW5e NOtvsBxMl1yGsz
O:qD47zne2LbnL9hYRWlVl1yp
PEiD..: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Borland Delphi 7 (44.7%)
Win32 Executable Borland Delphi 5 (30.1%)
Win32 Executable Borland Delphi 6 (17.5%)
InstallShield setup (2.8%)
Win32 EXE PECompact compressed (generic) (2.7%)
http://info.prevx.com/aboutprogramte...2727003263DAC7

File ___________.exe received on 2009.08.24 22:42:35 (UTC)
Current status: finished
Result: 9/40 (22.5%)

AhnLab-V3 5.0.0.2 2009.08.24 -
AntiVir 7.9.1.3 2009.08.24 TR/Click.Delf.cjk
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.24 -
Avast 4.8.1335.0 2009.08.24 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.24 -
BitDefender 7.2 2009.08.25 -
CAT-QuickHeal 10.00 2009.08.24 -
ClamAV 0.94.1 2009.08.24 -
Comodo 2079 2009.08.25 -
DrWeb 5.0.0.12182 2009.08.25 -
eSafe 7.0.17.0 2009.08.24 -
eTrust-Vet 31.6.6698 2009.08.24 -
F-Prot 4.4.4.56 2009.08.24 -
F-Secure 8.0.14470.0 2009.08.24 -
Fortinet 3.120.0.0 2009.08.24 -
GData 19 2009.08.25 Win32:Trojan-gen {Other}
Ikarus T3.1.1.68.0 2009.08.24 Trojan-PWS.Win32.QQShou
Jiangmin 11.0.800 2009.08.23 -
K7AntiVirus 7.10.826 2009.08.24 -
Kaspersky 7.0.0.125 2009.08.24 -
McAfee 5719 2009.08.24 -
McAfee+Artemis 5719 2009.08.24 Artemis!AA96B1FE23FE
McAfee-GW-Edition 6.8.5 2009.08.24 Trojan.Click.Delf.cjk
Microsoft 1.4903 2009.08.24 -
NOD32 4364 2009.08.24 probably a variant of Win32/TrojanClicker.Delf
Norman 2009.08.24 -
nProtect 2009.1.8.0 2009.08.24 -
Panda 10.0.0.14 2009.08.24 -
PCTools 4.4.2.0 2009.08.24 -
Prevx 3.0 2009.08.25 -
Rising 21.43.62.00 2009.08.24 -
Sophos 4.44.0 2009.08.24 Mal/Behav-053
Sunbelt 3.2.1858.2 2009.08.24 -
Symantec 1.4.4.12 2009.08.25 -
TheHacker 6.3.4.3.386 2009.08.22 -
TrendMicro 8.950.0.1094 2009.08.24 -
VBA32 3.12.10.9 2009.08.24 suspected of Embedded.Trojan-Clicker.Win32.Delf.ayt
ViRobot 2009.8.24.1899 2009.08.24 -
VirusBuster 4.6.5.0 2009.08.24 -

Additional information
File size: 1477632 bytes
MD5...: b39ad8ee0da88e83c1e1b5f85ccdc9f0
SHA1..: f84b6815ea403d9216bb3e89e8fcf4dfd01fe32c
SHA256: 5da01f0ac9dfa37fdbd068881690e3648e9e369c8a0fedb9d4 e5e7dd0fac8944
ssdeep: 24576:6eGfgyN4sHBN+Wp5Ccl1NH12YRuYW5eNOtvsBxMl1yGs zd0:6lV3Tp/jnR
WlVl1yp
PEiD..: -
RDS...: NSRL Reference Data Set
-
trid..: Win32 Executable Borland Delphi 7 (46.0%)
Win32 Executable Borland Delphi 5 (31.0%)
Win32 Executable Borland Delphi 6 (18.0%)
Win32 EXE PECompact compressed (generic) (2.8%)
Win32 Executable Delphi generic (1.0%)
pdfid.: -

File _________________.exe received on 2009.08.24 22:43:49 (UTC)
Current status: finished
Result: 11/40 (27.5%)

a-squared 4.5.0.24 2009.08.24 Trojan-PWS.Win32.QQShou!IK
AhnLab-V3 5.0.0.2 2009.08.24 -
AntiVir 7.9.1.3 2009.08.24 TR/Click.Delf.cjk
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.24 -
Avast 4.8.1335.0 2009.08.24 Win32:Trojan-gen {Other}
BitDefender 7.2 2009.08.25 -
CAT-QuickHeal 10.00 2009.08.24 -
ClamAV 0.94.1 2009.08.24 Trojan.Clicker-3215
Comodo 2080 2009.08.25 -
DrWeb 5.0.0.12182 2009.08.25 -
eSafe 7.0.17.0 2009.08.24 -
eTrust-Vet 31.6.6698 2009.08.24 -
F-Prot 4.4.4.56 2009.08.24 -
F-Secure 8.0.14470.0 2009.08.24 -
Fortinet 3.120.0.0 2009.08.24 -
GData 19 2009.08.25 Win32:Trojan-gen {Other}
Ikarus T3.1.1.68.0 2009.08.24 Trojan-PWS.Win32.QQShou
Jiangmin 11.0.800 2009.08.23 -
K7AntiVirus 7.10.826 2009.08.24 -
Kaspersky 7.0.0.125 2009.08.24 -
McAfee 5719 2009.08.24 -
McAfee+Artemis 5719 2009.08.24 Artemis!AA96B1FE23FE
McAfee-GW-Edition 6.8.5 2009.08.24 Trojan.Click.Delf.cjk
Microsoft 1.4903 2009.08.24 -
NOD32 4364 2009.08.24 probably a variant of Win32/TrojanClicker.Delf
Norman 2009.08.24 -
nProtect 2009.1.8.0 2009.08.24 -
Panda 10.0.0.14 2009.08.24 -
PCTools 4.4.2.0 2009.08.24 -
Prevx 3.0 2009.08.25 -
Rising 21.43.62.00 2009.08.24 -
Sophos 4.44.0 2009.08.24 Mal/Behav-053
Sunbelt 3.2.1858.2 2009.08.24 -
Symantec 1.4.4.12 2009.08.25 -
TheHacker 6.3.4.3.386 2009.08.22 -
TrendMicro 8.950.0.1094 2009.08.24 -
VBA32 3.12.10.9 2009.08.24 suspected of Embedded.Trojan-Clicker.Win32.Delf.ayt
ViRobot 2009.8.24.1899 2009.08.24 -
VirusBuster 4.6.5.0 2009.08.24 -

Additional information
File size: 1477632 bytes
MD5...: c9e7ffcdfd8fa4729f00e4b0536fa20c
SHA1..: a6210e795e67f5961323567505e2a8a82962ab93
SHA256: 64c549fba0f71e50f704938f47a56cb7a157d35384ebd32acc 51cac057f8162c
ssdeep: 24576:yeGfgyNEgHBN+OpFCct1dmSeYRuYW5eNOtvsBxMl1yGs zdG:ylVvrpLP/R
WlVl1yp
PEiD..: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Borland Delphi 7 (46.0%)
Win32 Executable Borland Delphi 5 (31.0%)
Win32 Executable Borland Delphi 6 (18.0%)
Win32 EXE PECompact compressed (generic) (2.8%)
Win32 Executable Delphi generic (1.0%)

[senyak]

Файл 7.exe получен 2009.08.26 19:40:04 (UTC)
Текущий статус: закончено
Результат: 19/41 (46.35%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.26 Trojan.Win32.Buzus!IK
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.26 -
Avast 4.8.1335.0 2009.08.26 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.26 Dropper.Generic.AVLF
BitDefender 7.2 2009.08.26 -
CAT-QuickHeal 10.00 2009.08.25 -
ClamAV 0.94.1 2009.08.26 -
Comodo 2100 2009.08.26 -
DrWeb 5.0.0.12182 2009.08.26 Trojan.MulDrop.6457
eSafe 7.0.17.0 2009.08.26 -
eTrust-Vet 31.6.6702 2009.08.26 -
F-Prot 4.5.1.85 2009.08.25 -
F-Secure 8.0.14470.0 2009.08.26 Trojan.Win32.Buzus.bvxm
Fortinet 3.120.0.0 2009.08.26 PossibleThreat
GData 19 2009.08.26 Win32:Trojan-gen {Other}
Ikarus T3.1.1.68.0 2009.08.26 Trojan.Win32.Buzus
Jiangmin 11.0.800 2009.08.26 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.26 Trojan.Win32.Buzus.bvxm
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 Suspect-29!8FCA69CCE581
McAfee-GW-Edition 6.8.5 2009.08.26 Heuristic.LooksLike.Trojan.Dropper.H
Microsoft 1.4903 2009.08.26 -
NOD32 4371 2009.08.26 probably a variant of Win32/Injector.XU
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 Suspicious file
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.26 Medium Risk Malware
Rising 21.44.11.00 2009.08.25 -
Sophos 4.44.0 2009.08.26 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.26 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.08.26 Trojan Horse
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.26 -
VBA32 3.12.10.10 2009.08.26 -
ViRobot 2009.8.26.1903 2009.08.26 -
VirusBuster 4.6.5.0 2009.08.26 Trojan.Buzus.AIGD

Дополнительная информация
File size: 52566 bytes
MD5...: 8fca69cce58103a86a2b7e2a7378b389
SHA1..: b5f646a551221aa3aa5cc16f4a0dba337a4d0bdf
SHA256: 355967a7bf77b77675b65e7555b92a3d1f66570c0a4b4b146a e7605df640e8a7
ssdeep: 768:nzK1epOHT9gseyDHKWVm1JkHbRmVMd+4P8dwkaNBPFEiLA Vj+HkEev/I6peh
Ctyz:nzoVmD0SMddVuisJRQCt4c2
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1088
timedatestamp.....: 0x4a907686 (Sat Aug 22 22:51:50 2009)
machinetype.......: 0x14c (I386)

http://www.virustotal.com/ru/analisi...8a7-1251315604




Файл all.exe получен 2009.08.26 19:42:22 (UTC)
Текущий статус: закончено
Результат: 9/41 (21.96%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.26 PWS.Win32!IK
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.26 -
Avast 4.8.1335.0 2009.08.26 -
AVG 8.5.0.406 2009.08.26 -
BitDefender 7.2 2009.08.26 -
CAT-QuickHeal 10.00 2009.08.25 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.08.26 -
Comodo 2100 2009.08.26 -
DrWeb 5.0.0.12182 2009.08.26 -
eSafe 7.0.17.0 2009.08.26 Suspicious File
eTrust-Vet 31.6.6702 2009.08.26 -
F-Prot 4.5.1.85 2009.08.25 -
F-Secure 8.0.14470.0 2009.08.26 -
Fortinet 3.120.0.0 2009.08.26 -
GData 19 2009.08.26 -
Ikarus T3.1.1.68.0 2009.08.26 PWS.Win32
Jiangmin 11.0.800 2009.08.26 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.26 Trojan-Spy.Win32.Zbot.aaji
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 Artemis!2D25A86D5A53
McAfee-GW-Edition 6.8.5 2009.08.26 Heuristic.LooksLike.Trojan.Dropper.B
Microsoft 1.4903 2009.08.26 PWS:Win32/Zbot.PG
NOD32 4371 2009.08.26 -
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 Trj/CI.A
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.26 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.44.0 2009.08.26 -
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.26 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.26 -
VBA32 3.12.10.10 2009.08.26 -
ViRobot 2009.8.26.1903 2009.08.26 -
VirusBuster 4.6.5.0 2009.08.26 -

Дополнительная информация
File size: 72192 bytes
MD5...: 2d25a86d5a536e708604394da279c0a7
SHA1..: a3f4aa0be22f8a16391b824a5c480f42a0f30607
SHA256: 04aab242f10876f8e9db8dcfc0202943bc1c1ec1c2faea613d 0414b08768d1e0
ssdeep: 1536:NbIyj9FbfT9v/61FKfe+9CKYtSkk7CFkzdTDTk/GO:Rjj9FDT92KfeyC7tS
kkGmYb
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...1e0-1251315742




Файл exactSitDummy.pdf получен 2009.08.26 19:44:08 (UTC)
Текущий статус: закончено
Результат: 10/40 (25%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.26 Exploit.Win32.Pidief!IK
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 HTML/Malicious.PDF.Gen
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.26 -
Avast 4.8.1335.0 2009.08.26 -
AVG 8.5.0.406 2009.08.26 -
BitDefender 7.2 2009.08.26 Trojan.Agent.ANKZ
CAT-QuickHeal 10.00 2009.08.25 -
ClamAV 0.94.1 2009.08.26 -
Comodo 2102 2009.08.26 Exploit.PDF.Pidief.~GGA
DrWeb 5.0.0.12182 2009.08.26 -
eSafe 7.0.17.0 2009.08.26 -
eTrust-Vet None 2009.08.26 -
F-Prot 4.5.1.85 2009.08.25 -
F-Secure 8.0.14470.0 2009.08.26 Exploit:W32/Pidief.GZ
Fortinet 3.120.0.0 2009.08.26 -
GData 19 2009.08.26 Trojan.Agent.ANKZ
Ikarus T3.1.1.68.0 2009.08.26 Exploit.Win32.Pidief
Jiangmin 11.0.800 2009.08.26 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.26 Exploit.Win32.Pidief.bll
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 -
McAfee-GW-Edition 6.8.5 2009.08.26 Script.Malicious.PDF.Gen
Microsoft 1.4903 2009.08.26 -
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 -
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.26 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.44.0 2009.08.26 Mal/PDFJs-L
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.26 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.26 -
VBA32 3.12.10.10 2009.08.26 -
ViRobot 2009.8.26.1903 2009.08.26 -
VirusBuster 4.6.5.0 2009.08.26 -

Дополнительная информация
File size: 83493 bytes
MD5...: ee3bc6ce4af34ea523824607ca17cba7
SHA1..: fc2ed41d7512a73c8b6d59a3c80e186e5a08f3eb
SHA256: 45baf4ac46fa750235ab7595a76a16b71331a82a48e6f4c1de 156db244f91a36
ssdeep: 1536:L6CGwZb/dcU3oJcE5QO7BLMCHhmsOlYs7B1QXxDjfRutH5LAS/FGfg4vH1B
MXyzo:vGab/dclmE5QO7BL/HhBOT7B4xxutZLj
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set

http://www.virustotal.com/ru/analisi...a36-1251315848




Файл gsb.exe получен 2009.08.26 19:45:08 (UTC)
Текущий статус: закончено
Результат: 6/41 (14.64%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.26 -
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.26 -
Avast 4.8.1335.0 2009.08.26 -
AVG 8.5.0.406 2009.08.26 -
BitDefender 7.2 2009.08.26 -
CAT-QuickHeal 10.00 2009.08.25 -
ClamAV 0.94.1 2009.08.26 -
Comodo 2100 2009.08.26 -
DrWeb 5.0.0.12182 2009.08.26 -
eSafe 7.0.17.0 2009.08.26 Suspicious File
eTrust-Vet 31.6.6702 2009.08.26 -
F-Prot 4.5.1.85 2009.08.25 -
F-Secure 8.0.14470.0 2009.08.26 -
Fortinet 3.120.0.0 2009.08.26 -
GData 19 2009.08.26 -
Ikarus T3.1.1.68.0 2009.08.26 -
Jiangmin 11.0.800 2009.08.26 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.26 Trojan-Banker.Win32.Bancos.fzx
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 Artemis!5C09C73B1AF0
McAfee-GW-Edition 6.8.5 2009.08.26 Heuristic.LooksLike.Win32.SuspiciousPE.B
Microsoft 1.4903 2009.08.26 -
NOD32 4371 2009.08.26 -
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 Suspicious file
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.26 -
Rising 21.44.11.00 2009.08.25 Packer.Win32.LoveLHM.a [Suspicious]
Sophos 4.44.0 2009.08.26 -
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.26 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.26 -
VBA32 3.12.10.10 2009.08.26 -
ViRobot 2009.8.26.1903 2009.08.26 -
VirusBuster 4.6.5.0 2009.08.26 -

