Исследование антивирусов 7

[ZhIV]

Файл ekfsgs.exe получен 2009.04.01 03:31:06 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.01	Trojan.Win32.Autoit!IK
AhnLab-V3	5.0.0.2	2009.03.31	Win-Trojan/Midgare.236544
AntiVir	7.9.0.129	2009.03.31	TR/Onlinegames.A3
Antiy-AVL	2.0.3.1	2009.03.31	Trojan/Win32.Agent2
Authentium	5.1.2.4	2009.03.31	W32/Trojan3.AIQ
Avast	4.8.1335.0	2009.03.31	Win32:Agent-AEEP
AVG	8.5.0.285	2009.03.31	Agent2.CK
BitDefender	7.2	2009.04.01	Trojan.Heur.AutoIT.1
CAT-QuickHeal	10.00	2009.03.31	Backdoor.Agent.adzv
ClamAV	0.94.1	2009.03.31	Trojan.Autoit-72
Comodo	1092	2009.03.31	-
DrWeb	4.44.0.09170	2009.04.01	-
eSafe	7.0.17.0	2009.03.31	Suspicious File
eTrust-Vet	31.6.6427	2009.03.31	-
F-Prot	4.4.4.56	2009.03.31	W32/Trojan3.AIQ
F-Secure	8.0.14470.0	2009.04.01	Trojan.Win32.Agent2.efp
Fortinet	3.117.0.0	2009.04.01	W32/Autorun.HOZ!worm
GData	19	2009.04.01	Trojan.Heur.AutoIT.1
Ikarus	T3.1.1.49.0	2009.04.01	Trojan.Win32.Autoit
K7AntiVirus	7.10.687	2009.03.31	Trojan.Win32.Midgare.roo
Kaspersky	7.0.0.125	2009.04.01	Trojan.Win32.Agent2.efp
McAfee	5570	2009.03.31	W32/Autorun.worm.n
McAfee+Artemis	5570	2009.03.31	W32/Autorun.worm.n
McAfee-GW-Edition	6.7.6	2009.03.31	Trojan.Onlinegames.A3
Microsoft	1.4502	2009.04.01	-
NOD32	3978	2009.03.31	Win32/Packed.Autoit.Gen
Norman	6.00.06	2009.03.31	W32/Smalltroj.LCYY
nProtect	2009.1.8.0	2009.03.31	Trojan/W32.Agent2.336590
Panda	10.0.0.14	2009.03.31	Trj/Agent.LPX
PCTools	4.4.2.0	2009.03.31	-
Prevx1	V2	2009.04.01	-
Rising	21.23.12.00	2009.03.31	-
Sophos	4.40.0	2009.03.31	-
Sunbelt	3.2.1858.2	2009.04.01	-
Symantec	1.4.4.12	2009.04.01	Infostealer
TheHacker	6.3.3.9.298	2009.04.01	Trojan/Midgare.rvm
TrendMicro	8.700.0.1004	2009.03.31	WORM_AUTORUN.HOZ
VBA32	3.12.10.1	2009.03.31	Trojan.Autoit.gen
ViRobot	2009.3.31.1669	2009.03.31	-
VirusBuster	4.6.5.0	2009.03.31	Trojan.Autoit.MB

Дополнительная информация
File size: 336590 bytes
MD5...: aaf6347999670bd093b5c81c89589d6e
SHA1..: e8e8b5b6f7955d003f502cacefeb74c20706b443
SHA256: 025487b75ca057d42034b02bfb28ee474ac8274771fdb0896c ee3c3267c94d87
SHA512: 97a81f82249245a1c3460d52afea26d346999ee5edafb7a778 12e28603c82675<BR>67ca4eb3120c07541d8094856fc6ec7c b6e03926149ec0e4ae2ef074c234c849
ssdeep: 6144:Ijk1EHI7OyXfOe5JnVZFrv7p4TKcw5TCg5FUq0F4h/4k:IjGjPOevnllBcC<BR>5FX02h/4k<BR>
PEiD..: -

[Surfer]

Файл save.exe получен 2009.04.01 10:05:23 (CET)
Результат: 6/39 (15.39%)

Код:

a-squared	4.0.0.101	2009.04.01	-
AhnLab-V3	5.0.0.2	2009.04.01	-
AntiVir	7.9.0.129	2009.04.01	-
Antiy-AVL	2.0.3.1	2009.04.01	-
Authentium	5.1.2.4	2009.03.31	-
Avast	4.8.1335.0	2009.03.31	-
AVG	8.5.0.285	2009.03.31	Win32/Cryptor
BitDefender	7.2	2009.04.01	-
CAT-QuickHeal	10.00	2009.04.01	-
ClamAV	0.94.1	2009.04.01	-
Comodo	1092	2009.03.31	-
eSafe	7.0.17.0	2009.03.31	-
eTrust-Vet	31.6.6427	2009.03.31	-
F-Prot	4.4.4.56	2009.03.31	-
F-Secure	8.0.14470.0	2009.04.01	-
Fortinet	3.117.0.0	2009.04.01	W32/PackWaledac.C
GData	19	2009.04.01	-
Ikarus	T3.1.1.49.0	2009.04.01	-
K7AntiVirus	7.10.687	2009.03.31	-
Kaspersky	7.0.0.125	2009.04.01	-
McAfee	5570	2009.03.31	New Malware.bx
McAfee+Artemis	5570	2009.03.31	New Malware.bx
McAfee-GW-Edition	6.7.6	2009.04.01	-
Microsoft	1.4502	2009.04.01	Trojan:Win32/Waledac.gen!A
NOD32	3979	2009.03.31	a variant of Win32/Kryptik.LP
Norman	6.00.06	2009.03.31	-
nProtect	2009.1.8.0	2009.04.01	-
Panda	10.0.0.14	2009.03.31	-
PCTools	4.4.2.0	2009.03.31	-
Prevx1	V2	2009.04.01	-
Rising	21.23.20.00	2009.04.01	-
Sophos	4.40.0	2009.04.01	-
Sunbelt	3.2.1858.2	2009.04.01	-
Symantec	1.4.4.12	2009.04.01	-
TheHacker	6.3.4.0.298	2009.04.01	-
TrendMicro	8.700.0.1004	2009.04.01	-
VBA32	3.12.10.1	2009.03.31	-
ViRobot	2009.3.31.1670	2009.04.01	-
VirusBuster	4.6.5.0	2009.03.31	-

http://www.virustotal.com/ru/analisi...c9551622f17a18

[Shu_b]

итого за февраль - март

[GeorgeS]

http://www.virustotal.com/ru/analisi...ff7620ad200542

Результат: 9/39 (23.08%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
a-squared - - Exploit.Office!IK
AhnLab-V3 - - -
AntiVir - - EXP/Office.G
Antiy-AVL - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
Comodo - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
F-Prot - - -
F-Secure - - -
Fortinet - - -
GData - - -
Ikarus - - Exploit.Office
K7AntiVirus - - -
Kaspersky - - -
McAfee - - Exploit-1Table.b
McAfee+Artemis - - Exploit-1Table.b
McAfee-GW-Edition - - Exploit.Office.G
Microsoft - - -
NOD32 - - -
Norman - - ShellCode.B
nProtect - - -
Panda - - -
PCTools - - -
Prevx1 - - -
Rising - - -
Sophos - - Troj/MalDoc-Fam
Sunbelt - - -
Symantec - - -
TheHacker - - -
TrendMicro - - -
VBA32 - - suspected of Exploit.Signature
ViRobot - - -
Дополнительная информация
MD5: 96f47ab44b5ddad96531c03c50be8350
SHA1: 25612c5f85b93280e72b30940d56b8b31f6b8413
SHA256: 2f71a19178e7b09d49d87b12f7a5013bab49896ddb811bb08b b6353ba3857e76
SHA512: 8143524c328cf0c0c254f378ca59a3115e19162becaa0d7de8 d4b3ab1c1c11530e8fd0598cbbc9c7ba9f2c5c89f362d6e29c 13c617553c63e4501ea0565905fb

Просьба публиковать полные результаты, в данном виде (неизвестно когда выполненная) подсчитываться не будет.

Файл ______________________.doc получен 2009.03.28 19:37:05 (CET)
Добавил. Извиняюсь только начинаю слать. На компьютере стоят NOD32 BE 4 и Касперский СОС - оба соотв-но файл не приняли за вирус.