Дополнительная информация
File size: 114688 bytes
MD5...: 5c09c73b1af0f606b1874e90c6eec656
SHA1..: 93a0adf4cc9fd3b283f580d2938db9e91d2d1ec9
SHA256: 013f5e4d231f7159ec179122e446ffe72050f26b0a1acc557c 02b894066a6821
ssdeep: 3072:lHzMU0sV0P3oJfFnPLVxLGnGEQk8nrwCVIrZ:lTMUlVo3 o9FxtGddUwCo
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...821-1251315908




Файл installer.1.exe получен 2009.08.26 19:49:49 (UTC)
Текущий статус: закончено
Результат: 16/41 (39.03%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.26 Trojan.Win32.FakePlus!IK
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.26 -
Avast 4.8.1335.0 2009.08.26 -
AVG 8.5.0.406 2009.08.26 -
BitDefender 7.2 2009.08.26 Gen:Trojan.Heur.fqW@vv5ziDiix
CAT-QuickHeal 10.00 2009.08.25 -
ClamAV 0.94.1 2009.08.26 -
Comodo 2100 2009.08.26 -
DrWeb 5.0.0.12182 2009.08.26 -
eSafe 7.0.17.0 2009.08.26 Suspicious File
eTrust-Vet 31.6.6702 2009.08.26 -
F-Prot 4.5.1.85 2009.08.25 -
F-Secure 8.0.14470.0 2009.08.26 -
Fortinet 3.120.0.0 2009.08.26 -
GData 19 2009.08.26 Gen:Trojan.Heur.fqW@vv5ziDiix
Ikarus T3.1.1.68.0 2009.08.26 Trojan.Win32.FakePlus
Jiangmin 11.0.800 2009.08.26 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.26 -
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 Artemis!1D8EED6EE846
McAfee-GW-Edition 6.8.5 2009.08.26 Heuristic.BehavesLike.Win32.PasswordStealer.H
Microsoft 1.4903 2009.08.26 Trojan:Win32/FakePlus
NOD32 4371 2009.08.26 a variant of Win32/TrojanDownloader.FakeAlert.AGT
Norman 2009.08.26 W32/FakeAV.P!genr
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 Trj/CI.A
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.26 High Risk Cloaked Malware
Rising 21.44.11.00 2009.08.25 Packer.Win32.UnkPacker.a [Suspicious]
Sophos 4.44.0 2009.08.26 Mal/FakeAv-BC
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.26 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.26 Cryp_FakeAV-13
VBA32 3.12.10.10 2009.08.26 suspected of Win32.Trojan.Downloader (http://...)
ViRobot 2009.8.26.1903 2009.08.26 -
VirusBuster 4.6.5.0 2009.08.26 -

Дополнительная информация
File size: 94720 bytes
MD5...: 1d8eed6ee8462fd0caed73f988fdbb66
SHA1..: 9fb1efdba7f8085ad931a9f1787f0210606493f3
SHA256: 0463b01266d68388575e9da77a83089d25897b58478105486f 0cb7faa72f2e3c
ssdeep: 1536:gy3z6J1ZPVJJtRZkNJBrbhFjUZeT00DuzTIwPgJaEQqOX MkNN/cjscchq/e
:gy3z6xrLRZQJB34ZfbISgJfcMegAh+
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...e3c-1251316189




Файл uniblue_registry_booster_2009_new получен 2009.08.26 19:50:39 (UTC)
Текущий статус: закончено
Результат: 17/41 (41.47%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.26 Trojan-Downloader.Win32.Small!IK
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 -
Antiy-AVL 2.0.3.7 2009.08.24 Trojan/Win32.Small.gen
Authentium 5.1.2.4 2009.08.26 -
Avast 4.8.1335.0 2009.08.26 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.26 -
BitDefender 7.2 2009.08.26 -
CAT-QuickHeal 10.00 2009.08.25 -
ClamAV 0.94.1 2009.08.26 -
Comodo 2100 2009.08.26 -
DrWeb 5.0.0.12182 2009.08.26 Trojan.DownLoad.40183
eSafe 7.0.17.0 2009.08.26 -
eTrust-Vet 31.6.6702 2009.08.26 -
F-Prot 4.5.1.85 2009.08.25 W32/Virut.AI!Generic
F-Secure 8.0.14470.0 2009.08.26 Trojan-Downloader.Win32.Small.kdj
Fortinet 3.120.0.0 2009.08.26 -
GData 19 2009.08.26 Win32:Trojan-gen {Other}
Ikarus T3.1.1.68.0 2009.08.26 Trojan-Downloader.Win32.Small
Jiangmin 11.0.800 2009.08.26 TrojanDownloader.Small.anjq
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.26 Trojan-Downloader.Win32.Small.amcd
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 Artemis!CAD6E4B2953B
McAfee-GW-Edition 6.8.5 2009.08.26 -
Microsoft 1.4903 2009.08.26 TrojanDownloader:Win32/Troxen!rts
NOD32 4371 2009.08.26 a variant of Win32/TrojanDownloader.Agent.PHH
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 Trj/CI.A
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.26 High Risk Cloaked Malware
Rising 21.44.11.00 2009.08.25 Trojan.Clicker.Win32.Undef.kz
Sophos 4.44.0 2009.08.26 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.26 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.26 -
VBA32 3.12.10.10 2009.08.26 -
ViRobot 2009.8.26.1903 2009.08.26 -
VirusBuster 4.6.5.0 2009.08.26 -

Дополнительная информация
File size: 253259 bytes
MD5...: cad6e4b2953b044dc53aabca17c5eab6
SHA1..: 6480f708fe1ee0990d563f59f88e300f305e56fa
SHA256: 6f5d5d51ddb434c14ce2fc12782e3e548077e9db091012dccd 1961cfabc1e546
ssdeep: 6144:fjODTivf263n4bCZAehIsGYlgBG8M7Lq8GsQOX3Tu/Be:fjODTivF9GzlVM
KeS4
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...546-1251316239

[valho]

File Alexa.9.0.0.28.exe received on 2009.08.27 06:54:51 (UTC)
Current status: finished
Result: 1/41 (2.44%)

a-squared 4.5.0.24 2009.08.27 -
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.26 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.27 -
Avast 4.8.1335.0 2009.08.26 -
AVG 8.5.0.406 2009.08.26 -
BitDefender 7.2 2009.08.27 -
CAT-QuickHeal 10.00 2009.08.25 -
ClamAV 0.94.1 2009.08.27 -
Comodo 2102 2009.08.27 -
DrWeb 5.0.0.12182 2009.08.27 -
eSafe 7.0.17.0 2009.08.26 -
eTrust-Vet 31.6.6703 2009.08.26 -
F-Prot 4.5.1.85 2009.08.26 -
F-Secure 8.0.14470.0 2009.08.27 -
Fortinet 3.120.0.0 2009.08.27 Adware/AlexaBar
GData 19 2009.08.27 -
Ikarus T3.1.1.68.0 2009.08.27 -
Jiangmin 11.0.800 2009.08.27 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.27 -
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 -
McAfee-GW-Edition 6.8.5 2009.08.26 -
Microsoft 1.4903 2009.08.27 -
NOD32 4371 2009.08.26 -
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.26 -
Panda 10.0.2.2 2009.08.26 -
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.27 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.44.0 2009.08.27 -
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.27 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.27 -
VBA32 3.12.10.10 2009.08.27 -
ViRobot 2009.8.26.1904 2009.08.27 -
VirusBuster 4.6.5.0 2009.08.26 -

File size: 473424 bytes
MD5...: ef6913c139b938c864387b92d2fd965c
SHA1..: 3e5b784b9366ed4bdef54460d54b8772bd11e557
SHA256: 3803d3426d93cd6a9a05cbfc6370ddddaace86c0aa96fc5fd0 c665d294fb5ed4
ssdeep: 12288:HOqdOJPJ1RNnwFt2WThEDnwebsjc8Senqppjgl3N:HOq YLNCUk+Dnwe5E6
c
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3542
timedatestamp.....: 0x4980b534 (Wed Jan 28 19:42:44 2009)
machinetype.......: 0x14c (I386)
http://www.threatexpert.com/report.a...387b92d2fd965c

Добавлено через 4 часа 14 минут

Плагин для миранды. Cтранно, но локально авира ничего не находит
File VKontakte.dll received on 2009.08.27 10:38:37 (UTC)
Current status: finished
Result: 27/41 (65.86%)

a-squared 4.5.0.24 2009.08.27 Virus.Win32.Induc!IK
AhnLab-V3 5.0.0.2 2009.08.26 -
AntiVir 7.9.1.7 2009.08.27 W32/Induc.A
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.27 W32/Induc.A
Avast 4.8.1335.0 2009.08.26 Win32:Induc
AVG 8.5.0.406 2009.08.26 Win32/Induc
BitDefender 7.2 2009.08.27 Win32.Induc.A
CAT-QuickHeal 10.00 2009.08.27 W32.Induc.A
ClamAV 0.94.1 2009.08.27 Virus.Induc
Comodo 2102 2009.08.27 -
DrWeb 5.0.0.12182 2009.08.27 Win32.Induc
eSafe 7.0.17.0 2009.08.26 -
eTrust-Vet 31.6.6703 2009.08.26 Win32/Induc.A
F-Prot 4.5.1.85 2009.08.26 W32/Induc.A
F-Secure 8.0.14470.0 2009.08.27 Virus.Win32.Induc.a
Fortinet 3.120.0.0 2009.08.27 W32/Induc.A
GData 19 2009.08.27 Win32.Induc.A
Ikarus T3.1.1.68.0 2009.08.27 Virus.Win32.Induc
Jiangmin 11.0.800 2009.08.27 -
K7AntiVirus 7.10.828 2009.08.26 -
Kaspersky 7.0.0.125 2009.08.27 Virus.Win32.Induc.a
McAfee 5721 2009.08.26 W32/Induc
McAfee+Artemis 5721 2009.08.26 W32/Induc
McAfee-GW-Edition 6.8.5 2009.08.27 -
Microsoft 1.4903 2009.08.27 Virus:Win32/Induc.A
NOD32 4372 2009.08.27 -
Norman 2009.08.26 W32/Induc.A
nProtect 2009.1.8.0 2009.08.27 Virus/W32.Induc
Panda 10.0.2.2 2009.08.27 -
PCTools 4.4.2.0 2009.08.26 -
Prevx 3.0 2009.08.27 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.45.0 2009.08.27 W32/Induc-A
Sunbelt 3.2.1858.2 2009.08.26 Virus.Win32.Induc.a (v)
Symantec 1.4.4.12 2009.08.27 W32.Induc.A
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.27 PE_INDUC.A
VBA32 3.12.10.10 2009.08.27 Virus.Win32.Induc.c
ViRobot 2009.8.27.1905 2009.08.27 -
VirusBuster 4.6.5.0 2009.08.26 Win32.Induc

Additional information
File size: 321024 bytes
MD5...: 533ac1c1f63fe1460d11e785f809488f
SHA1..: e2535befac10b421c1cbf54f3e32e06f6f51aaf4
SHA256: f6c9b6a6877b2152b015ed21af945d20d2f213995ce8d1c4cc d84fd666de2ce8
ssdeep: 6144:cWOV9GP8GiikQNtubfhaYnIBEIN7I8sy+Wkvx+q+:UV9G P8GitQNtubfkwI
dp1Gvp+
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3e5c0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
pdfid.: -
trid..: Miranda IM plugin (59.0%)
Win32 Executable Generic (23.8%)
Win16/32 Executable Delphi generic (5.8%)
Generic Win/DOS Executable (5.6%)
DOS Executable Generic (5.6%)

Добавлено через 4 часа 40 минут

File surname.html received on 2009.08.27 15:38:31 (UTC)
Current status: finished
Result: 3/41 (7.32%)

a-squared 4.5.0.24 2009.08.27 -
AhnLab-V3 5.0.0.2 2009.08.27 -
AntiVir 7.9.1.7 2009.08.27 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.27 -
Avast 4.8.1335.0 2009.08.26 -
AVG 8.5.0.406 2009.08.27 -
BitDefender 7.2 2009.08.27 -
CAT-QuickHeal 10.00 2009.08.27 -
ClamAV 0.94.1 2009.08.27 -
Comodo 2114 2009.08.27 -
DrWeb 5.0.0.12182 2009.08.27 -
eSafe 7.0.17.0 2009.08.27 -
eTrust-Vet 31.6.6704 2009.08.27 HTML/Iframe.C!exploit
F-Prot 4.5.1.85 2009.08.26 -
F-Secure 8.0.14470.0 2009.08.27 -
Fortinet 3.120.0.0 2009.08.27 -
GData 19 2009.08.27 -
Ikarus T3.1.1.68.0 2009.08.27 -
Jiangmin 11.0.800 2009.08.27 -
K7AntiVirus 7.10.829 2009.08.27 -
Kaspersky 7.0.0.125 2009.08.27 -
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 -
McAfee-GW-Edition 6.8.5 2009.08.27 Heuristic.LooksLike.JS.Suspicious.A
Microsoft 1.4903 2009.08.27 -
NOD32 4373 2009.08.27 -
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.27 -
Panda 10.0.2.2 2009.08.27 -
PCTools 4.4.2.0 2009.08.27 -
Prevx 3.0 2009.08.27 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.45.0 2009.08.27 -
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.27 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.27 -
VBA32 3.12.10.10 2009.08.27 -
ViRobot 2009.8.27.1905 2009.08.27 -
VirusBuster 4.6.5.0 2009.08.27 -

Additional information
File size: 2781 bytes
MD5...: 86bf006591552e19818da9c9ef676759
SHA1..: a7940f128fa92eb1c68c82a638f858767ed27759
SHA256: 8385fda69dd213a11b27451fc8d21a0421220f5dd271cdd924 701ffaaa54bae9
ssdeep: 48:q003Cvew6MYcp3xyJylGZFBXItSnSlya6+m03WzhFkSYcm0 38oFkSYc3003Bx
bOP:q0ew6MYQ3xyJtXItSnSlya6BVqSYnoqn
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
trid..: Unknown!
pdfid.: -
packers (F-Prot): doc_write, unescape