[ZhIV]

Файл actxprxy.dll получен 2009.04.07 04:42:28 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	Trojan-Downloader.Win32.Small!IK
AhnLab-V3	5.0.0.2	2009.04.06	-
AntiVir	7.9.0.138	2009.04.06	-
Antiy-AVL	2.0.3.1	2009.04.06	-
Authentium	5.1.2.4	2009.04.07	W32/Backdoor2.DWJU
Avast	4.8.1335.0	2009.04.06	Win32:Patched-JQ
AVG	8.5.0.285	2009.04.07	Win32/Patched.AC
BitDefender	7.2	2009.04.07	Trojan.Generic.1251266
CAT-QuickHeal	10.00	2009.04.06	TrojanDownloader.Small.ap
ClamAV	0.94.1	2009.04.06	-
Comodo	1101	2009.04.06	-
DrWeb	4.44.0.09170	2009.04.07	-
eSafe	7.0.17.0	2009.04.06	Win32.ActxHck.a
eTrust-Vet	31.6.6440	2009.04.07	-
F-Prot	4.4.4.56	2009.04.07	W32/Backdoor2.DWJU
F-Secure	8.0.14470.0	2009.04.07	-
Fortinet	3.117.0.0	2009.04.07	W32/ActxHck.A!tr
GData	19	2009.04.07	Trojan.Generic.1251266
Ikarus	T3.1.1.49.0	2009.04.07	Trojan-Downloader.Win32.Small
K7AntiVirus	7.10.694	2009.04.06	Trojan.Win32.Malware
Kaspersky	7.0.0.125	2009.04.07	-
McAfee	5576	2009.04.06	Generic.dx
McAfee+Artemis	5576	2009.04.06	Generic.dx
McAfee-GW-Edition	6.7.6	2009.04.06	-
Microsoft	1.4502	2009.04.07	-
NOD32	3990	2009.04.06	-
Norman	6.00.06	2009.04.06	W32/Downloader.UHH
nProtect	2009.1.8.0	2009.04.07	-
Panda	10.0.0.14	2009.04.06	Trj/CI.A
PCTools	4.4.2.0	2009.04.06	-
Prevx1	V2	2009.04.07	-
Rising	21.23.41.00	2009.04.03	Win32.Agent.bs
Sophos	4.40.0	2009.04.07	Troj/ActxHck-A
Sunbelt	3.2.1858.2	2009.04.06	Trojan.1
Symantec	1.4.4.12	2009.04.07	-
TheHacker	6.3.4.0.303	2009.04.07	-
TrendMicro	8.700.0.1004	2009.04.06	-
VBA32	3.12.10.2	2009.04.07	-
ViRobot	2009.4.6.1680	2009.04.06	-
VirusBuster	4.6.5.0	2009.04.06	Backdoor.Agent.IPDH

Дополнительная информация
File size: 98304 bytes
MD5...: 0b1213e1023872091024aaeae85de230
SHA1..: f23a4cb5478b3f0064f6aff171dd0d7791b0ee9f
SHA256: 0d9e22d5dc99e4c02d96441dbbb92e4767c965133250e3fb2c ac850226578d1c
SHA512: a44228486f404dd69c2e3c6fa9f474f40b104d55d16d06b293 bd76123df93a40<BR>de08f167a35cf3b3317e88c1fe016dc9 3c1e52f86649be9d7228b59ea90d1e19
ssdeep: 1536:9ayC3Uhcf6vpvM6c9ZCwjkLwwLS+OikWVyBzo78:h5jcD wv+7ikJBzog<BR>
PEiD..: -

Добавлено через 9 минут

Файл A06_1_.exe получен 2009.04.07 05:02:06 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	Generic.Onlinegames!IK
AhnLab-V3	5.0.0.2	2009.04.06	-
AntiVir	7.9.0.138	2009.04.06	TR/Crypt.XDR.Gen
Antiy-AVL	2.0.3.1	2009.04.06	-
Authentium	5.1.2.4	2009.04.07	W32/OnlineGames.CA.gen!Eldorado
Avast	4.8.1335.0	2009.04.06	Win32:Agent-ACMH
AVG	8.5.0.285	2009.04.07	Downloader.Zlob_r.FK
BitDefender	7.2	2009.04.07	Generic.Onlinegames.14.3AB5EF82
CAT-QuickHeal	10.00	2009.04.06	-
ClamAV	0.94.1	2009.04.06	-
Comodo	1101	2009.04.06	-
DrWeb	4.44.0.09170	2009.04.07	-
eSafe	7.0.17.0	2009.04.06	Suspicious File
eTrust-Vet	31.6.6440	2009.04.07	Win32/Gamepass!generic
F-Prot	4.4.4.56	2009.04.07	W32/OnlineGames.CA.gen!Eldorado
F-Secure	8.0.14470.0	2009.04.07	Trojan-GameThief.Win32.Magania.aydy
Fortinet	3.117.0.0	2009.04.07	SPY/LdPinch
GData	19	2009.04.07	Generic.Onlinegames.14.3AB5EF82
Ikarus	T3.1.1.49.0	2009.04.07	Generic.Onlinegames
K7AntiVirus	7.10.694	2009.04.06	Trojan-PSW.Win32.Magania.aydy
Kaspersky	7.0.0.125	2009.04.07	Trojan-GameThief.Win32.Magania.aydy
McAfee	5576	2009.04.06	Generic Dropper.eb
McAfee+Artemis	5576	2009.04.06	Generic Dropper.eb
McAfee-GW-Edition	6.7.6	2009.04.06	Trojan.Crypt.XDR.Gen
Microsoft	1.4502	2009.04.07	PWS:Win32/Ldpinch.BY
NOD32	3990	2009.04.06	probably a variant of Win32/PSW.OnLineGames.NRD
Norman	6.00.06	2009.04.06	-
nProtect	2009.1.8.0	2009.04.07	-
Panda	10.0.0.14	2009.04.06	Trj/Lineage.BZE
PCTools	4.4.2.0	2009.04.06	-
Prevx1	V2	2009.04.07	Medium Risk Malware Dropper
Rising	21.23.41.00	2009.04.03	-
Sophos	4.40.0	2009.04.07	Troj/LdPinch-SE
Sunbelt	3.2.1858.2	2009.04.06	Trojan-GameThief.Win32.Magania.aydy
Symantec	1.4.4.12	2009.04.07	Infostealer.Gampass
TheHacker	6.3.4.0.303	2009.04.07	Trojan/Magania.aydy
TrendMicro	8.700.0.1004	2009.04.06	Possible_Movly-1
VBA32	3.12.10.2	2009.04.07	Trojan-GameThief.Win32.Magania.aydy
ViRobot	2009.4.6.1680	2009.04.06	-
VirusBuster	4.6.5.0	2009.04.06	Trojan.DR.OnlineGames.Gen.118

Дополнительная информация
File size: 22142 bytes
MD5...: bda8924fbf125a97a1830ba60a6516f2
SHA1..: 7db492eae22ea8200f631ffa8561709d009b2221
SHA256: 32d44eb218461fafb2b36b1eb3d95231d4f7e7ac972f479614 937921096706ac
SHA512: 042118f5566def5e807b5c07dab7d90e449fb834dafeef6451 7b0c4e3380435d<BR>9f737b2622489be93cc513db13fd06f8 ad2d9bf7118d10b4f5a9fcbcf2763f45
ssdeep: 384:cMQDBcN/8OPwR2fES1EIRjO6p4ym0kWOzx+lsoQb414I54x1:vQDON//PwRL<BR>SeIVp4F0TOzAlsoQbiqH<BR>
PEiD..: UPX 2.90 [LZMA] -&gt; Markus Oberhumer, Laszlo Molnar &amp; John Reiser

Добавлено через 10 минут

Файл D51_1_.exe получен 2009.04.07 05:14:18 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	-
AhnLab-V3	5.0.0.2	2009.04.06	Dropper/Agent.15360.I
AntiVir	7.9.0.138	2009.04.06	TR/Drop.Zena.A
Antiy-AVL	2.0.3.1	2009.04.06	-
Authentium	5.1.2.4	2009.04.07	W32/Dropper.AGQO
Avast	4.8.1335.0	2009.04.06	-
AVG	8.5.0.285	2009.04.07	PSW.OnlineGames.BGHS
BitDefender	7.2	2009.04.07	Dropped:Trojan.Generic.1459536
CAT-QuickHeal	10.00	2009.04.06	TrojanDropper.Agent.zje
ClamAV	0.94.1	2009.04.06	-
Comodo	1101	2009.04.06	-
DrWeb	4.44.0.09170	2009.04.07	-
eSafe	7.0.17.0	2009.04.06	-
eTrust-Vet	31.6.6440	2009.04.07	-
F-Prot	4.4.4.56	2009.04.07	W32/Dropper.AGQO
F-Secure	8.0.14470.0	2009.04.07	Trojan-Dropper.Win32.Agent.zje
Fortinet	3.117.0.0	2009.04.07	-
GData	19	2009.04.07	Dropped:Trojan.Generic.1459536
Ikarus	T3.1.1.49.0	2009.04.07	-
K7AntiVirus	7.10.694	2009.04.06	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2009.04.07	Trojan-Dropper.Win32.Agent.zje
McAfee	5576	2009.04.06	-
McAfee+Artemis	5576	2009.04.06	-
McAfee-GW-Edition	6.7.6	2009.04.06	Trojan.Drop.Zena.A
Microsoft	1.4502	2009.04.07	Exploit:Win32/Siveras.E
NOD32	3991	2009.04.07	Win32/TrojanDropper.Agent.ZJE
Norman	6.00.06	2009.04.06	W32/Agent.LTIS.dropper
nProtect	2009.1.8.0	2009.04.07	Trojan-Dropper/W32.Agent.15360.G
Panda	10.0.0.14	2009.04.06	-
PCTools	4.4.2.0	2009.04.06	-
Prevx1	V2	2009.04.07	-
Rising	21.24.10.00	2009.04.07	Trojan.Win32.Undef.soe
Sophos	4.40.0	2009.04.07	Mal/Behav-112
Sunbelt	3.2.1858.2	2009.04.06	-
Symantec	1.4.4.12	2009.04.07	-
TheHacker	6.3.4.0.303	2009.04.07	Trojan/Dropper.Agent.zje
TrendMicro	8.700.0.1004	2009.04.06	PAK_Generic.001
VBA32	3.12.10.2	2009.04.07	Trojan-Dropper.Win32.Agent.zje
ViRobot	2009.4.6.1680	2009.04.06	Trojan.Win32.Agent.15360.AW
VirusBuster	4.6.5.0	2009.04.06	Trojan.DR.Agent.GCWR

Дополнительная информация
File size: 15360 bytes
MD5...: 60ed6c46181c2df285719f541ef3dc07
SHA1..: a9fbc6fb501b28d668878e9c61797bcea536d788
SHA256: 632b17dd78ddbff3d587ee47e3b8ae3d6c7750382049fec13c 2e05d148624106
SHA512: 0eb800bba9aa29ad72d7f4390e6ba875d0001978d224ba28c0 0a703d9ad0dabd<BR>74579026e47218bd7d021a3662854318 42d62c7cfa6a587311ae58dec3681735
ssdeep: 384:20Rs1LvqfARgiQGtMFgi+ZxKQ3b8zBXs:200LSfRiQLgi+ ZH86<BR>
PEiD..: Armadillo v1.71

Добавлено через 4 минуты

Файл oleadp.dll получен 2009.04.07 05:15:01 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	Trojan-Dropper.Agent!IK
AhnLab-V3	5.0.0.2	2009.04.06	-
AntiVir	7.9.0.138	2009.04.06	TR/Small.bbp
Antiy-AVL	2.0.3.1	2009.04.06	Trojan/Win32.Agent
Authentium	5.1.2.4	2009.04.07	W32/Downldr2.FHII
Avast	4.8.1335.0	2009.04.06	Win32:Trojan-gen {Other}
AVG	8.5.0.285	2009.04.07	Downloader.Agent.AQQU
BitDefender	7.2	2009.04.07	Trojan.Generic.1602684
CAT-QuickHeal	10.00	2009.04.06	TrojanDownloader.Agent.atpy
ClamAV	0.94.1	2009.04.06	Trojan.Downloader-62080
Comodo	1101	2009.04.06	TrojWare.Win32.TrojanDownloader.Agent.~AGW
DrWeb	4.44.0.09170	2009.04.07	DLOADER.Trojan
eSafe	7.0.17.0	2009.04.06	Win32.TRSmall.bbp
eTrust-Vet	31.6.6440	2009.04.07	Win32/SillyDl.GMQ
F-Prot	4.4.4.56	2009.04.07	W32/Downldr2.FHII
F-Secure	8.0.14470.0	2009.04.07	Trojan-Downloader.Win32.Agent.atpy
Fortinet	3.117.0.0	2009.04.07	W32/Agent.ATPY!tr.dldr
GData	19	2009.04.07	Trojan.Generic.1602684
Ikarus	T3.1.1.49.0	2009.04.07	Trojan-Dropper.Agent
K7AntiVirus	7.10.694	2009.04.06	Trojan-Downloader.Win32.Agent.atpy
Kaspersky	7.0.0.125	2009.04.07	Trojan-Downloader.Win32.Agent.atpy
McAfee	5576	2009.04.06	Generic Downloader.x
McAfee+Artemis	5576	2009.04.06	Generic Downloader.x
McAfee-GW-Edition	6.7.6	2009.04.06	Trojan.Small.bbp
Microsoft	1.4502	2009.04.07	TrojanDownloader:Win32/Agent.YD
NOD32	3991	2009.04.07	Win32/Agent.ONC
Norman	6.00.06	2009.04.06	W32/Agent.LUMN
nProtect	2009.1.8.0	2009.04.07	Trojan-Downloader/W32.Agent.22016.AY
Panda	10.0.0.14	2009.04.06	Trj/Downloader.MDW
PCTools	4.4.2.0	2009.04.06	Trojan-Downloader.Agent!sd6
Prevx1	V2	2009.04.07	High Risk Worm
Rising	21.24.10.00	2009.04.07	Trojan.Win32.Undef.vbf
Sophos	4.40.0	2009.04.07	-
Sunbelt	3.2.1858.2	2009.04.06	Trojan-Downloader.Win32.Agent.atpy
Symantec	1.4.4.12	2009.04.07	Trojan Horse
TheHacker	6.3.4.0.303	2009.04.07	Trojan/Downloader.Agent.atpy
TrendMicro	8.700.0.1004	2009.04.06	-
VBA32	3.12.10.2	2009.04.07	Win32.Agent.ONC
ViRobot	2009.4.6.1680	2009.04.06	-
VirusBuster	4.6.5.0	2009.04.06	Trojan.DL.Agent.IQPW

Дополнительная информация
File size: 22016 bytes
MD5...: 9ec06018e2a05e3851386959fde7aa91
SHA1..: a9fb4c9fcd54c2c13f1be33a40a242717998fc3f
SHA256: 88ab242f80ed5cfc01de25ec6d77fdc79ae2fc28a6d271d653 884757c34f872c
SHA512: ffaf5ed79d443eeb6f1406d6cf4d691a55744c2e63cfdb4bff e92feee719fdf0<BR>5382f2c15c08fd69c81c56caaa48b55d a2aa6c0a443bd841d6bec8b74edc5b80
ssdeep: 384:6tNZ/z4wmn8caDy8D/QW4YqPnEKzwFbL4HPx21VyHPWvyWNdaeI:6tNZ/z49<BR>kDo9xEiTHPgUH0J4e<BR>
PEiD..: Armadillo v1.xx - v2.xx