File m.php received on 2009.08.27 15:43:38 (UTC)
Current status: finished
Result: 11/41 (26.83%)

a-squared 4.5.0.24 2009.08.27 -
AhnLab-V3 5.0.0.2 2009.08.27 -
AntiVir 7.9.1.7 2009.08.27 HTML/Malicious.ActiveX.Gen
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.27 -
Avast 4.8.1335.0 2009.08.26 VBS:Obfuscated-gen
AVG 8.5.0.406 2009.08.27 -
BitDefender 7.2 2009.08.27 Exploit.ADODB.Stream.HF
CAT-QuickHeal 10.00 2009.08.27 -
ClamAV 0.94.1 2009.08.27 -
Comodo 2114 2009.08.27 -
DrWeb 5.0.0.12182 2009.08.27 -
eSafe 7.0.17.0 2009.08.27 -
eTrust-Vet 31.6.6704 2009.08.27 -
F-Prot 4.5.1.85 2009.08.26 JS/Psyme.FB.gen
F-Secure 8.0.14470.0 2009.08.27 -
Fortinet 3.120.0.0 2009.08.27 -
GData 19 2009.08.27 VBS:Obfuscated-gen
Ikarus T3.1.1.68.0 2009.08.27 -
Jiangmin 11.0.800 2009.08.27 -
K7AntiVirus 7.10.829 2009.08.27 -
Kaspersky 7.0.0.125 2009.08.27 -
McAfee 5721 2009.08.26 -
McAfee+Artemis 5721 2009.08.26 -
McAfee-GW-Edition 6.8.5 2009.08.27 Heuristic.BehavesLike.HTML.Suspicious.A
Microsoft 1.4903 2009.08.27 TrojanDownloader:HTML/Adodb.gen!A
NOD32 4373 2009.08.27 JS/TrojanDownloader.Small.NAS
Norman 2009.08.26 -
nProtect 2009.1.8.0 2009.08.27 -
Panda 10.0.2.2 2009.08.27 -
PCTools 4.4.2.0 2009.08.27 HTML.Psyme.Gen
Prevx 3.0 2009.08.27 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.45.0 2009.08.27 Troj/Psyme-JB
Sunbelt 3.2.1858.2 2009.08.26 -
Symantec 1.4.4.12 2009.08.27 -
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.27 -
VBA32 3.12.10.10 2009.08.27 -
ViRobot 2009.8.27.1905 2009.08.27 -
VirusBuster 4.6.5.0 2009.08.27 HTML.Psyme.Gen

Additional information
File size: 795 bytes
MD5...: 1dfc59b7f0a0ef356dff1089322749d0
SHA1..: 9543b7bb05a21c66598f009db281f04beffcc91e
SHA256: 5c78f62f078fbe2fe0bc1275bdb89fbfef088c119a61bc189a d482665bf90843
ssdeep: 24:jEiZ8WupeQ3Zavj8lMeUdOmiW3wW3eMB854bSl7SMvIaYb: 4iZIeQ3Z2QEdOl
83pBc4eN2
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!


File off received on 2009.08.27 15:43:46 (UTC)
Current status: finished
Result: 25/41 (60.98%)

a-squared 4.5.0.24 2009.08.27 JS.Bofra.A.1!IK
AhnLab-V3 5.0.0.2 2009.08.27 -
AntiVir 7.9.1.7 2009.08.27 JS/Bofra.A.1
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.27 JS/OWCref.A
Avast 4.8.1335.0 2009.08.26 JS:CVE-2009-1136-E
AVG 8.5.0.406 2009.08.27 JS/Pakes
BitDefender 7.2 2009.08.27 Exploit.JS.CVE-2009-1136.A
CAT-QuickHeal 10.00 2009.08.27 -
ClamAV 0.94.1 2009.08.27 -
Comodo 2114 2009.08.27 -
DrWeb 5.0.0.12182 2009.08.27 -
eSafe 7.0.17.0 2009.08.27 JS.OfficeExp.a
eTrust-Vet 31.6.6704 2009.08.27 -
F-Prot 4.5.1.85 2009.08.26 JS/OWCref.A
F-Secure 8.0.14470.0 2009.08.27 Exploit.JS.Sheat.a
Fortinet 3.120.0.0 2009.08.27 JS/ShellCode.A!exploit
GData 19 2009.08.27 Exploit.JS.CVE-2009-1136.A
Ikarus T3.1.1.68.0 2009.08.27 JS.Bofra.A.1
Jiangmin 11.0.800 2009.08.27 -
K7AntiVirus 7.10.829 2009.08.27 -
Kaspersky 7.0.0.125 2009.08.27 Exploit.JS.Sheat.a
McAfee 5721 2009.08.26 JS/Exploit-BO.gen
McAfee+Artemis 5721 2009.08.26 JS/Exploit-BO.gen
McAfee-GW-Edition 6.8.5 2009.08.27 Heuristic.BehavesLike.HTML.Suspicious.A
Microsoft 1.4903 2009.08.27 Exploit:JS/CVE-2009-1136.A
NOD32 4373 2009.08.27 -
Norman 2009.08.26 HTML/Shellcode.H
nProtect 2009.1.8.0 2009.08.27 Trojan.Script.7583
Panda 10.0.2.2 2009.08.27 -
PCTools 4.4.2.0 2009.08.27 -
Prevx 3.0 2009.08.27 -
Rising 21.44.11.00 2009.08.25 Hack.Exploit.Script.JS.Bucode.m
Sophos 4.45.0 2009.08.27 Exp/OWCref-B
Sunbelt 3.2.1858.2 2009.08.26 Exploit-CVE2009-0075 (v)
Symantec 1.4.4.12 2009.08.27 Bloodhound.Exploit.263
TheHacker 6.3.4.3.388 2009.08.25 -
TrendMicro 8.950.0.1094 2009.08.27 Mal_JShel
VBA32 3.12.10.10 2009.08.27 -
ViRobot 2009.8.27.1905 2009.08.27 -
VirusBuster 4.6.5.0 2009.08.27 JS.BOFExploit.Gen

Additional information
File size: 1674 bytes
MD5...: a983cf2e82a10d26af5f24d6881c9ae0
SHA1..: 8c469abab31932d62e6675a08129f23d5a6ba9d1
SHA256: b8febdd17231e09412ee360e58382b954ec8e3d9ab0ccd71ef 67dad072ff423a
ssdeep: 48:5PT6EtqJEbffMNfAg3EafUV/bVVIweWEWhWSWEWvA+1Pf:5b6E84fSfANV/4w
ezuNr3+J
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: HyperText Markup Language (100.0%)

[senyak]

Файл vcard.exe получен 2009.08.30 15:51:20 (UTC)
Текущий статус: закончено
Результат: 9/41 (21.96%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.30 Trojan-Downloader.Delf.OAQ!IK
AhnLab-V3 5.0.0.2 2009.08.29 -
AntiVir 7.9.1.7 2009.08.30 DR/Delphi.Gen
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.30 -
Avast 4.8.1335.0 2009.08.29 -
AVG 8.5.0.406 2009.08.30 -
BitDefender 7.2 2009.08.30 -
CAT-QuickHeal 10.00 2009.08.29 -
ClamAV 0.94.1 2009.08.30 -
Comodo 2124 2009.08.30 -
DrWeb 5.0.0.12182 2009.08.30 -
eSafe 7.0.17.0 2009.08.30 -
eTrust-Vet 31.6.6707 2009.08.28 -
F-Prot 4.5.1.85 2009.08.29 -
F-Secure 8.0.14470.0 2009.08.29 Trojan-Dropper.Win32.Wlord.gen
Fortinet 3.120.0.0 2009.08.30 -
GData 19 2009.08.30 -
Ikarus T3.1.1.68.0 2009.08.30 Trojan-Downloader.Delf.OAQ
Jiangmin 11.0.800 2009.08.30 -
K7AntiVirus 7.10.831 2009.08.29 -
Kaspersky 7.0.0.125 2009.08.30 Trojan-Dropper.Win32.Wlord.gen
McAfee 5725 2009.08.30 -
McAfee+Artemis 5725 2009.08.30 Suspect-29!DB37DAFA1C40
McAfee-GW-Edition 6.8.5 2009.08.30 Heuristic.LooksLike.Trojan.Crypt.ZPACK.C
Microsoft 1.5005 2009.08.30 -
NOD32 4381 2009.08.30 a variant of Win32/TrojanDropper.Delf.NNN
Norman 2009.08.29 -
nProtect 2009.1.8.0 2009.08.30 -
Panda 10.0.2.2 2009.08.30 -
PCTools 4.4.2.0 2009.08.30 -
Prevx 3.0 2009.08.30 -
Rising 21.44.61.00 2009.08.30 -
Sophos 4.45.0 2009.08.30 -
Sunbelt 3.2.1858.2 2009.08.29 -
Symantec 1.4.4.12 2009.08.30 -
TheHacker 6.3.4.3.391 2009.08.29 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.30 Trojan.Win32.Small.102210
ViRobot 2009.8.28.1907 2009.08.28 -
VirusBuster 4.6.5.0 2009.08.30 -

Дополнительная информация
File size: 211968 bytes
MD5...: db37dafa1c40ab66a8a639988172b3f5
SHA1..: b9ace1f2339389141ff657970f82bab445b44f96
SHA256: 2b0fa407d68336e665d52f47928db03f8e19eb45603448cbc4 82b39c84f7153d
ssdeep: 6144:3CeEOdiBDYcd/0EbOGcWqkOYbMfHUtRl1:ldiFCIbc6PKaRl
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...53d-1251647480

Добавлено через 8 часов 40 минут

Файл foto.jar получен 2009.08.31 00:29:06 (UTC)
Текущий статус: закончено
Результат: 18/41 (43.91%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 -
AhnLab-V3 5.0.0.2 2009.08.29 -
AntiVir 7.9.1.7 2009.08.30 JAVA/Boxer.1
Antiy-AVL 2.0.3.7 2009.08.24 Trojan/J2ME.Boxer
Authentium 5.1.2.4 2009.08.30 -
Avast 4.8.1335.0 2009.08.30 Other:Malware-gen
AVG 8.5.0.406 2009.08.30 Java/SMS.C
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.29 -
ClamAV 0.94.1 2009.08.30 -
Comodo 2124 2009.08.31 TrojWare.J2ME.SMS.Boxer.i
DrWeb 5.0.0.12182 2009.08.31 Java.SMSSend.41
eSafe 7.0.17.0 2009.08.30 -
eTrust-Vet 31.6.6707 2009.08.28 -
F-Prot 4.5.1.85 2009.08.29 -
F-Secure 8.0.14470.0 2009.08.31 Trojan-SMS.J2ME.Boxer.i
Fortinet 3.120.0.0 2009.08.30 -
GData 19 2009.08.31 Other:Malware-gen
Ikarus T3.1.1.68.0 2009.08.31 Trojan-SMS
Jiangmin 11.0.800 2009.08.30 -
K7AntiVirus 7.10.831 2009.08.29 -
Kaspersky 7.0.0.125 2009.08.31 Trojan-SMS.J2ME.Boxer.i
McAfee 5725 2009.08.30 J2ME/Boxer
McAfee+Artemis 5725 2009.08.30 J2ME/Boxer
McAfee-GW-Edition 6.8.5 2009.08.31 Java.Boxer.1
Microsoft 1.5005 2009.08.30 Trojan:Java/Boxer.A
NOD32 4382 2009.08.30 J2ME/TrojanSMS.Swapi.F
Norman 2009.08.29 -
nProtect 2009.1.8.0 2009.08.30 -
Panda 10.0.2.2 2009.08.30 -
PCTools 4.4.2.0 2009.08.30 -
Prevx 3.0 2009.08.31 -
Rising 21.44.61.00 2009.08.30 -
Sophos 4.45.0 2009.08.31 Troj/Boxer-A
Sunbelt 3.2.1858.2 2009.08.29 -
Symantec 1.4.4.12 2009.08.31 Trojan Horse
TheHacker 6.3.4.3.391 2009.08.29 -
TrendMicro 8.950.0.1094 2009.08.30 TROJ_BOXER.B
VBA32 3.12.10.10 2009.08.30 -
ViRobot 2009.8.28.1907 2009.08.28 -
VirusBuster 4.6.5.0 2009.08.30 -

Дополнительная информация
File size: 8289 bytes
MD5...: 65b5820fa761ae7597274a7427997331
SHA1..: 78c8e48f670bf6c9a0bc04a90a73dd492968030f
SHA256: 64ea349002e8507d78546b8c5a10541e119f9a1ecd78eea736 4afcef7ec8ab97
ssdeep: 192:3AJ08neaMUeV1/EaaflyW2bZAgxK2WRpmPM49Vr3RGyB6fvK55C313IO:3I0
8errDClyW2ugxiKPM4z4xvY5813IO
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set

http://www.virustotal.com/ru/analisi...b97-1251678546

[Torvic99]

Файл Jimm8.jar получен 2009.08.31 05:43:38 (UTC)
Текущий статус: закончено
Результат: 18/41 (43.91%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31-
AhnLab-V3 5.0.0.2 2009.08.29-
AntiVir 7.9.1.7 2009.08.30 JAVA/Boxer.1
Antiy-AVL 2.0.3.7 2009.08.24 Trojan/J2ME.Boxer
Authentium 5.1.2.4 2009.08.30-
Avast 4.8.1335.0 2009.08.30 Other:Malware-gen
AVG 8.5.0.406 2009.08.30 Java/SMS.C
BitDefender 7.2 2009.08.31-
CAT-QuickHeal 10.00 2009.08.31-
ClamAV 0.94.1 2009.08.31-
Comodo 2124 2009.08.31 TrojWare.J2ME.SMS.Boxer.i
DrWeb 5.0.0.12182 2009.08.31 Java.SMSSend.41
eSafe 7.0.17.0 2009.08.30-
eTrust-Vet 31.6.6707 2009.08.28-
F-Prot 4.5.1.85 2009.08.29-
F-Secure 8.0.14470.0 2009.08.31 Trojan-SMS.J2ME.Boxer.i
Fortinet 3.120.0.0 2009.08.31-
GData 19 2009.08.31 Other:Malware-gen
Ikarus T3.1.1.68.0 2009.08.31 Trojan-SMS
Jiangmin 11.0.800 2009.08.30-
K7AntiVirus 7.10.831 2009.08.29-
Kaspersky 7.0.0.125 2009.08.31 Trojan-SMS.J2ME.Boxer.i
McAfee 5725 2009.08.30 J2ME/Boxer
McAfee+Artemis 5725 2009.08.30 J2ME/Boxer
McAfee-GW-Edition 6.8.5 2009.08.31 Java.Boxer.1
Microsoft 1.5005 2009.08.30 Trojan:Java/Boxer.A
NOD32 4382 2009.08.30 J2ME/TrojanSMS.Swapi.F
Norman 2009.08.29-
nProtect 2009.1.8.0 2009.08.30-
Panda 10.0.2.2 2009.08.30-
PCTools 4.4.2.0 2009.08.30-
Prevx 3.0 2009.08.31-
Rising 21.45.00.00 2009.08.31-
Sophos 4.45.0 2009.08.31 Troj/Boxer-A
Sunbelt 3.2.1858.2 2009.08.31-
Symantec 1.4.4.12 2009.08.31 Trojan Horse
TheHacker 6.3.4.3.392 2009.08.31-
TrendMicro 8.950.0.1094 2009.08.30 TROJ_BOXER.B
VBA32 3.12.10.10 2009.08.30-
ViRobot 2009.8.28.1907 2009.08.28-
VirusBuster 4.6.5.0 2009.08.30-