Добавлено через 1 минуту

Файл D9C002DD.dll получен 2009.04.07 0507 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	Generic.Onlinegames!IK
AhnLab-V3	5.0.0.2	2009.04.06	-
AntiVir	7.9.0.138	2009.04.06	TR/Spy.Gen
Antiy-AVL	2.0.3.1	2009.04.06	-
Authentium	5.1.2.4	2009.04.07	W32/OnlineGames.CA.gen!Eldorado
Avast	4.8.1335.0	2009.04.06	Win32:Agent-ACMH
AVG	8.5.0.285	2009.04.07	PSW.OnlineGames3.ARG
BitDefender	7.2	2009.04.07	Generic.Onlinegames.14.8518F76E
CAT-QuickHeal	10.00	2009.04.06	-
ClamAV	0.94.1	2009.04.06	-
Comodo	1101	2009.04.06	-
DrWeb	4.44.0.09170	2009.04.07	-
eSafe	7.0.17.0	2009.04.06	Win32.TRSpy
eTrust-Vet	31.6.6440	2009.04.07	Win32/Gamepass!generic
F-Prot	4.4.4.56	2009.04.07	W32/OnlineGames.CA.gen!Eldorado
F-Secure	8.0.14470.0	2009.04.07	Trojan-GameThief.Win32.Magania.ayej
Fortinet	3.117.0.0	2009.04.07	W32/OnlineGames.MIG!tr.pws
GData	19	2009.04.07	Generic.Onlinegames.14.8518F76E
Ikarus	T3.1.1.49.0	2009.04.07	Generic.Onlinegames
K7AntiVirus	7.10.694	2009.04.06	Trojan-PSW.Win32.Magania.ayej
Kaspersky	7.0.0.125	2009.04.07	Trojan-GameThief.Win32.Magania.ayej
McAfee	5576	2009.04.06	-
McAfee+Artemis	5576	2009.04.06	Generic!Artemis
McAfee-GW-Edition	6.7.6	2009.04.06	Trojan.Spy.Gen
Microsoft	1.4502	2009.04.07	PWS:Win32/OnLineGames.CP
NOD32	3991	2009.04.07	probably a variant of Win32/PSW.OnLineGames.NRD
Norman	6.00.06	2009.04.06	-
nProtect	2009.1.8.0	2009.04.07	-
Panda	10.0.0.14	2009.04.06	-
Prevx1	V2	2009.04.07	High Risk Fraudulent Security Program
Rising	21.24.10.00	2009.04.07	Trojan.PSW.Win32.Undef.bcn
Sophos	4.40.0	2009.04.07	Troj/LdPinch-SE
Sunbelt	3.2.1858.2	2009.04.06	-
Symantec	1.4.4.12	2009.04.07	Infostealer.Gampass
TheHacker	6.3.4.0.303	2009.04.07	Trojan/Magania.ayej
TrendMicro	8.700.0.1004	2009.04.06	Mal_OLGM-23
VBA32	3.12.10.2	2009.04.07	Malware-Dropper.Win32.Inject.gen
ViRobot	2009.4.6.1680	2009.04.06	-
VirusBuster	4.6.5.0	2009.04.06	-

Дополнительная информация
File size: 220262 bytes
MD5...: bf332508508a665c2f9c71b855291772
SHA1..: a43d9b9185594c43475214295c096a7872f07a69
SHA256: 7654c35f26bbae3bf8ff8673e243c351ac3dd7641efecc28d8 ea38e4fe63eaf6
SHA512: 282bc26860d1a497e2eed982e3cadaa1cd16995c6a247d5c3c 054146a1c2cfba<BR>c0f4dd78617799ad362b2290ec182d27 9f715ae6380e3bf3e29b9452f8585f22
ssdeep: 192:MeUH36HA2Y+Y8tG1Eaag1b3DgngOzqryaD3kzGQ6dA30nY YsG/OBLa09R+UJ<BR>n:Mec36TQEaa+8gO2dAKvd2pG/OBD3Tn<BR>
PEiD..: -

Добавлено через 5 минут

Файл MB29kg.EXE получен 2009.04.07 05:26:48 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	Backdoor.Win32.Agobot!IK
AhnLab-V3	5.0.0.2	2009.04.06	-
AntiVir	7.9.0.138	2009.04.06	-
Antiy-AVL	2.0.3.1	2009.04.06	-
Authentium	5.1.2.4	2009.04.07	W32/Heuristic-210!Eldorado
Avast	4.8.1335.0	2009.04.06	-
AVG	8.5.0.285	2009.04.07	-
BitDefender	7.2	2009.04.07	-
CAT-QuickHeal	10.00	2009.04.06	(Suspicious) - DNAScan
ClamAV	0.94.1	2009.04.06	-
Comodo	1101	2009.04.06	-
DrWeb	4.44.0.09170	2009.04.07	-
eSafe	7.0.17.0	2009.04.06	Suspicious File
eTrust-Vet	31.6.6440	2009.04.07	-
F-Prot	4.4.4.56	2009.04.07	W32/Heuristic-210!Eldorado
F-Secure	8.0.14470.0	2009.04.07	-
Fortinet	3.117.0.0	2009.04.07	-
GData	19	2009.04.07	-
Ikarus	T3.1.1.49.0	2009.04.07	Backdoor.Win32.Agobot
K7AntiVirus	7.10.694	2009.04.06	-
Kaspersky	7.0.0.125	2009.04.07	-
McAfee	5576	2009.04.06	-
McAfee+Artemis	5576	2009.04.06	-
McAfee-GW-Edition	6.7.6	2009.04.06	-
Microsoft	1.4502	2009.04.07	-
NOD32	3991	2009.04.07	-
Norman	6.00.06	2009.04.06	-
nProtect	2009.1.8.0	2009.04.07	-
Panda	10.0.0.14	2009.04.06	-
PCTools	4.4.2.0	2009.04.06	-
Prevx1	V2	2009.04.07	-
Rising	21.24.10.00	2009.04.07	-
Sophos	4.40.0	2009.04.07	Sus/ComPack-C
Sunbelt	3.2.1858.2	2009.04.06	VIPRE.Suspicious
Symantec	1.4.4.12	2009.04.07	-
TheHacker	6.3.4.0.303	2009.04.07	W32/Behav-Heuristic-066
TrendMicro	8.700.0.1004	2009.04.06	PAK_Generic.001
VBA32	3.12.10.2	2009.04.07	-
ViRobot	2009.4.6.1680	2009.04.06	-
VirusBuster	4.6.5.0	2009.04.06	-

Дополнительная информация
File size: 33280 bytes
MD5...: e971a74fff55c8a03b442e347418ca44
SHA1..: 2e0aa84614aff0841821503388f4c7626a27cb56
SHA256: b88153e71f4f6d5f64e7273c6368535c7fe2133c03562f1d17 5c29f21c07cd4b
SHA512: 13bc982455bc910a1f64e529ccdb611630f6be9d1dbbecdf71 56dd0f6ad7f8e5<BR>3d610abcdba89c9f04916ece68d9d5fc 0ea6eeea8c0c096d25dd9bbf481b8681
ssdeep: 7681H+8TAC5TcP0P8lypWkcVXJgqUdsuQVLjq+UumnBrjVIJ8oNDv x1PTb0l<BR>G8XJgoVPjqBrjVIHDvx<BR>
PEiD..: -

Добавлено через 1 час 39 минут

Файл Dc1.dll получен 2009.04.07 07:02:45 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.07	Trojan.Horse.Pws.Ldpinch.DQY!IK
AhnLab-V3	5.0.0.2	2009.04.06	Win-Trojan/LdPinch.26112.BW
AntiVir	7.9.0.138	2009.04.06	-
Antiy-AVL	2.0.3.1	2009.04.06	-
Authentium	5.1.2.4	2009.04.07	W32/Trojan.BPOL
Avast	4.8.1335.0	2009.04.06	-
AVG	8.5.0.285	2009.04.07	-
BitDefender	7.2	2009.04.07	Trojan.Horse.Pws.Ldpinch.DQY
CAT-QuickHeal	10.00	2009.04.06	-
ClamAV	0.94.1	2009.04.07	Trojan.PWS.LdPinch.DQY
Comodo	1101	2009.04.06	Unclassified Malware
DrWeb	4.44.0.09170	2009.04.07	-
eSafe	7.0.17.0	2009.04.06	Suspicious File
eTrust-Vet	31.6.6440	2009.04.07	Win32/VMalum.ABBN
F-Prot	4.4.4.56	2009.04.07	W32/Trojan.BPOL
F-Secure	8.0.14470.0	2009.04.07	-
Fortinet	3.117.0.0	2009.04.07	PossibleThreat
GData	19	2009.04.07	Trojan.Horse.Pws.Ldpinch.DQY
Ikarus	T3.1.1.49.0	2009.04.07	Trojan.Horse.Pws.Ldpinch.DQY
K7AntiVirus	7.10.694	2009.04.06	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2009.04.07	-
McAfee	5576	2009.04.06	Generic.dx
McAfee+Artemis	5576	2009.04.06	Generic.dx
McAfee-GW-Edition	6.7.6	2009.04.06	-
Microsoft	1.4502	2009.04.07	-
NOD32	3991	2009.04.07	-
Norman	6.00.06	2009.04.06	W32/LdPinch.IYH
nProtect	2009.1.8.0	2009.04.07	Trojan-PWS/W32.LdPinch.26112.C
Panda	10.0.0.14	2009.04.06	-
PCTools	4.4.2.0	2009.04.06	Trojan.Agent.DXEG
Prevx1	V2	2009.04.07	High Risk Information Stealer
Rising	21.24.10.00	2009.04.07	Trojan.PSW.Win32.LdPinch.rat
Sophos	4.40.0	2009.04.07	-
Sunbelt	3.2.1858.2	2009.04.06	Trojan.Horse.Pws.Ldpinch.DQY
Symantec	1.4.4.12	2009.04.07	Infostealer
TheHacker	6.3.4.0.303	2009.04.07	-
TrendMicro	8.700.0.1004	2009.04.07	PAK_Generic.001
VBA32	3.12.10.2	2009.04.07	-
ViRobot	2009.4.7.1681	2009.04.07	-
VirusBuster	4.6.5.0	2009.04.06	Trojan.Agent.DXEG

Дополнительная информация
File size: 26112 bytes
MD5...: 32f93c22f79f6658721e82e55f31006a
SHA1..: bbcd66ac2e2298f06d245c0c6ba6fa5ac7cb0857
SHA256: bdfa01e0831c33b13b39bf8fb810bb2b401f703cccb9f5a590 ae89b74af9973f
SHA512: 3de27ce23db3fa0bf6bb0363fe2bc3d52d6df9c728456f8496 cfc8f83eb9a7c8<BR>e5b14d8a964bfcfacf008b3d9f81a381 7f75d08ca249e891b1886e00246bfd20
ssdeep: 384:vZmwHCvIsmQsp3dLTouFEVimS6LTswyuYjNTlcZSGhOFXS b9n7:vZmVveQsZ<BR>dvxIi/biAFCbp<BR>
PEiD..: -

[Kuzz]

Файл avz00001.dta получен 2009.04.08 14:10:46 (CET)
Текущий статус: закончено
Результат: 8/40 (20%)

Код:

Антивирус 	Версия 	Обновление 	Результат
a-squared	4.0.0.101	2009.04.08	-
AhnLab-V3	5.0.0.2	2009.04.08	-
AntiVir	7.9.0.138	2009.04.08	-
Antiy-AVL	2.0.3.1	2009.04.08	Backdoor/Win32.KeyStart
Authentium	5.1.2.4	2009.04.08	W32/Damaged_File.gen!Eldorado
Avast	4.8.1335.0	2009.04.07	-
AVG	8.5.0.285	2009.04.08	-
BitDefender	7.2	2009.04.08	-
CAT-QuickHeal	10.00	2009.04.08	-
ClamAV	0.94.1	2009.04.08	-
Comodo	1105	2009.04.08	-
DrWeb	4.44.0.09170	2009.04.08	Trojan.DownLoad.31797
eSafe	7.0.17.0	2009.04.07	Suspicious File
eTrust-Vet	31.6.6444	2009.04.08	-
F-Prot	4.4.4.56	2009.04.08	W32/Damaged_File.gen!Eldorado
F-Secure	8.0.14470.0	2009.04.08	-
Fortinet	3.117.0.0	2009.04.08	-
GData	19	2009.04.08	-
Ikarus	T3.1.1.49.0	2009.04.08	-
K7AntiVirus	7.10.695	2009.04.07	-
Kaspersky	7.0.0.125	2009.04.08	-
McAfee	5577	2009.04.07	-
McAfee+Artemis	5577	2009.04.07	-
McAfee-GW-Edition	6.7.6	2009.04.08	Win32.Malware.dam (suspicious)
Microsoft	1.4502	2009.04.08	-
NOD32	3994	2009.04.07	-
Norman	6.00.06	2009.04.08	-
nProtect	2009.1.8.0	2009.04.08	-
Panda	10.0.0.14	2009.04.07	-
PCTools	4.4.2.0	2009.04.07	-
Prevx1	V2	2009.04.08	-
Rising	21.24.22.00	2009.04.08	-
Sophos	4.40.0	2009.04.08	-
Sunbelt	3.2.1858.2	2009.04.08	VIPRE.Suspicious
Symantec	1.4.4.12	2009.04.08	Suspicious.MH690.A
TheHacker	6.3.4.0.303	2009.04.08	-
TrendMicro	8.700.0.1004	2009.04.08	-
VBA32	3.12.10.2	2009.04.08	-
ViRobot	2009.4.7.1684	2009.04.08	-
VirusBuster	4.6.5.0	2009.04.07	-

Дополнительная информация
File size: 70722 bytes
MD5...: 88b7e71e3f16a3b1951af96a4fcd0a3b
SHA1..: 78ce49106664b3f0423d6352c26947a496dbe72b
SHA256: 62c390e08ab7168b88eb9701a72d26bb0fe67e47ca9a7aaf3a 612be1d5bcf102
SHA512: f75b65fd88017a4b0b92ffbdb58005dc071c660f88e49a9a89 4902ca455226d1
9d7a6292da7ed63aaddab8758f8d2678b348be9cdf0c1ecc83 4b0baaa9413986
ssdeep: 1536:Q6ybwt5R4uxGUex9IElFoEyPo0JF4W7R2ltXD+LKibO:C bwtL4uwbxCStyv
FRglUE
PEiD..: -

Добавлено через 3 минуты

Файл avz00002.dta получен 2009.04.08 14:10:55 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.08	Trojan-Spy.Finanz.J!IK
AhnLab-V3	5.0.0.2	2009.04.08	-
AntiVir	7.9.0.138	2009.04.08	TR/Dldr.Age.orh.1.A
Antiy-AVL	2.0.3.1	2009.04.08	-
Authentium	5.1.2.4	2009.04.08	-
Avast	4.8.1335.0	2009.04.07	-
AVG	8.5.0.285	2009.04.08	-
BitDefender	7.2	2009.04.08	-
CAT-QuickHeal	10.00	2009.04.08	-
ClamAV	0.94.1	2009.04.08	-
Comodo	1105	2009.04.08	-
DrWeb	4.44.0.09170	2009.04.08	-
eSafe	7.0.17.0	2009.04.07	Suspicious File
eTrust-Vet	31.6.6444	2009.04.08	-
F-Prot	4.4.4.56	2009.04.08	-
F-Secure	8.0.14470.0	2009.04.08	-
Fortinet	3.117.0.0	2009.04.08	-
GData	19	2009.04.08	-
Ikarus	T3.1.1.49.0	2009.04.08	Trojan-Spy.Finanz.J
K7AntiVirus	7.10.695	2009.04.07	-
Kaspersky	7.0.0.125	2009.04.08	-
McAfee	5577	2009.04.07	Downloader-BAR
McAfee+Artemis	5577	2009.04.07	Generic!Artemis
McAfee-GW-Edition	6.7.6	2009.04.08	Trojan.Dldr.Age.orh.1.A
Microsoft	1.4502	2009.04.08	TrojanDownloader:Win32/Slupim.B
NOD32	3994	2009.04.07	-
Norman	6.00.06	2009.04.08	-
nProtect	2009.1.8.0	2009.04.08	-
Panda	10.0.0.14	2009.04.07	-
PCTools	4.4.2.0	2009.04.07	-
Prevx1	V2	2009.04.08	Medium Risk Malware
Rising	21.24.22.00	2009.04.08	-
Sophos	4.40.0	2009.04.08	Mal/Generic-A
Sunbelt	3.2.1858.2	2009.04.08	-
Symantec	1.4.4.12	2009.04.08	Downloader
TheHacker	6.3.4.0.303	2009.04.08	-
TrendMicro	8.700.0.1004	2009.04.08	PAK_Generic.001
VBA32	3.12.10.2	2009.04.08	-
ViRobot	2009.4.7.1684	2009.04.08	-
VirusBuster	4.6.5.0	2009.04.07	-

Дополнительная информация
File size: 33280 bytes
MD5...: 9e1715c7898a8cd97a162711886989dc
SHA1..: 7777b0cc0bc5894aba0bbcf7bb76f501e58056dd
SHA256: 20adffebe69bf64ea0ec708335a357ff423258733bead565cc 6489277beadfa7
SHA512: add645ddc6629446aab0313f6a4587a9887479be830e0417e3 ddabcf3dd6f606<br>9ffd3c395c79e45e418f77df42344afe f13895311ff7dcf17b8fcdc331a7a090
ssdeep: 768:MghekVD4bDLwkXL621bClvRt+ki4Xl5i/2AQxyBr:MWHVcbfjLh1bIptni4X<br>Li/2H<br>
PEiD..: -