Дополнительная информация
File size: 52997 bytes
MD5...: 3f524502557cb12c473f7e4ba3b3bdca
SHA1..: 5ea93e984f5bca1eaedb103570e619c51c0708bf
SHA256: e5314e1bcda73efef7ddec44754c89fdb5f2c39c16ae3e963c 53b6ae4e55764b
ssdeep: 1536hSvZKjCSuJPbpRxEDj+sNuWOiS02Gp6oJX:EgjixxEDxtOx02Q j9
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-pdfid.: -
trid..: Java Archive (78.3%)
ZIP compressed archive (21.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)packers (F-Prot): doc_write

[senyak]

Пришло по Скайпу

Файл 12.scr получен 2009.08.31 20:47:17 (UTC)
Текущий статус: закончено
Результат: 13/41 (31.71%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 -
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 TR/Refroso.how
Antiy-AVL 2.0.3.7 2009.08.31 Trojan/Win32.Refroso.gen
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 Win32:Crypt-EXO
AVG 8.5.0.406 2009.08.31 BackDoor.Generic11.ALJF
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 BackDoor.Bifrost.8
eSafe 7.0.17.0 2009.08.31 -
eTrust-Vet 31.6.6713 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 -
GData 19 2009.08.31 Win32:Crypt-EXO
Ikarus T3.1.1.68.0 2009.08.31 -
Jiangmin 11.0.800 2009.08.31 -
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 -
McAfee 5726 2009.08.31 BackDoor-EEF
McAfee+Artemis 5726 2009.08.31 BackDoor-EEF
McAfee-GW-Edition 6.8.5 2009.08.31 Trojan.Refroso.how
Microsoft 1.5005 2009.08.31 -
NOD32 4385 2009.08.31 -
Norman 2009.08.31 W32/Malware.IDDG
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 High Risk System Back Door
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 -
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 -
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 Trojan.Win32.Agent.380928.F
VirusBuster 4.6.5.0 2009.08.31 Trojan.Ceeinject.Gen

Дополнительная информация
File size: 87583 bytes
MD5...: e810623136b5a5f514ca72f87a8b1aa7
SHA1..: a5b97f9ca915e71b2526c7d82fcb41e6d3a45980
SHA256: a2b906f2d8dc347571c0ff95ed14844fada2d4b1229fc0bb71 819be244c528c3
ssdeep: 1536:fnpbxGuLbc9UZyXiGHD3hYQwbtY9WpSgoFei6cvwGvgDF 1HbBcrX:lxG4bc
9nBDGQmy4pIFhvmbB4X
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...8c3-1251751637

Добавлено через 30 минут

Файл .exe получен 2009.08.31 21:05:10 (UTC)
Текущий статус: закончено
Результат: 15/41 (36.59%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.Win32.Alureon!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 -
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 Downloader.Zlob.AOJD
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 BackDoor.Tdss.119
eSafe 7.0.17.0 2009.08.31 Win32.Backdoor.Tidse
eTrust-Vet 31.6.6713 2009.08.31 Win32/Alureon.AGE
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 W32/FakeAlert.CD!tr
GData 19 2009.08.31 -
Ikarus T3.1.1.68.0 2009.08.31 Trojan.Win32.Alureon
Jiangmin 11.0.800 2009.08.31 -
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 Trojan-Spy.Win32.Agent.azqc
McAfee 5726 2009.08.31 Generic FakeAlert!cd
McAfee+Artemis 5726 2009.08.31 Generic FakeAlert!cd
McAfee-GW-Edition 6.8.5 2009.08.31 -
Microsoft 1.5005 2009.08.31 Trojan:Win32/Alureon.gen!J
NOD32 4385 2009.08.31 a variant of Win32/Kryptik.AHC
Norman 2009.08.31 W32/Zlob.EMEO
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 -
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 Backdoor.Tidserv
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 58368 bytes
MD5...: 256dda5eedf1f4738919b81b433fd052
SHA1..: 6cd7f553f1a5cfc33075c27ee9cbfab3d079e21f
SHA256: 46ba473a5edddbfed3b1422e4cbcbcba42d94cc4c88bb83f0c 9398d58f704195
ssdeep: 1536:rH83u/9Vosa+z0IOrmUzbGL6RHP5orgTWLj:rHPVZaRrTIQv5orga
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...195-1251752710




Файл FlashInstallNew.exe получен 2009.08.31 21:05:32 (UTC)
Текущий статус: закончено
Результат: 20/41 (48.79%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.CryptRedol!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 NSIS:Fasec-AR
AVG 8.5.0.406 2009.08.31 Downloader.Zlob.AOJD.dropper
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.31 BackDoor.Tdss.119
eSafe 7.0.17.0 2009.08.31 Win32.Backdoor.Tidse
eTrust-Vet 31.6.6713 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 PossibleThreat
GData 19 2009.08.31 NSIS:Fasec-AR
Ikarus T3.1.1.68.0 2009.08.31 Trojan.Win32.Alureon
Jiangmin 11.0.800 2009.08.31 TrojanDropper.Agent.abvu
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 Trojan-Spy.Win32.Agent.azqc
McAfee 5726 2009.08.31 DNSChanger!bl
McAfee+Artemis 5726 2009.08.31 DNSChanger!bl
McAfee-GW-Edition 6.8.5 2009.08.31 Heuristic.BehavesLike.Win32.Trojan.H
Microsoft 1.5005 2009.08.31 Trojan:Win32/Alureon.gen!J
NOD32 4385 2009.08.31 a variant of Win32/Kryptik.AHC
Norman 2009.08.31 -
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 Medium Risk Malware
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 Backdoor.Tidserv
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 112552 bytes
MD5...: ea943f76584da8cd6c6466aaa05f2a96
SHA1..: 3403508368688de1bc0f91d6a7859485d73ce657
SHA256: 335c8b7d1f9b13720f7be0036596e645e09f009d4ae48073b1 c8449b58717492
ssdeep: 3072:SuG5qit9D0w6RLFqlZjQYk4Y+t1FdskzBQlT9:s5qiXYw KEldRkb2yk1ah
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...492-1251752732




Файл FlashPlayer.exe получен 2009.08.31 21:12:05 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.CryptRedol!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 Downloader.Zlob.AOJD.dropper
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2125 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 BackDoor.Tdss.119
eSafe 7.0.17.0 2009.08.31 -
eTrust-Vet 31.6.6713 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 -
GData 19 2009.08.31 -
Ikarus T3.1.1.68.0 2009.08.31 Trojan.CryptRedol
Jiangmin 11.0.800 2009.08.31 TrojanDropper.Agent.abvu
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 Trojan-Spy.Win32.Agent.azqc
McAfee 5726 2009.08.31 -
McAfee+Artemis 5726 2009.08.31 Artemis!8338D0122DF6
McAfee-GW-Edition 6.8.5 2009.08.31 Heuristic.BehavesLike.Win32.Trojan.H
Microsoft 1.5005 2009.08.31 Trojan:Win32/Alureon.gen!J
NOD32 4385 2009.08.31 a variant of Win32/Kryptik.AHC
Norman 2009.08.31 W32/Zlob.EMEO.dropper
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 -
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.08.31 Trojan.NSIS.DnsChanger (v)
Symantec 1.4.4.12 2009.08.31 -
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 112583 bytes
MD5...: 8338d0122df678104d255eed398cd60b
SHA1..: f8be022019ee4a41d7c0620964d25ba244a6de8c
SHA256: 06a7c17813c8eb26b173bf09f03ebf48bcc2f4e53ea1eb46af d685ad3125ca6a
ssdeep: 1536:SdvTMGa+Zq4z/Fz08zDnr38aRZ+dUmw6RLFq6tf7oAv3vWeKj5xvVDZkHwl
j4jQk:SuG5qit9D0w6RLFqQMMVuXj2jQXNG
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...a6a-1251753125




Файл Muvexer.exe получен 2009.08.31 2157 (UTC)
Текущий статус: закончено
Результат: 13/41 (31.71%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.Win32.Alureon!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 -
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 Downloader.Zlob.AOJD
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 BackDoor.Tdss.119
eSafe 7.0.17.0 2009.08.31 -
eTrust-Vet 31.6.6713 2009.08.31 Win32/Alureon.AGE
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 -
GData 19 2009.08.31 -
Ikarus T3.1.1.68.0 2009.08.31 Trojan.Win32.Alureon
Jiangmin 11.0.800 2009.08.31 -
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 Trojan-Spy.Win32.Agent.azqc
McAfee 5726 2009.08.31 -
McAfee+Artemis 5726 2009.08.31 Artemis!ABEDECE8AC76
McAfee-GW-Edition 6.8.5 2009.08.31 -
Microsoft 1.5005 2009.08.31 Trojan:Win32/Alureon.gen!J
NOD32 4385 2009.08.31 a variant of Win32/Kryptik.AHC
Norman 2009.08.31 W32/Zlob.EMEO
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 -
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 Backdoor.Tidserv
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 TROJ_ALUREON.HT
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 58368 bytes
MD5...: abedece8ac7625841d9f07efce136080
SHA1..: 9fe219023f4727c7dd8928c8f894574c304b21e1
SHA256: 3bdd6365566200abf9e8b0831c40c035be392ad5c95c00c3fd 1d2f51f47e9012
ssdeep: 1536:5u83u/9Vosa+z0IOrmUzbGL6RHP5orgTWLj:5uPVZaRrTIQv5orga
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...012-1251753657





Файл setup.exe получен 2009.08.31 21:21:10 (UTC)
Текущий статус: закончено
Результат: 6/41 (14.64%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.Win32.FakeSmoke!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 -
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 -
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 -
eSafe 7.0.17.0 2009.08.31 Suspicious File
eTrust-Vet 31.6.6713 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 -
GData 19 2009.08.31 -
Ikarus T3.1.1.68.0 2009.08.31 Trojan.Win32.FakeSmoke
Jiangmin 11.0.800 2009.08.31 -
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 -
McAfee 5726 2009.08.31 -
McAfee+Artemis 5726 2009.08.31 Artemis!304060FED9A8
McAfee-GW-Edition 6.8.5 2009.08.31 -
Microsoft 1.5005 2009.08.31 Trojan:Win32/FakeSmoke
NOD32 4385 2009.08.31 -
Norman 2009.08.31 W32/WinFixer.gen.26267483
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 -
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 -
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 -
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 48423 bytes
MD5...: 304060fed9a8ba6b0128a999d7c53d58
SHA1..: a6016940a91e177ddd6c9c9e3d82546c5a8fa55f
SHA256: 12324e82e76d51af8185468332f89f76ae216b3da72a1ad42f 3a9c8437388012
ssdeep: 768:oxA4Wh/2IzpNX1UivMf6FBtCX9uTFg4Ro3MZeUZo/XQziYFAC/ljdDW3T:yA
ffdZfMX9Um4Ro9b/Xki0AQZpqT
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...012-1251753670





Файл setup2.exe получен 2009.08.31 21:29:08 (UTC)
Текущий статус: закончено
Результат: 7/41 (17.08%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.Win32.FakeSmoke!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
AntiVir 7.9.1.7 2009.08.31 -
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 -
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 -
eSafe 7.0.17.0 2009.08.31 Suspicious File
eTrust-Vet 31.6.6713 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
F-Secure 8.0.14470.0 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 -
GData 19 2009.08.31 -
Ikarus T3.1.1.68.0 2009.08.31 Trojan.Win32.FakeSmoke
Jiangmin 11.0.800 2009.08.31 -
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 -
McAfee 5726 2009.08.31 -
McAfee+Artemis 5726 2009.08.31 Artemis!E7C199F3A60B
McAfee-GW-Edition 6.8.5 2009.08.31 -
Microsoft 1.5005 2009.08.31 Trojan:Win32/FakeSmoke
NOD32 4385 2009.08.31 -
Norman 2009.08.31 W32/WinFixer.gen.26267483
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 Medium Risk Malware
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 -
Sunbelt 3.2.1858.2 2009.08.31 -
Symantec 1.4.4.12 2009.08.31 -
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 48418 bytes
MD5...: e7c199f3a60b8b62092e9e8244e41d12
SHA1..: fd866b6043798a0d804de89558607ec38d68bf85
SHA256: dfbb32733acfa262bee4a6f4586174f7cf40bb23abac2e729c 2b9711b0c46d08
ssdeep: 768:oxA4Wh/2IzpNX1UivMf6FBtCX9uTFg4Ro3MZeUZo/X5RSpdt/ZGbHSG2tIXV
/p+:yAffdZfMX9Um4Ro9b/X5RSpd/GLlXx+
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...d08-1251754148




Файл TestCodec.exe получен 2009.08.31 21:30:32 (UTC)
Текущий статус: закончено
Результат: 12/37 (32.44%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.31 Trojan.CryptRedol!IK
AhnLab-V3 5.0.0.2 2009.08.31 -
Antiy-AVL 2.0.3.7 2009.08.31 -
Authentium 5.1.2.4 2009.08.31 -
Avast 4.8.1335.0 2009.08.31 -
AVG 8.5.0.406 2009.08.31 -
BitDefender 7.2 2009.08.31 -
CAT-QuickHeal 10.00 2009.08.31 -
ClamAV 0.94.1 2009.08.31 -
Comodo 2124 2009.08.31 -
DrWeb 5.0.0.12182 2009.08.31 BackDoor.Tdss.119
eSafe 7.0.17.0 2009.08.31 -
eTrust-Vet 31.6.6713 2009.08.31 -
F-Prot 4.5.1.85 2009.08.31 -
Fortinet 3.120.0.0 2009.08.31 W32/FakeAlert.CD!tr
GData 19 2009.08.31 -
Ikarus T3.1.1.68.0 2009.08.31 Trojan.Win32.Alureon
K7AntiVirus 7.10.832 2009.08.31 -
Kaspersky 7.0.0.125 2009.08.31 Trojan-Spy.Win32.Agent.azqc
McAfee 5726 2009.08.31 Generic FakeAlert!cd
McAfee+Artemis 5726 2009.08.31 Generic FakeAlert!cd
McAfee-GW-Edition 6.8.5 2009.08.31 Heuristic.BehavesLike.Win32.Trojan.H
Microsoft 1.5005 2009.08.31 Trojan:Win32/Alureon.gen!J
NOD32 4385 2009.08.31 -
nProtect 2009.1.8.0 2009.08.31 -
Panda 10.0.2.2 2009.08.31 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.08.31 -
Rising 21.45.04.00 2009.08.31 -
Sophos 4.45.0 2009.08.31 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.08.31 Trojan.NSIS.DnsChanger (v)
Symantec 1.4.4.12 2009.08.31 -
TheHacker 6.3.4.3.393 2009.08.31 -
TrendMicro 8.950.0.1094 2009.08.30 TROJ_ALUREON.HT
VBA32 3.12.10.10 2009.08.31 -
ViRobot 2009.8.31.1909 2009.08.31 -
VirusBuster 4.6.5.0 2009.08.31 -