Добавлено через 2 минуты

Файл avz00008.dta получен 2009.04.08 14:13:43 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.08	-
AhnLab-V3	5.0.0.2	2009.04.08	-
AntiVir	7.9.0.138	2009.04.08	HEUR/Malware
Antiy-AVL	2.0.3.1	2009.04.08	-
Authentium	5.1.2.4	2009.04.08	-
Avast	4.8.1335.0	2009.04.07	-
AVG	8.5.0.285	2009.04.08	-
BitDefender	7.2	2009.04.08	BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal	10.00	2009.04.08	-
ClamAV	0.94.1	2009.04.08	-
Comodo	1105	2009.04.08	-
DrWeb	4.44.0.09170	2009.04.08	-
eSafe	7.0.17.0	2009.04.07	Suspicious File
eTrust-Vet	31.6.6444	2009.04.08	-
F-Prot	4.4.4.56	2009.04.08	-
F-Secure	8.0.14470.0	2009.04.08	-
Fortinet	3.117.0.0	2009.04.08	-
GData	19	2009.04.08	BehavesLike:Win32.ExplorerHijack
Ikarus	T3.1.1.49.0	2009.04.08	-
K7AntiVirus	7.10.695	2009.04.07	-
Kaspersky	7.0.0.125	2009.04.08	Heur.Trojan.Generic
McAfee	5577	2009.04.07	-
McAfee+Artemis	5577	2009.04.07	-
McAfee-GW-Edition	6.7.6	2009.04.08	Heuristic.Malware
Microsoft	1.4502	2009.04.08	-
NOD32	3994	2009.04.07	-
Norman	6.00.06	2009.04.08	-
nProtect	2009.1.8.0	2009.04.08	-
Panda	10.0.0.14	2009.04.07	-
PCTools	4.4.2.0	2009.04.07	-
Prevx1	V2	2009.04.08	High Risk Cloaked Malware
Rising	21.24.22.00	2009.04.08	-
Sophos	4.40.0	2009.04.08	-
Sunbelt	3.2.1858.2	2009.04.08	-
Symantec	1.4.4.12	2009.04.08	-
TheHacker	6.3.4.0.303	2009.04.08	-
TrendMicro	8.700.0.1004	2009.04.08	PAK_Generic.001
VBA32	3.12.10.2	2009.04.08	-
ViRobot	2009.4.7.1684	2009.04.08	-
VirusBuster	4.6.5.0	2009.04.07	-

Дополнительная информация
File size: 61952 bytes
MD5...: 6dc3e5662cfc21669bb56bc99ff80060
SHA1..: f054eade47d031d80e5dd2737442a014cf157433
SHA256: f63f22ed4d5ac8e7c6db26b17aeb8f7cb4c5994de1ba486757 7bd63fdd5b0926
SHA512: 2b86681ef5cf71553da6a5834ad815f72fae38ed38fd691151 d4c79d7f6ab3fe<br>ebf79e7834c4902dc08d00ede69f7701 9366dd7d22e8a1626897bf24bf18e11a
ssdeep: 1536:NBEb/fUusufovK9D0OJkncY3tzQuAPRjCenGkolgRA:NBEb/suNQA6nxt/A<br>pjCkXJu<br>
PEiD..: UPX 2.90 [LZMA] -&gt; Markus Oberhumer, Laszlo Molnar &amp; John Reiser

[senyak]

Файл __________.jar.jar получен 2009.04.08 17:25:21 (CET)
Текущий статус: закончено
Результат: 8/40 (20.00%)

Результат: 8/40 (20%)
Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.08 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.04.08 -
AntiVir 7.9.0.138 2009.04.08 JAVA/SMS.Konov.e
Antiy-AVL 2.0.3.1 2009.04.08 Trojan/J2ME.Konov
Authentium 5.1.2.4 2009.04.08 -
Avast 4.8.1335.0 2009.04.08 -
AVG 8.5.0.285 2009.04.08 -
BitDefender 7.2 2009.04.08 -
CAT-QuickHeal 10.00 2009.04.08 -
ClamAV 0.94.1 2009.04.08 -
Comodo 1105 2009.04.08 -
DrWeb 4.44.0.09170 2009.04.08 Java.SMSSend.18
eSafe 7.0.17.0 2009.04.07 -
eTrust-Vet 31.6.6444 2009.04.08 -
F-Prot 4.4.4.56 2009.04.08 -
F-Secure 8.0.14470.0 2009.04.08 Trojan-SMS.J2ME.Konov.e
Fortinet 3.117.0.0 2009.04.08 -
GData 19 2009.04.08 -
Ikarus T3.1.1.49.0 2009.04.08 Trojan-SMS
K7AntiVirus 7.10.695 2009.04.07 -
Kaspersky 7.0.0.125 2009.04.08 Trojan-SMS.J2ME.Konov.e
McAfee 5577 2009.04.07 -
McAfee+Artemis 5577 2009.04.07 -
McAfee-GW-Edition 6.7.6 2009.04.08 -
Microsoft 1.4502 2009.04.08 -
NOD32 3995 2009.04.08 -
Norman 6.00.06 2009.04.08 -
nProtect 2009.1.8.0 2009.04.08 -
Panda 10.0.0.14 2009.04.08 -
PCTools 4.4.2.0 2009.04.08 -
Prevx1 V2 2009.04.08 -
Rising 21.24.22.00 2009.04.08 -
Sophos 4.40.0 2009.04.08 -
Sunbelt 3.2.1858.2 2009.04.08 -
Symantec 1.4.4.12 2009.04.08 Trojan Horse
TheHacker 6.3.4.0.303 2009.04.08 -
TrendMicro 8.700.0.1004 2009.04.08 -
VBA32 3.12.10.2 2009.04.08 -
ViRobot 2009.4.7.1684 2009.04.08 -
VirusBuster 4.6.5.0 2009.04.08 -

Дополнительная информация
File size: 2366 bytes
MD5...: bef6ca276e3cef380b163c22a119e14c
SHA1..: 6b81c2d01e9fe4dfded625e12be770d7bbdf952c
SHA256: 934fb9228051fa17ae23c39e614f636402f87f2b1bb886a997 381a0964e2f475
SHA512: a217a183c5952e164e93045db0c03c5d26dfa25481b174a87c 491bd835b155fa
64deb241673056fe5c14dc070666130c214d00b97bd499e26e e8b0be91f4e92c
ssdeep: 48:51FTQo0tOURs9y3VeiTEzrTnHOCmmJwLnDfTBEm7FTiOURs9qVeiT6THmX3
J
PEiD..: -
TrID..: File type identification
Java Archive (78.2%)
ZIP compressed archive (21.5%)
Sybase iAnywhere database files (0.1%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -
RDS...: NSRL Reference Data Set
-

[senyak]

Файл system32.vbs получен 2009.04.11 02:04:48 (CET)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: 16/40 (40%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.11 Trojan.VBS.KillFiles!IK
AhnLab-V3 5.0.0.2 2009.04.10 -
AntiVir 7.9.0.138 2009.04.10 VBS/KillFiles.U
Antiy-AVL 2.0.3.1 2009.04.10 Trojan/VBS.Disabler
Authentium 5.1.2.4 2009.04.10 VBS/KillFil.U
Avast 4.8.1335.0 2009.04.10 VBSjuka-A
AVG 8.5.0.285 2009.04.10 VBS/Agent
BitDefender 7.2 2009.04.11 -
CAT-QuickHeal 10.00 2009.04.10 -
ClamAV 0.94.1 2009.04.10 Trojan.VBS.Ejector
Comodo 1109 2009.04.10 -
DrWeb 4.44.0.09170 2009.04.11 VBS.Corruptor.7
eSafe 7.0.17.0 2009.04.07 -
eTrust-Vet 31.6.6450 2009.04.11 -
F-Prot 4.4.4.56 2009.04.10 VBS/KillFil.U
F-Secure 8.0.14470.0 2009.04.10 Trojan.VBS.Disabler.j
Fortinet 3.117.0.0 2009.04.10 -
GData 19 2009.04.11 VBSjuka-A
Ikarus T3.1.1.49.0 2009.04.11 Trojan.VBS.KillFiles
K7AntiVirus 7.10.698 2009.04.09 -
Kaspersky 7.0.0.125 2009.04.11 Trojan.VBS.Disabler.j
McAfee 5580 2009.04.10 -
McAfee+Artemis 5580 2009.04.10 -
McAfee-GW-Edition 6.7.6 2009.04.10 Script.KillFiles.U
Microsoft 1.4502 2009.04.10 -
NOD32 4000 2009.04.10 VBS/Agent.D
Norman 6.00.06 2009.04.09 VBS/Agent.A
nProtect 2009.1.8.0 2009.04.10 -
Panda 10.0.0.14 2009.04.10 -
PCTools 4.4.2.0 2009.04.08 -
Prevx1 V2 2009.04.11 -
Rising 21.24.44.00 2009.04.10 -
Sophos 4.40.0 2009.04.11 -
Sunbelt 3.2.1858.2 2009.04.10 -
Symantec 1.4.4.12 2009.04.11 -
TheHacker 6.3.4.0.305 2009.04.10 -
TrendMicro 8.700.0.1004 2009.04.10 -
VBA32 3.12.10.2 2009.04.10 -
ViRobot 2009.4.10.1688 2009.04.10 -
VirusBuster 4.6.5.0 2009.04.10 -

Дополнительная информация
File size: 7554 bytes
MD5...: f990e831063777c40c6826eb49824986
SHA1..: cb901d7c022d02078cf76f319f5519e41cbd75ed
SHA256: fcac063882593e4809163985420da76021f8e4fe45a036b879 b5f708bedeca8d
SHA512: 79a3bd8dd8d4c3e83202755b844b0b7d14d76911572dba7cba ce3dcf131e2dd2
28f1a45243e5c5263332062b9456d114392f823287c23a60fa 708d2de5ae0b1b
ssdeep: 96:unqEsuV2EsV2EFb2GRdU6MtMoas4rYiHn7feAYIc6CMlBz/fNIDIS5deIHyyG
Kq3:uH2/2IUNm4UqgMF0CHztc/0QJF
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
RDS...: NSRL Reference Data Set




Файл Datren.com получен 2009.04.11 02:07:53 (CET)
Текущий статус: Закончено
Результат: 11/39 (28.21%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.11 Trojan.BAT.KillFiles!IK
AhnLab-V3 5.0.0.2 2009.04.10 -
AntiVir 7.9.0.138 2009.04.10 BDS/Killfiles.FW
Antiy-AVL 2.0.3.1 2009.04.10 Trojan/BAT.KillFiles
Authentium 5.1.2.4 2009.04.10 -
Avast 4.8.1335.0 2009.04.10 -
AVG 8.5.0.285 2009.04.10 -
BitDefender 7.2 2009.04.11 -
CAT-QuickHeal 10.00 2009.04.10 -
ClamAV 0.94.1 2009.04.10 -
Comodo 1109 2009.04.10 TrojWare.BAT.KillFiles.fw
DrWeb 4.44.0.09170 2009.04.11 Trojan.Gds.3318
eSafe 7.0.17.0 2009.04.07 -
eTrust-Vet 31.6.6450 2009.04.11 -
F-Prot 4.4.4.56 2009.04.10 -
Fortinet 3.117.0.0 2009.04.10 -
GData 19 2009.04.11 -
Ikarus T3.1.1.49.0 2009.04.11 Trojan.BAT.KillFiles
K7AntiVirus 7.10.698 2009.04.09 -
Kaspersky 7.0.0.125 2009.04.11 Trojan.BAT.KillFiles.fw
McAfee 5580 2009.04.10 -
McAfee+Artemis 5580 2009.04.10 -
McAfee-GW-Edition 6.7.6 2009.04.10 Trojan.Backdoor.Killfiles.FW
Microsoft 1.4502 2009.04.10 -
NOD32 4000 2009.04.10 -
Norman 6.00.06 2009.04.09 -
nProtect 2009.1.8.0 2009.04.10 -
Panda 10.0.0.14 2009.04.10 -
PCTools 4.4.2.0 2009.04.08 -
Prevx1 V2 2009.04.11 Medium Risk Malware
Rising 21.24.44.00 2009.04.10 -
Sophos 4.40.0 2009.04.11 -
Sunbelt 3.2.1858.2 2009.04.10 -
Symantec 1.4.4.12 2009.04.11 Trojan Horse
TheHacker 6.3.4.0.305 2009.04.10 -
TrendMicro 8.700.0.1004 2009.04.10 -
VBA32 3.12.10.2 2009.04.10 -
ViRobot 2009.4.10.1688 2009.04.10 Spyware.KillFiles.3318
VirusBuster 4.6.5.0 2009.04.10 -

[senyak]

Файл codec.exe получен 2009.04.11 20:26:58 (CET)
Текущий статус: Закончено

Результат: 14/40 (35%)
Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.11 -
AhnLab-V3 5.0.0.2 2009.04.11 -
AntiVir 7.9.0.138 2009.04.11 TR/Dldr.Agent.bqxq
Antiy-AVL 2.0.3.1 2009.04.11 -
Authentium 5.1.2.4 2009.04.11 -
Avast 4.8.1335.0 2009.04.10 -
AVG 8.5.0.285 2009.04.11 Win32/Heur
BitDefender 7.2 2009.04.11 Trojan.Delf.PQY
CAT-QuickHeal 10.00 2009.04.10 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.04.10 -
Comodo 1110 2009.04.11 -
DrWeb 4.44.0.09170 2009.04.11 -
eSafe 7.0.17.0 2009.04.07 Suspicious File
eTrust-Vet 31.6.6450 2009.04.11 -
F-Prot 4.4.4.56 2009.04.11 -
F-Secure 8.0.14470.0 2009.04.11 Trojan-Downloader.Win32.Agent.bqxq
Fortinet 3.117.0.0 2009.04.11 -
GData 19 2009.04.11 Trojan.Delf.PQY
Ikarus T3.1.1.49.0 2009.04.11 -
K7AntiVirus 7.10.700 2009.04.11 Trojan-Downloader.Win32.Agent.bqxq
Kaspersky 7.0.0.125 2009.04.11 Trojan-Downloader.Win32.Agent.bqxq
McAfee 5581 2009.04.11 -
McAfee+Artemis 5581 2009.04.11 -
McAfee-GW-Edition 6.7.6 2009.04.11 Trojan.Dldr.Agent.bqxq
Microsoft 1.4502 2009.04.11 TrojanDownloader:Win32/FakeRean
NOD32 4001 2009.04.11 -
Norman 6.00.06 2009.04.09 -
nProtect 2009.1.8.0 2009.04.11 -
Panda 10.0.0.14 2009.04.11 -
PCTools 4.4.2.0 2009.04.08 -
Prevx1 V2 2009.04.11 Medium Risk Malware
Rising 21.24.52.00 2009.04.11 -
Sophos 4.40.0 2009.04.11 -
Sunbelt 3.2.1858.2 2009.04.11 -
Symantec 1.4.4.12 2009.04.11 Downloader.MisleadApp
TheHacker 6.3.4.0.305 2009.04.11 Trojan/Downloader.Agent.bqxq
TrendMicro 8.700.0.1004 2009.04.10 -
VBA32 3.12.10.2 2009.04.10 -
ViRobot 2009.4.10.1688 2009.04.10 -
VirusBuster 4.6.5.0 2009.04.11 -

Дополнительная информация
File size: 106499 bytes
MD5...: 8aaa3a771b8d223ad587875dac6c82ac
SHA1..: 48416374c9f692b355ad50bd7ee7c41d866f1e7b
SHA256: 6d6368088c1f2e028342ddbf2409f2cf094b3e5ecedb3c4f59 e13fd70c6c2b89
SHA512: a52dc8e212d714a3304adeeb7f8538afc1209a9796cd17e7cd d5e31b1443ccc6
c07816f893eb3effad1d8976ffa9453e743bb4d1b6ca259569 8b0c2dbcceda50
ssdeep: 3072:j7EE/Iufd4dhGH2Ha3sFVsmT9IN/ai9X3kuy:j7E+fdxyssLBYM
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