Дополнительная информация
File size: 112580 bytes
MD5...: d40e4119af2c0f5d8e1feb45d816877d
SHA1..: d8de16598c872562943ed2a788da190ad80abb61
SHA256: 638b7c2747b0036548db062624f5ba7c12c99f4185818999cb daf7353da749b8
ssdeep: 1536:SdvTMGa+Zq4z/Fz08zDnr38aRZ+dUmw6RLFqz7oAv3vWeKj5xvVDZkHwlj4
jQNpH:SuG5qit9D0w6RLFqzMMVuXj2jQXNt
PEiD..: -
PEInfo: PE Structure information

http://www.virustotal.com/ru/analisi...9b8-1251754232

[Surfer]

a-squared 4.5.0.24 2009.09.02 -
AhnLab-V3 5.0.0.2 2009.09.01 -
AntiVir 7.9.1.7 2009.09.01 HTML/Malicious.PDF.Gen
Antiy-AVL 2.0.3.7 2009.09.01 -
Authentium 5.1.2.4 2009.09.02 -
Avast 4.8.1335.0 2009.09.01 JSdfka-NV
AVG 8.5.0.406 2009.09.02 -
BitDefender 7.2 2009.09.02 Exploit.PDF-JS.Gen
CAT-QuickHeal 10.00 2009.09.02 -
ClamAV 0.94.1 2009.09.01 -
Comodo 2174 2009.09.02 -
DrWeb 5.0.0.12182 2009.09.02 -
eSafe 7.0.17.0 2009.09.01 -
eTrust-Vet 31.6.6715 2009.09.01 -
F-Prot 4.5.1.85 2009.09.01 -
F-Secure 8.0.14470.0 2009.09.02 -
Fortinet 3.120.0.0 2009.09.02 -
GData 19 2009.09.02 Exploit.PDF-JS.Gen
Ikarus T3.1.1.68.0 2009.09.02 -
Jiangmin 11.0.800 2009.09.01 -
K7AntiVirus 7.10.833 2009.09.01 -
Kaspersky 7.0.0.125 2009.09.02 -
McAfee 5727 2009.09.01 -
McAfee+Artemis 5727 2009.09.01 -
McAfee-GW-Edition 6.8.5 2009.09.02 Script.Malicious.PDF.Gen
Microsoft 1.5005 2009.09.02 Exploit:Win32/Pidief.P
NOD32 4387 2009.09.01 -
Norman 2009.09.01 -
nProtect 2009.1.8.0 2009.09.01 -
Panda 10.0.2.2 2009.09.01 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.09.02 -
Rising 21.45.14.00 2009.09.01 -
Sophos 4.45.0 2009.09.02 Mal/PdfEx-C
Sunbelt 3.2.1858.2 2009.09.01 Exploit.PDF-JS.Gen (v)
Symantec 1.4.4.12 2009.09.02 -
TheHacker 6.3.4.3.395 2009.09.02 -
TrendMicro 8.950.0.1094 2009.09.02 -
VBA32 3.12.10.10 2009.09.01 -
ViRobot 2009.9.2.1912 2009.09.02 -
VirusBuster 4.6.5.0 2009.09.01 -

http://www.virustotal.com/analisis/1...16f-1251869858

Добавлено через 4 минуты

a-squared 4.5.0.24 2009.09.02 -
AhnLab-V3 5.0.0.2 2009.09.01 -
AntiVir 7.9.1.7 2009.09.01 -
Antiy-AVL 2.0.3.7 2009.09.01 -
Authentium 5.1.2.4 2009.09.02 -
Avast 4.8.1335.0 2009.09.01 -
AVG 8.5.0.406 2009.09.02 -
BitDefender 7.2 2009.09.02 -
CAT-QuickHeal 10.00 2009.09.02 -
ClamAV 0.94.1 2009.09.01 -
Comodo 2173 2009.09.02 -
DrWeb 5.0.0.12182 2009.09.02 -
eSafe 7.0.17.0 2009.09.01 -
eTrust-Vet 31.6.6715 2009.09.01 -
F-Prot 4.5.1.85 2009.09.01 -
F-Secure 8.0.14470.0 2009.09.02 Trojan-SMS.J2ME.Jifake.a
Fortinet 3.120.0.0 2009.09.02 -
GData 19 2009.09.02 -
Ikarus T3.1.1.68.0 2009.09.02 -
Jiangmin 11.0.800 2009.09.02 -
K7AntiVirus 7.10.833 2009.09.01 -
Kaspersky 7.0.0.125 2009.09.02 Trojan-SMS.J2ME.Jifake.a
McAfee 5727 2009.09.01 -
McAfee+Artemis 5727 2009.09.01 -
McAfee-GW-Edition 6.8.5 2009.09.02 -
Microsoft 1.5005 2009.09.02 -
NOD32 4387 2009.09.01 -
Norman 2009.09.01 -
nProtect 2009.1.8.0 2009.09.01 -
Panda 10.0.2.2 2009.09.01 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.09.02 -
Rising 21.45.14.00 2009.09.01 -
Sophos 4.45.0 2009.09.02 -
Sunbelt 3.2.1858.2 2009.09.01 -
Symantec 1.4.4.12 2009.09.02 -
TheHacker 6.3.4.3.395 2009.09.02 -
TrendMicro 8.950.0.1094 2009.09.02 -
VBA32 3.12.10.10 2009.09.01 -
ViRobot 2009.9.2.1912 2009.09.02 -
VirusBuster 4.6.5.0 2009.09.01 -

http://www.virustotal.com/analisis/c...4ff-1251870309

[valho]

File 9_Bathtub-spEEd.exe received on 2009.09.02 06:03:11 (UTC)
Current status: finished
Result: 19/40 (47.5%)

AhnLab-V3 5.0.0.2 2009.09.01 -
AntiVir 7.9.1.7 2009.09.01 -
Antiy-AVL 2.0.3.7 2009.09.01 -
Authentium 5.1.2.4 2009.09.02 W32/Heuristic-KPP!Eldorado
Avast 4.8.1335.0 2009.09.01 Win32:Agent-AFKW
AVG 8.5.0.406 2009.09.02 -
BitDefender 7.2 2009.09.02 Trojan.Generic.925973
CAT-QuickHeal 10.00 2009.09.02 -
ClamAV 0.94.1 2009.09.01 Trojan.Armin
Comodo 2178 2009.09.02 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.09.02 -
eSafe 7.0.17.0 2009.09.01 Win32.MiscGuilt
eTrust-Vet 31.6.6715 2009.09.01 -
F-Prot 4.5.1.85 2009.09.01 W32/Heuristic-KPP!Eldorado
F-Secure 8.0.14470.0 2009.09.02 Suspicious:W32/Malware!Gemini
Fortinet 3.120.0.0 2009.09.02 Misc/Guilt
GData 19 2009.09.02 Trojan.Generic.925973
Ikarus T3.1.1.68.0 2009.09.02 Trojan.Armin
Jiangmin 11.0.800 2009.09.02 Trojan/Genome.qo
K7AntiVirus 7.10.833 2009.09.01 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.02 -
McAfee 5727 2009.09.01 Generic.dx
McAfee+Artemis 5727 2009.09.01 Generic.dx
McAfee-GW-Edition 6.8.5 2009.09.02 -
Microsoft 1.5005 2009.09.02 -
NOD32 4387 2009.09.01 probably a variant of Win32/Agent
Norman 2009.09.01 -
nProtect 2009.1.8.0 2009.09.01 -
Panda 10.0.2.2 2009.09.01 Generic Trojan
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.09.02 -
Rising 21.45.14.00 2009.09.01 -
Sophos 4.45.0 2009.09.02 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.09.01 -
Symantec 1.4.4.12 2009.09.02 Adware.BetterInternet
TheHacker 6.3.4.3.395 2009.09.02 -
TrendMicro 8.950.0.1094 2009.09.02 -
VBA32 3.12.10.10 2009.09.01 -
ViRobot 2009.9.2.1912 2009.09.02 -
VirusBuster 4.6.5.0 2009.09.01 -

Additional information
File size: 225769 bytes
MD5...: f48b609d82feac766d25312ad181ef66
SHA1..: 8f41b71a0ed4fe77c96b1af40426440c3b881c50
SHA256: 8e224a4eb37006839db4b0e7430281ae432f909fc144e0a724 502a040bc57455
ssdeep: 6144:ohe1YdOivqyVMmNQUxp8epIhlek3VaRPyQsF2LulJqsM: D1wOiyEQUxKCEV
FIBy2LK8sM
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x20850
timedatestamp.....: 0x3ec35042 (Thu May 15 08:30:58 2003)
machinetype.......: 0x14c (I386)

[OSSP2008]

Файл administrator_doubleclick_1_.txt получен 2009.09.07 13:02:45 (UTC)
Текущий статус: закончено
Результат: 1/41 (2.44%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.09.07 -
AhnLab-V3 5.0.0.2 2009.09.05 -
AntiVir 7.9.1.8 2009.09.07 -
Antiy-AVL 2.0.3.7 2009.09.07 -
Authentium 5.1.2.4 2009.09.07 -
Avast 4.8.1351.0 2009.09.07 -
AVG 8.5.0.409 2009.09.07 -
BitDefender 7.2 2009.09.07 -
CAT-QuickHeal 10.00 2009.09.07 -
ClamAV 0.94.1 2009.09.07 -
Comodo 2210 2009.09.07 -
DrWeb 5.0.0.12182 2009.09.07 -
eSafe 7.0.17.0 2009.09.06 -
eTrust-Vet 31.6.6724 2009.09.07 -
F-Prot 4.5.1.85 2009.09.07 -
F-Secure 8.0.14470.0 2009.09.07 -
Fortinet 3.120.0.0 2009.09.07 -
GData 19 2009.09.07 -
Ikarus T3.1.1.72.0 2009.09.07 -
Jiangmin 11.0.800 2009.09.07 -
K7AntiVirus 7.10.837 2009.09.05 -
Kaspersky 7.0.0.125 2009.09.07 -
McAfee 5733 2009.09.06 -
McAfee+Artemis 5733 2009.09.06 -
McAfee-GW-Edition 6.8.5 2009.09.07 -
Microsoft 1.5005 2009.09.07 -
NOD32 4402 2009.09.07 -
Norman 6.01.09 2009.09.04 -
nProtect 2009.1.8.0 2009.09.07 -
Panda 10.0.2.2 2009.09.07 Cookie/Doubleclick
PCTools 4.4.2.0 2009.09.07 -
Prevx 3.0 2009.09.07 -
Rising 21.46.04.00 2009.09.07 -
Sophos 4.45.0 2009.09.07 -
Sunbelt 3.2.1858.2 2009.09.06 -
Symantec 1.4.4.12 2009.09.07 -
TheHacker 6.3.4.3.396 2009.09.04 -
TrendMicro 8.950.0.1094 2009.09.07 -
VBA32 3.12.10.10 2009.09.06 -
ViRobot 2009.9.7.1921 2009.09.07 -
VirusBuster 4.6.5.0 2009.09.06 -

Дополнительная информация
File size: 123 bytes
MD5...: aad0ef1c092503609f8a0c6181a2969f
SHA1..: a6d27b3887fe74c6e62bd3da2e00906fe04eccaf
SHA256: f4acbeaa7944e9daf221fb74bfb5881408fc09b1f1095c9f8b 10b97dd1a3719d
ssdeep: 3:AYREQN+ZR5qBR/quyfZaGJMBDXv7YfdL6M/WVFvmXSvvn:A8EHv51ucNYeHefv
mXSvv
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!

Добавлено через 3 минуты

Файл alsrvn.exe получен 2009.09.07 13:06:45 (UTC)
Текущий статус: закончено
Результат: 25/41 (60.98%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.09.07 Trojan-PWS.Win32.Lmir.mw!IK
AhnLab-V3 5.0.0.2 2009.09.05 Win-Trojan/Xema.variant
AntiVir 7.9.1.8 2009.09.07 BDS/Delf.SG.4
Antiy-AVL 2.0.3.7 2009.09.07 -
Authentium 5.1.2.4 2009.09.07 -
Avast 4.8.1351.0 2009.09.07 Win32:Trojan-gen {Other}
AVG 8.5.0.409 2009.09.07 BackDoor.Generic11.ABPG
BitDefender 7.2 2009.09.07 Trojan.Generic.IS.573392
CAT-QuickHeal 10.00 2009.09.07 Backdoor.Delf.sg
ClamAV 0.94.1 2009.09.07 -
Comodo 2210 2009.09.07 Heur.Packed.Unknown
DrWeb 5.0.0.12182 2009.09.07 -
eSafe 7.0.17.0 2009.09.06 Win32.BackdoorDelf.S
eTrust-Vet 31.6.6724 2009.09.07 Win32/VMalum.FTQI
F-Prot 4.5.1.85 2009.09.07 -
F-Secure 8.0.14470.0 2009.09.07 -
Fortinet 3.120.0.0 2009.09.07 -
GData 19 2009.09.07 Trojan.Generic.IS.573392
Ikarus T3.1.1.72.0 2009.09.07 Trojan-PWS.Win32.Lmir.mw
Jiangmin 11.0.800 2009.09.07 TrojanDropper.Delf.drs
K7AntiVirus 7.10.837 2009.09.05 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.07 -
McAfee 5733 2009.09.06 Generic BackDoor!dv
McAfee+Artemis 5733 2009.09.06 Generic BackDoor!dv
McAfee-GW-Edition 6.8.5 2009.09.07 Heuristic.LooksLike.Win32.Delf.A
Microsoft 1.5005 2009.09.07 Backdoor:Win32/Delf.SG
NOD32 4402 2009.09.07 -
Norman 6.01.09 2009.09.07 -
nProtect 2009.1.8.0 2009.09.07 Trojan/W32.Agent.53248.PI
Panda 10.0.2.2 2009.09.07 Trj/CI.A
PCTools 4.4.2.0 2009.09.07 -
Prevx 3.0 2009.09.07 Medium Risk Malware
Rising 21.46.04.00 2009.09.07 -
Sophos 4.45.0 2009.09.07 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.09.06 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.09.07 -
TheHacker 6.3.4.3.396 2009.09.04 -
TrendMicro 8.950.0.1094 2009.09.07 TROJ_Gen.8V200
VBA32 3.12.10.10 2009.09.06 -
ViRobot 2009.9.7.1921 2009.09.07 -
VirusBuster 4.6.5.0 2009.09.06 Backdoor.Delf.DKRW

[valho]

File blank.gif received on 2009.09.08 13:12:39 (UTC)
Current status: finished
Result: 9/41 (21.96%)

a-squared 4.5.0.24 2009.09.08 -
AhnLab-V3 5.0.0.2 2009.09.08 -
AntiVir 7.9.1.12 2009.09.08 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2009.09.08 -
Authentium 5.1.2.4 2009.09.08 -
Avast 4.8.1351.0 2009.09.07 -
AVG 8.5.0.409 2009.09.08 -
BitDefender 7.2 2009.09.08 -
CAT-QuickHeal 10.00 2009.09.08 -
ClamAV 0.94.1 2009.09.08 -
Comodo 2204 2009.09.08 -
DrWeb 5.0.0.12182 2009.09.08 -
eSafe 7.0.17.0 2009.09.08 JS.Agent.ia
eTrust-Vet 31.6.6725 2009.09.08 -
F-Prot 4.5.1.85 2009.09.07 JS/Strcrypt.B.gen
F-Secure 8.0.14470.0 2009.09.08 -
Fortinet 3.120.0.0 2009.09.08 -
GData 19 2009.09.08 -
Ikarus T3.1.1.72.0 2009.09.08 -
Jiangmin 11.0.800 2009.09.08 -
K7AntiVirus 7.10.837 2009.09.05 -
Kaspersky 7.0.0.125 2009.09.08 -
McAfee 5734 2009.09.07 JS/Tenia.e
McAfee+Artemis 5734 2009.09.07 JS/Tenia.e
McAfee-GW-Edition 6.8.5 2009.09.08 Heuristic.Script.Crypted
Microsoft 1.5005 2009.09.08 Virus:JS/Decdec.A
NOD32 4406 2009.09.08 -
Norman 6.01.09 2009.09.08 HTML/Exploit!IFrame.C
nProtect 2009.1.8.0 2009.09.08 -
Panda 10.0.2.2 2009.09.07 -
PCTools 4.4.2.0 2009.09.07 -
Prevx 3.0 2009.09.08 -
Rising 21.46.14.00 2009.09.08 -
Sophos 4.45.0 2009.09.08 -
Sunbelt 3.2.1858.2 2009.09.07 -
Symantec 1.4.4.12 2009.09.08 -
TheHacker 6.3.4.3.397 2009.09.07 -
TrendMicro 8.950.0.1094 2009.09.08 -
VBA32 3.12.10.10 2009.09.08 -
ViRobot 2009.9.8.1923 2009.09.08 -
VirusBuster 4.6.5.0 2009.09.07 JS.IFramer.N

Additional information
File size: 4009 bytes
MD5...: 4b4508afaf30f9389552e1a2e81538c5
SHA1..: 4a9c90b4a087023fd119700448f7df31936459a8
SHA256: 3c190a48c626f862c6d99e44010d5b8069e9469081bb014125 e4b05face8e5fb
ssdeep: 96:NbKCZmPwX1t14qu52oTwmYSNWw6zB2Anz9PqNZAVkb:ZpmY CquQmwuooAODb
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: GZipped File (100.0%)
packers (F-Prot): packed

[Black_N]

Файл 25b1d33efa9939f544bac5add473f93a получен 2009.09.01 22:00:23 (UTC)
Текущий статус: закончено
Результат: 20/41 (48.78%)

a-squared 4.5.0.24 2009.09.01 Downloader.TMAagent!IK
AhnLab-V3 5.0.0.2 2009.09.01 -
AntiVir 7.9.1.7 2009.09.01 -
Antiy-AVL 2.0.3.7 2009.09.01 Trojan/Win32.FlyStudio.gen
Authentium 5.1.2.4 2009.09.01 W32/Heuristic-DRX!Eldorado
Avast 4.8.1335.0 2009.09.01 -
AVG 8.5.0.406 2009.09.01 PSW.Generic7.GTK
BitDefender 7.2 2009.09.01 -
CAT-QuickHeal 10.00 2009.09.01 Trojan.Agent.IRC
ClamAV 0.94.1 2009.09.01 Trojan.Spy-63288
Comodo 2173 2009.09.01 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.09.01 Adware.TMAgent.31
eSafe 7.0.17.0 2009.09.01 Win32.Packed.Black.D
eTrust-Vet 31.6.6715 2009.09.01 Win32/FlyStudio!generic
F-Prot 4.5.1.85 2009.09.01 W32/Heuristic-DRX!Eldorado
F-Secure 8.0.14470.0 2009.09.01 -
Fortinet 3.120.0.0 2009.09.01 W32/Black.D
GData 19 2009.09.01 -
Ikarus T3.1.1.68.0 2009.09.01 Downloader.TMAagent
Jiangmin 11.0.800 2009.09.01 Trojan/FlyStudio.u
K7AntiVirus 7.10.833 2009.09.01 Trojan-Spy.Win32.FlyStudio.bng
Kaspersky 7.0.0.125 2009.09.01 -
McAfee 5727 2009.09.01 -
McAfee+Artemis 5727 2009.09.01 Artemis!25B1D33EFA99
McAfee-GW-Edition 6.8.5 2009.09.01 -
Microsoft 1.5005 2009.09.01 -
NOD32 4387 2009.09.01 -
Norman 2009.09.01 -
nProtect 2009.1.8.0 2009.09.01 -
Panda 10.0.2.2 2009.09.01 -
PCTools 4.4.2.0 2009.08.31 -
Prevx 3.0 2009.09.01 Medium Risk Malware
Rising 21.45.14.00 2009.09.01 -
Sophos 4.45.0 2009.09.01 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.09.01 -
Symantec 1.4.4.12 2009.09.01 -
TheHacker 6.3.4.3.394 2009.09.01 Trojan/Spy.FlyStudio.bby
TrendMicro 8.950.0.1094 2009.09.01 -
VBA32 3.12.10.10 2009.09.01 Trojan-Spy.Win32.FlyStudio.bng
ViRobot 2009.9.1.1911 2009.09.01 -
VirusBuster 4.6.5.0 2009.09.01 -

Дополнительная информация
File size: 1840140 bytes
MD5 : 25b1d33efa9939f544bac5add473f93a
SHA1 : 75af58fdf7bbf2bea6cb21f3beccc73fd74ce376
SHA256: 11f9b7aba67c1ac28f5090dd44aa2bc34d9f6bdcd283459324 42efcee81d0a93
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x4911701E (Wed Nov 5 11:06:22 200
machinetype.......: 0x14C (Intel I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x50000 0x21000 8.00 d1fb9d38397b2a31eaab845932b993c0
0x51000 0x13000 0x8200 8.00 64822ae0abc4fbba2039e04da098679a
0x64000 0xA000 0xE00 7.95 23d312d13be95b5680c27897b3732dc5
.rsrc 0x6E000 0x19000 0x6000 7.84 1a29dfd09d8e140067c8e96c37c9679a
.data 0x87000 0x4D000 0x4C400 7.89 edac89f7ac62e65595f57fad9c7b655e
.adata 0xD4000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 10 imports )

> advapi32.dll: RegSetValueExW
> comctl32.dll: InitCommonControlsEx
> gdi32.dll: SetBkMode
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA, RaiseException
> ole32.dll: CoTaskMemFree
> oleaut32.dll: -, VariantChangeTypeEx
> shell32.dll: ShellExecuteExW
> shlwapi.dll: PathFindExtensionW
> urlmon.dll: CreateURLMoniker
> user32.dll: SystemParametersInfoW

( 0 exports )
TrID : File type identification
-
ssdeep: 49152:/uUZcNGnM7GLyHPbUHGjwU6C5Z3fwP+ESb:GUZWGMyUbzjwvCT3 fwP+B
Prevx Info: http://info.prevx.com/aboutprogramte...1B0200DFDC0B03
PEiD : -
packers (Kaspersky): PE_Patch, ASProtect
packers (F-Prot): XORCrypt
packers (Authentium): XORCrypt
RDS : NSRL Reference Data Set

[senyak]

File tmasrv.exe received on 2009.09.09 15:43:49 (UTC)
Current status: finished
Result: 7/41 (17.07%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.09 Gen.AdWare!IK
AhnLab-V3 5.0.0.2 2009.09.09 -
AntiVir 7.9.1.12 2009.09.09 TR/Spy.1182720
Antiy-AVL 2.0.3.7 2009.09.09 -
Authentium 5.1.2.4 2009.09.08 -
Avast 4.8.1351.0 2009.09.09 -
AVG 8.5.0.409 2009.09.09 -
BitDefender 7.2 2009.09.09 -
CAT-QuickHeal 10.00 2009.09.09 -
ClamAV 0.94.1 2009.09.09 -
Comodo 2264 2009.09.09 -
DrWeb 5.0.0.12182 2009.09.09 -
eSafe 7.0.17.0 2009.09.09 -
eTrust-Vet 31.6.6727 2009.09.09 -
F-Prot 4.5.1.85 2009.09.08 -
F-Secure 8.0.14470.0 2009.09.09 -
Fortinet 3.120.0.0 2009.09.09 -
GData 19 2009.09.09 -
Ikarus T3.1.1.72.0 2009.09.09 Gen.AdWare
Jiangmin 11.0.800 2009.09.09 -
K7AntiVirus 7.10.839 2009.09.08 -
Kaspersky 7.0.0.125 2009.09.09 -
McAfee 5735 2009.09.08 -
McAfee+Artemis 5735 2009.09.08 Artemis!4D1B295B7A4B
McAfee-GW-Edition 6.8.5 2009.09.09 Trojan.Spy.1182720
Microsoft 1.5005 2009.09.09 -
NOD32 4410 2009.09.09 -
Norman 6.01.09 2009.09.08 -
nProtect 2009.1.8.0 2009.09.09 -
Panda 10.0.2.2 2009.09.08 -
PCTools 4.4.2.0 2009.09.09 -
Prevx 3.0 2009.09.09 -
Rising 21.46.24.00 2009.09.09 -
Sophos 4.45.0 2009.09.09 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.09.09 -
Symantec 1.4.4.12 2009.09.09 Adware.Gen
TheHacker 6.3.4.3.399 2009.09.09 -
TrendMicro 8.950.0.1094 2009.09.09 -
VBA32 3.12.10.10 2009.09.08 -
ViRobot 2009.9.9.1925 2009.09.09 -
VirusBuster 4.6.5.0 2009.09.09 -

Additional information
File size: 1182720 bytes
MD5 : 4d1b295b7a4bfe65ffd7748f9140ab4f
SHA1 : 0ac4b4129d4f44974e73c6a153edb4ba3192702f
SHA256: 01ec2a6db3937fc3c8e118eb7c1d69148f4086aed8f246ef5c b3cc0fa02a1c3b
PEInfo: PE Structure information

http://www.virustotal.com/analisis/0...c3b-1252511029

[ZhIV]

File twbhml.exe received on 2009.09.11 02:34:56 (UTC)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.11 Worm.Win32.AutoRun!IK
AhnLab-V3 5.0.0.2 2009.09.11 -
AntiVir 7.9.1.14 2009.09.10 TR/Onlinegames.A3
Antiy-AVL 2.0.3.7 2009.09.10 -
Authentium 5.1.2.4 2009.09.11 -
Avast 4.8.1351.0 2009.09.10 AutoIt:Balero-A2
AVG 8.5.0.412 2009.09.10 -
BitDefender 7.2 2009.09.11 Gen:Trojan.Heur.AutoIT.BmNfbWsWXthk
CAT-QuickHeal 10.00 2009.09.10 Trojan.Agent2.efp
ClamAV 0.94.1 2009.09.11 Trojan.Autoit-72
Comodo 2279 2009.09.11 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.0.12182 2009.09.10 Win32.HLLW.Autoruner.based
eSafe 7.0.17.0 2009.09.10 Suspicious File
eTrust-Vet 31.6.6731 2009.09.11 Win32/ASuspect.GIUVB
F-Prot 4.5.1.85 2009.09.10 -
F-Secure 8.0.14470.0 2009.09.11 Trojan.Win32.Autoit.xp
Fortinet 3.120.0.0 2009.09.11 W32/Autoit.XP!tr
GData 19 2009.09.11 Gen:Trojan.Heur.AutoIT.BmNfbWsWXthk
Ikarus T3.1.1.72.0 2009.09.11 Worm.Win32.AutoRun
Jiangmin 11.0.800 2009.09.10 -
K7AntiVirus 7.10.841 2009.09.10 -
Kaspersky 7.0.0.125 2009.09.11 Trojan.Win32.Autoit.xp
McAfee 5737 2009.09.10 W32/Autorun.worm.n
McAfee+Artemis 5737 2009.09.10 W32/Autorun.worm.n
McAfee-GW-Edition 6.8.5 2009.09.10 Trojan.Onlinegames.A3
Microsoft 1.5005 2009.09.10 Worm:AutoIt/Renocide.gen!C
NOD32 4415 2009.09.10 Win32/Packed.Autoit.Gen
Norman 6.01.09 2009.09.10 -
nProtect 2009.1.8.0 2009.09.10 -
Panda 10.0.2.2 2009.09.10 Trj/Zlob.KH
PCTools 4.4.2.0 2009.09.10 -
Prevx 3.0 2009.09.11 -
Rising 21.46.34.00 2009.09.10 -
Sophos 4.45.0 2009.09.11 Mal/Renocide-A
Sunbelt 3.2.1858.2 2009.09.10 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.09.11 W32.Harakit
TheHacker 6.3.4.4.400 2009.09.10 -
TrendMicro 8.950.0.1094 2009.09.10 -
VBA32 3.12.10.10 2009.09.11 Trojan.Autoit.FINT
ViRobot 2009.9.10.1928 2009.09.10 -
VirusBuster 4.6.5.0 2009.09.10 -

Additional information
File size: 445760 bytes
MD5...: d53dc66e910333b580d9ec0d6e745358
SHA1..: 7045defeb210fa154d9f090b916b2aed4f3ce677
SHA256: 673bbf53bb86886b35bfb28263ae053ffee972e31b018cc5b3 3e0604061f8788
ssdeep: 6144:xjk1EHI7OyXfOe5JnVZFrv7p4TKcw5TCWHkENpEMOq15Q kzM6dhb7S6onH:<BR>xjGjPOevnllBcCFfNpj15rrhzCH<BR>
PEiD..: -

[ISO]

Файл 9h2b.dll получен 2009.09.14 01:03:27 (UTC)
Результат: 15/41 (36.59%)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.09.14 AdWare.Win32.Rugo!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 -
Antiy-AVL 2.0.3.7 2009.09.11 -
Authentium 5.1.2.4 2009.09.13 W32/Rugu.A.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 Gen:Adware.Heur.eu8@NyNmXLib
CAT-QuickHeal 10.00 2009.09.12 Win32.Adware.Rugo.5
ClamAV 0.94.1 2009.09.13 -
Comodo 2309 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 Win32/SillyBHO.HD
F-Prot 4.5.1.85 2009.09.13 W32/Rugu.A.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Gen:Adware.Heur.eu8@NyNmXLib
Ikarus T3.1.1.72.0 2009.09.14 AdWare.Win32.Rugo
Jiangmin 11.0.800 2009.09.13 Adware/Boolans.dh
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 Generic PWS!hv.ah
McAfee+Artemis 5740 2009.09.13 Generic PWS!hv.ah
McAfee-GW-Edition 6.8.5 2009.09.13 Heuristic.LooksLike.Trojan.Pugolbho.L
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 -
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Suspicious file
PCTools 4.4.2.0 2009.09.11 Adware.WSearch.O
Prevx 3.0 2009.09.14 Medium Risk Malware
Rising 21.46.61.00 2009.09.13 -
Sophos 4.45.0 2009.09.13 -
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Дополнительная информация
File size: 65536 bytes
MD5...: 847b5800ff5163bda73bb6bec1e7b5b8
SHA1..: 6ead425b2f602a62399b6c3c77dec7ca9d64bbf5
SHA256: 1902a5730af67e7a85a8b53282f7a3eb8ce59bf68ecb6159e9 532a1cc6171dae
ssdeep: 768:w11sDtrZb1eNYwBmVCJHS7C2Mj7KTuqFXL7qTp0tIOiq/kl/:w11sD9AVACV
7KTxN+ytviq/kl/

Файл advcount01.exe получен 2009.09.14 01:09:04 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.09.14 Gen.Trojan!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Spy.31552.3
Antiy-AVL 2.0.3.7 2009.09.11 -
Authentium 5.1.2.4 2009.09.13 W32/Downloader.M.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 Win32:Trojan-gen {Other}
AVG 8.5.0.412 2009.09.13 Clicker.ABHP
BitDefender 7.2 2009.09.14 Gen:Trojan.Heur.by1brjqzgdkbC
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.13 -
Comodo 2309 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 Trojan.Click.26825
eSafe 7.0.17.0 2009.09.13 Suspicious File
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 W32/Downloader.M.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 PossibleThreat
GData 19 2009.09.14 Gen:Trojan.Heur.by1brjqzgdkbC
Ikarus T3.1.1.72.0 2009.09.14 Gen.Trojan
Jiangmin 11.0.800 2009.09.13 Heur:TrojanDownloader.Agent
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 Generic.dx!fdp
McAfee+Artemis 5740 2009.09.13 Generic.dx!fdp
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 a variant of Win32/TrojanClicker.Agent.NHO
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Trj/CI.A
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 -
Rising 21.46.61.00 2009.09.13 Trojan.Clicker.Win32.Mnless.bq
Sophos 4.45.0 2009.09.13 Mal/Behav-160
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 Spyware.Perfect
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Дополнительная информация
File size: 31552 bytes
MD5...: 9df4238044b5b12e7dfaffdd324da003
SHA1..: c87cae25053204dcf22be2fe054bca5f5ce1758e
SHA256: 9a0fd50cb262f92b930749dcd29ee58c2b937956d5be07fadb 7ec74e04d06059
ssdeep: 768:ECEp27peulkm7EdbrV4YqChJ9RnLxeha5hFJiX:ECEA7/7EdbrrhvQWU


Файл mywcc090908.dll получен 2009.09.14 01:11:49 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.09.14 Trojan-Spy.Win32.Hitpop!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2009.09.11 -
Authentium 5.1.2.4 2009.09.13 -
Avast 4.8.1351.0 2009.09.13 Win32ogrobot
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 Gen:Trojan.Heur.PT.bi4@beU@HZf
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.13 -
Comodo 2309 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 Win32.Cymdos
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 -
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Gen:Trojan.Heur.PT.bi4@beU@HZf
Ikarus T3.1.1.72.0 2009.09.14 Trojan-Spy.Win32.Hitpop
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 Generic PWS.y!xr
McAfee+Artemis 5740 2009.09.13 Generic PWS.y!xr
McAfee-GW-Edition 6.8.5 2009.09.13 Trojan.Crypt.ZPACK.Gen
Microsoft 1.5005 2009.09.14 TrojanSpy:Win32/Hitpop.gen!D
NOD32 4422 2009.09.13 Win32/Spy.Delf.NHV
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Trj/CI.A
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 -
Rising 21.46.61.00 2009.09.13 -
Sophos 4.45.0 2009.09.13 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 Trojan.Cymdos
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 PAK_Generic.010
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 Trojan.Pophot.Gen.5

Дополнительная информация
File size: 23552 bytes
MD5...: c9ff79150f6b09dec26e013b3a2049ac
SHA1..: 957bd2c5bbfc13e9c7a3c893956d3a882d22415b
SHA256: acad8ddc5482d9d1851920497a84e0c0cc6835b37f38faefb3 8d7ff1a63f34ae
ssdeep: 384:exocmnxzuSKaNrEd7z/Day4Jh5Xn54mMIqv2vRfvXpgCOtEu2QBYwTHaHVNc
:gornxz97w9Wywhf542pffGCAEuW8H2
PEiD..: -
PEInfo: PE Structure information


File bc2b.bmp received on 2009.09.14 03:28:02 (UTC)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 AdWare.Bdsearch!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Agent.49152
Antiy-AVL 2.0.3.7 2009.09.11 -
Authentium 5.1.2.4 2009.09.13 W32/AdAgent.I.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 Win32:Agent-GRW
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 Gen:Adware.Heur.Fu8@GC3wPGdb
CAT-QuickHeal 10.00 2009.09.12 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 Trojan.DownLoader.origin
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 W32/AdAgent.I.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Gen:Adware.Heur.Fu8@GC3wPGdb
Ikarus T3.1.1.72.0 2009.09.14 AdWare.Bdsearch
Jiangmin 11.0.800 2009.09.13 Heur:Adware/MsLock
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 Artemis!908D37E1A844
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Agent.49152
Microsoft 1.5005 2009.09.14 Adware:Win32/Rugo
NOD32 4422 2009.09.13 -
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Suspicious file
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 Medium Risk Malware
Rising 21.47.00.00 2009.09.14 AdWare.Win32.Undef.ffo
Sophos 4.45.0 2009.09.14 BDSearch
Sunbelt 3.2.1858.2 2009.09.13 Trojan-GameThief.Win32.Magania.bcjs (fs)
Symantec 1.4.4.12 2009.09.14 Adware.Rugo
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 512000 bytes
MD5...: 908d37e1a8444d448785d832d37de983
SHA1..: 2a91e9bb791229e9663f78b8ce03e9925e23455c
SHA256: ea9c37dd1882c7b8e336fcd96a70a2b285d24f0d8b35f6f1b7 53b5df919d129d
ssdeep: 12288:oc51+pq4+DOU3WLfWP0J1DBAbd0iF1YqDN+DdMbZ3lNN TBFtpUdt4cZ9+q
2CV2SQ:oecpq4LjWPC1D+h0iFiqDN+DdMbZ3lN

Файл exxplorer.exe получен 2009.09.14 03:39:23 (UTC)

Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.09.14 Trojan-PWS.Win32.LdPinch!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 -
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 -
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 -
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 Trojan.PWS.LDPinch.4308
eSafe 7.0.17.0 2009.09.13 Suspicious File
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 -
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 W32/LdPinch.GZC!tr.pws
GData 19 2009.09.14 -
Ikarus T3.1.1.72.0 2009.09.14 Trojan-PWS.Win32.LdPinch
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 Trojan-PSW.Win32.LdPinch.gzc
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 Artemis!8267450FE86B
McAfee-GW-Edition 6.8.5 2009.09.14 -
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 -
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 -
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 -
Rising 21.47.00.00 2009.09.14 -
Sophos 4.45.0 2009.09.14 -
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 Trojan.PWS.LdPinch.ADJP

Дополнительная информация
File size: 25600 bytes
MD5...: 8267450fe86b82ba30b9e0adf83a0d00
SHA1..: 36f6df163761a424737b2e154b9cc431a51db297
SHA256: 0dbf156ae4378d9900122870afec3a1003db606625abdb631e 1b809ae69c33e3
ssdeep: 768:C5dKrEI4lDpHlKLncbia9JtPP/vMtLaqp:C5gEI4bScbl9Hnv0D


File tmp.exe received on 2009.09.14 03:42:28 (UTC)
Result: 5/41 (12.2%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 -
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 -
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 -
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 -
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 -
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 -
Ikarus T3.1.1.72.0 2009.09.14 -
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 -
McAfee-GW-Edition 6.8.5 2009.09.14 Heuristic.BehavesLike.Win32.Downloader.P
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 a variant of Win32/Adware.WSearch
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Suspicious file
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 Medium Risk Malware
Rising 21.47.00.00 2009.09.14 Trojan.DL.Win32.Nodef.acn
Sophos 4.45.0 2009.09.14 -
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 36864 bytes
MD5...: 365ed9298ddffb076b0b4e770186e629
SHA1..: fb0c9de46a83d2d5af5300bc7d8f41ec8d9591c6
SHA256: 75c15f329c5169ba43eb12c19a81ab66f3dc97272fdc052470 f2a62608d488b4
ssdeep: 384Hg+mUL2qW4cGmsyWPjwUmduLxMRBbGxPmMB+37aQswgaePb3zI zsveCrbhI
MsJB:gQ4jC37a93bkQVyNVmHcGR5Li


File smbsrvce.dll received on 2009.09.14 03:44:49 (UTC)
Result: 21/41 (51.22%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Riskware.Win32.DelfInject!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Renaz.383488
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 W32/Heuristic-THX!Eldorado
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 Win32/Themida
BitDefender 7.2 2009.09.14 Trojan.Generic.2350449
CAT-QuickHeal 10.00 2009.09.12 Backdoor.IRCBot.a
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 Heur.Pck.Themida
DrWeb 5.0.0.12182 2009.09.14 Trojan.Packed.650
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 W32/Heuristic-THX!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 PossibleThreat
GData 19 2009.09.14 Trojan.Generic.2350449
Ikarus T3.1.1.72.0 2009.09.14 VirTool.Win32.DelfInject
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 Artemis!2C4417C7E7A5
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Renaz.383488
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 -
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Generic Malware
PCTools 4.4.2.0 2009.09.11 Packed/Themida.RGa
Prevx 3.0 2009.09.14 Medium Risk Malware
Rising 21.47.00.00 2009.09.14 -
Sophos 4.45.0 2009.09.14 Mal/Behav-285
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 WORM_SDBOT.GAV
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 Packed/Themida

Additional information
File size: 383488 bytes
MD5...: 2c4417c7e7a544d94eda2fc2643470b3
SHA1..: d2c91f95d6caab0ffbadbc089dbfb4558c55b6ae
SHA256: 05a077b7c7d8e5cae432c232c2f45a8d13b9d1057f910ec234 272ae80dbbd99f
ssdeep: 6144:Szu+4KFcie0rFEL98JXZJIxvsFz7mH0iyvjvmxAtVh4vi P3ourY5Y6m1MUR
g5os3:SWSrFsoIQ7mH0NvmxAtjY5poPRuosn3


File P001.exe received on 2009.09.14 03:52:15 (UTC)
Result: 18/41 (43.91%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Trojan.Win32.VB!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 -
Avast 4.8.1351.0 2009.09.13 Win32:Trojan-gen {Other}
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 DeepScan:Generic.Malware.Yddld!.94C7730E
CAT-QuickHeal 10.00 2009.09.12 Trojan.Agent.ATV
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 Suspicious File
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 -
F-Secure 8.0.14470.0 2009.09.13 Suspicious:W32/Malware!Gemini
Fortinet 3.120.0.0 2009.09.14 W32/Emogen.F
GData 19 2009.09.14 DeepScan:Generic.Malware.Yddld!.94C7730E
Ikarus T3.1.1.72.0 2009.09.14 Trojan.Win32.VB
Jiangmin 11.0.800 2009.09.13 TrojanDownloader.VB.rgf
K7AntiVirus 7.10.843 2009.09.12 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 Artemis!57D6BEACEB3A
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Crypt.XPACK.Gen
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 -
Norman 6.01.09 2009.09.11 W32/Obfuscated.BQ!genr
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Trj/Downloader.WHG
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 Medium Risk Malware
Rising 21.47.00.00 2009.09.14 -
Sophos 4.45.0 2009.09.14 Mal/Emogen-F
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 9216 bytes
MD5...: 57d6beaceb3a43918a0521c2376ebe0e
SHA1..: e72747b043e1f08c8e8a846f4289a6f1aa3dfb6e
SHA256: a1f2443a179a33a3ed3e5cd03309fdf57fc3ea707558fc1fc5 7677e1c71e2e4b
ssdeep: 192:uQng+h2Vh2+FCEE/I/LSsUVAMlROuF3zRMEVng+KBIEOIjhqlRl3dMEV


File J001.exe received on 2009.09.14 03:52:04 (UTC)
Result: 21/41 (51.22%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Trojan-Downloader.Win32.Apher!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 -
Avast 4.8.1351.0 2009.09.13 Win32:Trojan-gen {Other}
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 Trojan.Agent.ANLG
CAT-QuickHeal 10.00 2009.09.12 TrojanDownloader.Apher.ght
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 Backdoor.Win32.CeckNo.J
DrWeb 5.0.0.12182 2009.09.14 DDoS.Attack.230
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 -
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Trojan.Agent.ANLG
Ikarus T3.1.1.72.0 2009.09.14 Trojan-Downloader.Win32.Apher
Jiangmin 11.0.800 2009.09.13 TrojanDownloader.Agent.brzo
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 Downloader-BPG
McAfee+Artemis 5740 2009.09.13 Downloader-BPG
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Crypt.XPACK.Gen
Microsoft 1.5005 2009.09.14 Backdoor:Win32/PcClient.EA
NOD32 4422 2009.09.13 a variant of Win32/Agent.OQF
Norman 6.01.09 2009.09.11 W32/GrayBird.ALGG
nProtect 2009.1.8.0 2009.09.12 Trojan/W32.Agent.36108.B
Panda 10.0.2.2 2009.09.13 -
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 -
Rising 21.47.00.00 2009.09.14 Backdoor.Win32.Mnless.cql
Sophos 4.45.0 2009.09.14 -
Sunbelt 3.2.1858.2 2009.09.13 Trojan-Downloader.Win32.Apher
Symantec 1.4.4.12 2009.09.14 Backdoor.Graybird
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 BKDR_SMALL.LQM
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 36108 bytes
MD5...: 901f2768e9f2147c9c5ae2283ef1ec01
SHA1..: 144ddb517099edcff2312eed307c400ad9acefcd
SHA256: 7afac619038f4ee254085519d64c552f514a9b8bfe3771fbcf 5cad5e62a23a89
ssdeep: 384:2VL3mfc+lIxjgBtaLrYtAkWs8xlzMx4oR9XJH143MFf008 4TL8hVMxgVYJLW
Ldbb:2VEIpgBwa1143cp84fWVwLibaS


File a.exe received on 2009.09.14 03:51:58 (UTC)
Result: 15/41 (36.59%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Trojan.Crypt!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 W32/Laglass!Generic
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 Win32/Heur
BitDefender 7.2 2009.09.14 Gen:Trojan.Heur.Vundo.cqW@bW8Yq!f
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 Win32.TRCrypt.ZPACK
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 W32/Laglass!Generic
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Gen:Trojan.Heur.Vundo.cqW@bW8Yq!f
Ikarus T3.1.1.72.0 2009.09.14 Trojan.Crypt
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 Artemis!68D1E826A054
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Crypt.ZPACK.Gen
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 a variant of Win32/Agent.PHC
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Trj/CI.A
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 High Risk Worm
Rising 21.47.00.00 2009.09.14 -
Sophos 4.45.0 2009.09.14 -
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 Trojan Horse
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 44032 bytes
MD5...: 68d1e826a054eecd579672f3ce61b154
SHA1..: e08d14c28967718c904fd3d0f95c7956b3fbb6d2
SHA256: 8ea9ba653bcaf3c25e3a3e312411c953d34012b4370b31d4a8 df8afbe7f5007a
ssdeep: 768:YjB7GUo/QEhXzuKknGcTt+2pOoEBZaP8EDmx99WE/ns8MYLMsD3s/:EEhXCX
GcTdSaPxQnn3MYg
PEiD..: -


File H001.exe received on 2009.09.14 03:51:51 (UTC)
Result: 28/41 (68.3%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Backdoor.Win32.PcClient!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 DR/PcClient.Gen
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 W32/PcClient.F.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 Win32ownloader-AZY
AVG 8.5.0.412 2009.09.13 BackDoor.PcClient.2.AM
BitDefender 7.2 2009.09.14 Application.Generic.183484
CAT-QuickHeal 10.00 2009.09.12 Backdoor.PcClient.ahfg
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 Backdoor.Win32.PcClient.~D
DrWeb 5.0.0.12182 2009.09.14 Trojan.FakeGina.7
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 Win32/PcClient!generic
F-Prot 4.5.1.85 2009.09.13 W32/PcClient.F.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Application.Generic.183484
Ikarus T3.1.1.72.0 2009.09.14 Backdoor.Win32.PcClient
Jiangmin 11.0.800 2009.09.13 Backdoor/PcClient.wao
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 BackDoor-CKB.dr
McAfee+Artemis 5740 2009.09.13 BackDoor-CKB.dr
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Dropper.PcClient.Gen
Microsoft 1.5005 2009.09.14 Backdoor:Win32/PcClient.AI
NOD32 4422 2009.09.13 a variant of Win32/PcClient.NDE
Norman 6.01.09 2009.09.11 W32/PCClient.SQB
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Suspicious file
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 -
Rising 21.47.00.00 2009.09.14 Backdoor.Win32.PcClient.xbd
Sophos 4.45.0 2009.09.14 Mal/PCClient-Q
Sunbelt 3.2.1858.2 2009.09.13 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.09.14 Backdoor.Formador
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 BKDR_PCCLIEN.AFR
VBA32 3.12.10.10 2009.09.13 Backdoor.Win32.PcClient.emd
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 Backdoor.DR.PCClient.Gen.7

Additional information
File size: 66790 bytes
MD5...: 98aca1cae8d25af488619628eeff1df8
SHA1..: cc2ecd4f8c0c3eded0789cf7d8c58615ab2a5180
SHA256: 73ae205e4e2be2d12cea39f9ae46a64c556b7b526d58b02b46 dec42c4c096baf
ssdeep: 1536:BtYB1En6567MiYYLi70dHcQNr6JOd3bKsLKoxLFagHgqo km2bh5VrT3wLzn
X6564iYYFd8QNrkcTWAiOh37s


File nqczps.hun received on 2009.09.14 03:51:48 (UTC)
Result: 28/41 (68.3%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Backdoor.Win32.PcClient!IK
AhnLab-V3 5.0.0.2 2009.09.13 Win-Trojan/PcClient.87552.W
AntiVir 7.9.1.14 2009.09.11 BDS/Pcclient.DH.4
Antiy-AVL 2.0.3.7 2009.09.14 Backdoor/Win32.PcClient.gen
Authentium 5.1.2.4 2009.09.13 W32/PcClient.D.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 Win32:Agent-MDR
AVG 8.5.0.412 2009.09.13 BackDoor.PcClient.2.AR
BitDefender 7.2 2009.09.14 Backdoor.Agent.ZWB
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 Backdoor.Win32.PcClient.~ABT
DrWeb 5.0.0.12182 2009.09.14 BackDoor.PcClient.593
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 Win32/PcClient!generic
F-Prot 4.5.1.85 2009.09.13 W32/PcClient.D.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Backdoor.Agent.ZWB
Ikarus T3.1.1.72.0 2009.09.14 Backdoor.Win32.PcClient
Jiangmin 11.0.800 2009.09.13 Backdoor/PcClient.wcx
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 -
McAfee-GW-Edition 6.8.5 2009.09.14 Trojan.Backdoor.Pcclient.DH.4
Microsoft 1.5005 2009.09.14 Backdoor:Win32/PcClient.gen!E
NOD32 4422 2009.09.13 a variant of Win32/PcClient
Norman 6.01.09 2009.09.11 W32/PCClient.SIK
nProtect 2009.1.8.0 2009.09.12 Backdoor/W32.PcClient.96904.E
Panda 10.0.2.2 2009.09.13 Trj/Genetic.gen
PCTools 4.4.2.0 2009.09.11 Backdoor.PCClient.Gen.4
Prevx 3.0 2009.09.14 High Risk Fraudulent Security Program
Rising 21.47.00.00 2009.09.14 Backdoor.Win32.PcClient.wvb
Sophos 4.45.0 2009.09.14 Mal/Behav-228
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 Backdoor.Trojan
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 Mal_PClient
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 Backdoor.PCClient.Gen.4

Additional information
File size: 96904 bytes
MD5...: 78cd788ed6d28eae89dc66481e5fb93c
SHA1..: 19032e5baa816cad1e60f51359d1e1e935b97898
SHA256: c6d23b1a744c3dbba50a5f7e6587a8ed813bd84acb31c7b89a 26301c3d012692
ssdeep: 1536tbF3cgewInBOQcuI/JvZXgL5ozg4AEdAOhr/ZnGUUgBoYZ4sd:dbFFBpCq
JvZX5RAE7GUUg7ZVd
PEiD..: -


File mnmsrvc.exe received on 2009.09.14 03:51:44 (UTC)
Result: 11/41 (26.83%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Trojan.Crypt!IK
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 -
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 -
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 Win32.Popwin
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.13 -
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 -
Ikarus T3.1.1.72.0 2009.09.14 Trojan.Crypt
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 Artemis!C133A02B0F21
McAfee-GW-Edition 6.8.5 2009.09.14 Heuristic.LooksLike.Win32.SuspiciousPE.H!83
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 Win32/Popwin.NCF
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Suspicious file
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 -
Rising 21.47.00.00 2009.09.14 Trojan.Win32.Nodef.lgc
Sophos 4.45.0 2009.09.14 Mal/EncPk-CK
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 Trojan.Popwin
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 181630 bytes
MD5...: c133a02b0f216803d0792de59bfc7dc4
SHA1..: 3d4b864e12314b4012cf1cd781b933575a71211c
SHA256: 2424e117b5d8ce14c3599455aba2be15e7325b77cd8101cf2d 0ae610cc7c0183
ssdeep: 3072:SxGnCdresK12bKnLSdu8ztcZVJoyXe9CVlu5Ohja3JSc+ :NDX1IuLsu8zQJ
oJCPuok3Jx+


File gashhk.dll received on 2009.09.14 03:51:35 (UTC)
Result: 6/41 (14.64%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 -
AhnLab-V3 5.0.0.2 2009.09.13 -
AntiVir 7.9.1.14 2009.09.11 -
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 W32/Agent.CM.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 -
AVG 8.5.0.412 2009.09.13 -
BitDefender 7.2 2009.09.14 -
CAT-QuickHeal 10.00 2009.09.12 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 TrojWare.Win32.PSW.OnlineGames.~JBK
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 Win32/Nuj!generic
F-Prot 4.5.1.85 2009.09.13 W32/Agent.CM.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 -
Ikarus T3.1.1.72.0 2009.09.14 -
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 -
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 -
McAfee+Artemis 5740 2009.09.13 -
McAfee-GW-Edition 6.8.5 2009.09.14 Heuristic.BehavesLike.Win32.Spyware.L
Microsoft 1.5005 2009.09.14 -
NOD32 4422 2009.09.13 -
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 -
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 High Risk Cloaked Malware
Rising 21.47.00.00 2009.09.14 -
Sophos 4.45.0 2009.09.14 -
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 184320 bytes
MD5...: 3ea503ec0456b1cca181412388d642dd
SHA1..: cc18a7959c12ebfe569583ce2c84808d968d5e80
SHA256: e6f777ff6f3d3af8d835b33a20e0bbbc87e92b47739f42c7e6 5de4eb187ce1df
ssdeep: 3072:46+fkCU9C4uyjoIPJPDkravk1d8xdmT3nk4rEWw:466kr C4uyjoIB4rOk1d
8xdMno


File tright.jpg received on 2009.09.14 03:51:27 (UTC)
Result: 28/41 (68.3%)

Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.14 Trojan-Downloader.Win32.Winical!IK
AhnLab-V3 5.0.0.2 2009.09.13 Win-Trojan/Agent.212992.KF
AntiVir 7.9.1.14 2009.09.11 TR/Agent.49152
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.13 W32/Downloader.B.gen!Eldorado
Avast 4.8.1351.0 2009.09.13 Win32:Agent-GRW
AVG 8.5.0.412 2009.09.13 Downloader.Generic8.BMWI
BitDefender 7.2 2009.09.14 Application.Generic.206712
CAT-QuickHeal 10.00 2009.09.12 Win32.TrojanDownloader.Winical.A.3
ClamAV 0.94.1 2009.09.14 -
Comodo 2310 2009.09.14 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.09.14 Trojan.Resun.659
eSafe 7.0.17.0 2009.09.13 -
eTrust-Vet 31.6.6733 2009.09.11 Win32/Winical!generic
F-Prot 4.5.1.85 2009.09.13 W32/Downloader.B.gen!Eldorado
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 PossibleThreat
GData 19 2009.09.14 Application.Generic.206712
Ikarus T3.1.1.72.0 2009.09.14 Trojan-Downloader.Win32.Winical
Jiangmin 11.0.800 2009.09.13 -
K7AntiVirus 7.10.843 2009.09.12 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.14 -
McAfee 5740 2009.09.13 Generic Downloader.x!bfj
McAfee+Artemis 5740 2009.09.13 Generic Downloader.x!bfj
McAfee-GW-Edition 6.8.5 2009.09.14 Heuristic.LooksLike.Trojan.Agent.H
Microsoft 1.5005 2009.09.14 TrojanDownloader:Win32/Winical.A
NOD32 4422 2009.09.13 Win32/TrojanDownloader.Adload.NFC
Norman 6.01.09 2009.09.11 W32/DLoader.VSXQ
nProtect 2009.1.8.0 2009.09.12 -
Panda 10.0.2.2 2009.09.13 Generic Trojan
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.14 Medium Risk Malware
Rising 21.47.00.00 2009.09.14 Trojan.DL.Win32.Mnless.etr
Sophos 4.45.0 2009.09.14 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.09.13 -
Symantec 1.4.4.12 2009.09.14 Adware.Rugo
TheHacker 6.3.4.4.402 2009.09.12 -
TrendMicro 8.950.0.1094 2009.09.13 -
VBA32 3.12.10.10 2009.09.13 BScope.Trojan-Downloader.Sun.Obfs
ViRobot 2009.9.12.1932 2009.09.12 -
VirusBuster 4.6.5.0 2009.09.13 -

Additional information
File size: 212992 bytes
MD5...: aef5a45a4f1c61c319da9c5be64487c6
SHA1..: d6ea56276cbbea31a37b41d8f3040d6c288c1883
SHA256: 251d2e74c37215f6dacf4dbb1767cb9ed1cc0c6e5e805b005d a4974de8125638
ssdeep: 3072:uAF6L5Za8AUQRfd0pGc/2KflUYrb1lPcOYhmvxmee3YQul0l2pFYxat:Io8
HQ30MLeXWmv83Y08t

[Winsent]

С зараженного оф. сайта download master

Антивирус Версия Обновление Результат

a-squared 4.5.0.24 2009.09.14 -
AhnLab-V3 5.0.0.2 2009.09.14 -
AntiVir 7.9.1.14 2009.09.14 EXP/Pidief.fyc
Antiy-AVL 2.0.3.7 2009.09.14 -
Authentium 5.1.2.4 2009.09.14 -
Avast 4.8.1351.0 2009.09.14 -
AVG 8.5.0.412 2009.09.14 -
BitDefender 7.2 2009.09.14 Exploit.PDF-JS.Gen
CAT-QuickHeal 10.00 2009.09.14 -
ClamAV 0.94.1 2009.09.14 -
Comodo 2318 2009.09.14 -
DrWeb 5.0.0.12182 2009.09.14 -
eSafe 7.0.17.0 2009.09.14 -
eTrust-Vet 31.6.6736 2009.09.14 -
F-Prot 4.5.1.85 2009.09.14 -
F-Secure 8.0.14470.0 2009.09.13 -
Fortinet 3.120.0.0 2009.09.14 -
GData 19 2009.09.14 Exploit.PDF-JS.Gen
Ikarus T3.1.1.72.0 2009.09.14 -
Jiangmin 11.0.800 2009.09.14 -
K7AntiVirus 7.10.844 2009.09.14 -
Kaspersky 7.0.0.125 2009.09.14 Exploit.Win32.Pidief.bry
McAfee 5741 2009.09.14 -
McAfee+Artemis 5741 2009.09.14 -
McAfee-GW-Edition 6.8.5 2009.09.14 Exploit.Pidief.fyc
Microsoft 1.5005 2009.09.14 -
NOD32 4425 2009.09.14 -
Norman 6.01.09 2009.09.14 -
nProtect 2009.1.8.0 2009.09.14 -
Panda 10.0.2.2 2009.09.14 -
PCTools 4.4.2.0 2009.09.14 -
Prevx 3.0 2009.09.14 -
Rising 21.47.04.00 2009.09.14 -
Sophos 4.45.0 2009.09.14 Mal/PDFJs-L
Sunbelt 3.2.1858.2 2009.09.14 -
Symantec 1.4.4.12 2009.09.14 -
TheHacker 6.3.4.4.403 2009.09.14 -
TrendMicro 8.950.0.1094 2009.09.14 -
VBA32 3.12.10.10 2009.09.13 -
ViRobot 2009.9.14.1934 2009.09.14 -
VirusBuster 4.6.5.0 2009.09.14 -

Дополнительная информация
File size: 75722 bytes
MD5...: dfb9d0d15ddc165cbad1c1cfc105d12f
SHA1..: 5ed057f94d18d97c00d7f03bd1127d805806df39
SHA256: 2a35c7eccc7ef86ad39b30ac60070b57d2cc24873164378500 065967c834c929
ssdeep: 1536:k4zg8x3fNuekfNpLSSxABvhD321t/ez/H32koplSMCgf2Ii2GUJxPNuRf<BR>eSxAv5icDXieM7tf<BR>
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set<BR>-
pdfid.: PDF Header: %PDF-1.4<BR>obj 35<BR>endobj 35<BR>stream 18<BR>endstream 18<BR>xref 1<BR>trailer 1<BR>startxref 1<BR>/Page 1<BR>/Encrypt 0<BR>/ObjStm 0<BR>/JS 5<BR>/JavaScript 6<BR>/AA 0<BR>/OpenAction 0<BR>/JBIG2Decode 0<BR>
trid..: Adobe Portable Document Format (100.0%)


ps: Интересная штука. При попытке проверить ссылку _http://www.westbyte.com/dm/ у dr.web, в итоге проверяется