Добавлено через 6 часов 3 минуты

Файл _________________________________ получен 2009.04.12 01:51:12 (CET)
Текущий статус: Закончено
Результат: 17/40 (42.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.12 Trojan-Clicker.JS.Agent.h!IK
AhnLab-V3 5.0.0.2 2009.04.11 -
AntiVir 7.9.0.138 2009.04.11 HTML/Crypted.Gen
Antiy-AVL 2.0.3.1 2009.04.11 -
Authentium 5.1.2.4 2009.04.11 -
Avast 4.8.1335.0 2009.04.11 HTML:Iframe-inf
AVG 8.5.0.285 2009.04.11 JS/Downloader.Agent
BitDefender 7.2 2009.04.12 -
CAT-QuickHeal 10.00 2009.04.10 JS/Agent.H1
ClamAV 0.94.1 2009.04.10 -
Comodo 1110 2009.04.11 -
DrWeb 4.44.0.09170 2009.04.11 -
eSafe 7.0.17.0 2009.04.07 JS.Iframe.en
eTrust-Vet 31.6.6450 2009.04.11 -
F-Prot 4.4.4.56 2009.04.11 -
F-Secure 8.0.14470.0 2009.04.11 Trojan-Clicker.JS.Agent.h
Fortinet 3.117.0.0 2009.04.11 -
GData 19 2009.04.12 HTML:Iframe-inf
Ikarus T3.1.1.49.0 2009.04.12 Trojan-Clicker.JS.Agent.h
K7AntiVirus 7.10.700 2009.04.11 -
Kaspersky 7.0.0.125 2009.04.12 Trojan-Clicker.JS.Agent.h
McAfee 5581 2009.04.11 JS/Downloader.gen
McAfee+Artemis 5581 2009.04.11 JS/Downloader.gen
McAfee-GW-Edition 6.7.6 2009.04.11 Heuristic.Script.Crypted
Microsoft 1.4502 2009.04.11 TrojanDownloader:JS/Psyme.gen
NOD32 4002 2009.04.11 -
Norman 6.00.06 2009.04.09 -
nProtect 2009.1.8.0 2009.04.11 -
Panda 10.0.0.14 2009.04.11 -
PCTools 4.4.2.0 2009.04.08 -
Prevx1 V2 2009.04.12 -
Rising 21.24.52.00 2009.04.11 -
Sophos 4.40.0 2009.04.11 Mal/ObfJS-AB
Sunbelt 3.2.1858.2 2009.04.11 Exploit.HTML.IFrame.gen (v)
Symantec 1.4.4.12 2009.04.12 -
TheHacker 6.3.4.0.305 2009.04.11 -
TrendMicro 8.700.0.1004 2009.04.10 Mal_Hifrm-2
VBA32 3.12.10.2 2009.04.10 -
ViRobot 2009.4.10.1688 2009.04.10 -
VirusBuster 4.6.5.0 2009.04.11 -

Дополнительная информация
File size: 1731 bytes
MD5...: e7d92c8f8fa5b347dd1cf068501e0eea
SHA1..: 623912671069117568d20b850b3424f46f83063a
SHA256: edc7fe75ef8392fad84b256e6145b7eba31017a32eab01f5b3 26ea288c523b6c
SHA512: b6b2a2fd237b0e6f5123aed7b0ffd3e343b9918d936cc76424 ece6ffa143c3e0
924c634f5eaf5c0d1e423cfeb25cd22ecce68f1f90b7eccd2a 0e475761be18f5
ssdeep: 48:f+LVIrRo7kB+swHyfMI3/nWlBY08rMWFQ+ez:fG8R/nkyL3PWMMWwz
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
RDS...: NSRL Reference Data Set

[vlad179]

Файл a получен 2009.04.12 05:51:23 (CET)

Результат: 11/40 (27.5%)
Форматированные
Печать результатов

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.12 Trojan-Downloader.JS.Psyme.cv!IK
AhnLab-V3	5.0.0.2	2009.04.11	-
AntiVir	7.9.0.138	2009.04.11	HTML/Crypted.Gen
Antiy-AVL	2.0.3.1	2009.04.12	-
Authentium	5.1.2.4	2009.04.11	-
Avast	4.8.1335.0	2009.04.11	-
AVG	8.5.0.285	2009.04.11	JS/Downloader.Agent
BitDefender	7.2	2009.04.12	-
CAT-QuickHeal	10.00	2009.04.10	-
ClamAV	0.94.1	2009.04.12	-
Comodo	1110	2009.04.11	-
DrWeb	4.44.0.09170	2009.04.11	VBS.Psyme.377
eSafe	7.0.17.0	2009.04.07	-
eTrust-Vet	31.6.6450	2009.04.11	-
F-Prot	4.4.4.56	2009.04.11	-
F-Secure	8.0.14470.0	2009.04.11	Trojan-Downloader.JS.Iframe.arf
Fortinet	3.117.0.0	2009.04.11	-
GData	19	2009.04.12	-
Ikarus	T3.1.1.49.0	2009.04.12	Trojan-Downloader.JS.Psyme.cv
K7AntiVirus	7.10.700	2009.04.11	-
Kaspersky	7.0.0.125	2009.04.12	Trojan-Downloader.JS.Iframe.arf
McAfee	5581	2009.04.11	JS/Wonka
McAfee+Artemis	5581	2009.04.11	JS/Wonka
McAfee-GW-Edition	6.7.6	2009.04.11	Heuristic.Script.Crypted
Microsoft	1.4502	2009.04.11	-
NOD32	4002	2009.04.11	-
Norman	6.00.06	2009.04.09	-
nProtect	2009.1.8.0	2009.04.12	-
Panda	10.0.0.14	2009.04.11	-
PCTools	4.4.2.0	2009.04.08	-
Prevx1	V2	2009.04.12	-
Rising	21.24.60.00	2009.04.12	-
Sophos	4.40.0	2009.04.12	-
Sunbelt	3.2.1858.2	2009.04.11	Trojan-Clicker.HTML.IFrame.gen (v)
Symantec	1.4.4.12	2009.04.12	-
TheHacker	6.3.4.0.305	2009.04.11	-
TrendMicro	8.700.0.1004	2009.04.10	-
VBA32	3.12.10.2	2009.04.12	-
ViRobot	2009.4.10.1688	2009.04.10	-
VirusBuster	4.6.5.0	2009.04.11	-

File size: 1549 bytes
MD5...: 7f4e8243134674c085a634ac5e55f99a
SHA1..: 2e45e93b83d33f93dc8bc1842f8f64647925be23
SHA256: ef507f7328beb544db81d52935d982c67099a6874c39bfafaf 10acedebbe50e3
SHA512: 571344b99bb358b4cbbbc11480c5702143bbd54f2e580beda3 e8586f157cae4e
ad0fe3c6d05b3141b7c52e96127ff70d2df7d53e1fef6e815c f435d347150bea
ssdeep: 24:gcWnHtnI0dNbeYh5zox64JWTXBU7Me49kCqvzocc7TvQ3pp nEGWYWSjhHQG1Q
/NV:gc4IaxeepoLWTXB09LozX4U7YHX1QlVj
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
RDS...: NSRL Reference Data Set

[ISO]

Прислали ссылку в ICQ

Привет!Новый Jimm c новыми функциями и уменьшенным потреблением
траффика.

File Jimm_aspro_FIX.jar received on 04.13.2009 17:57:20 (CET)

Код:

Antivirus 	Version 	Last Update 	Result
a-squared	4.0.0.101	2009.04.13	Riskware.RiskTool.J2ME!IK
AhnLab-V3	5.0.0.2	2009.04.13	-
AntiVir	7.9.0.138	2009.04.13	-
Antiy-AVL	2.0.3.1	2009.04.13	-
Authentium	5.1.2.4	2009.04.13	-
Avast	4.8.1335.0	2009.04.13	-
AVG	8.5.0.285	2009.04.13	-
BitDefender	7.2	2009.04.13	-
CAT-QuickHeal	10.00	2009.04.13	-
ClamAV	0.94.1	2009.04.13	-
Comodo	1112	2009.04.13	-
DrWeb	4.44.0.09170	2009.04.13	-
eSafe	7.0.17.0	2009.04.13	-
eTrust-Vet	31.6.6453	2009.04.13	-
F-Prot	4.4.4.56	2009.04.11	-
F-Secure	8.0.14470.0	2009.04.13	RiskTool.J2ME.SMSreg.b
Fortinet	3.117.0.0	2009.04.13	-
GData	19	2009.04.13	-
Ikarus	T3.1.1.49.0	2009.04.13	not-a-virus:RiskTool.J2ME
K7AntiVirus	7.10.700	2009.04.11	-
Kaspersky	7.0.0.125	2009.04.13	not-a-virus:RiskTool.J2ME.SMSreg.b
McAfee	5583	2009.04.13	-
McAfee+Artemis	5583	2009.04.13	-
McAfee-GW-Edition	6.7.6	2009.04.13	-
Microsoft	1.4502	2009.04.13	-
NOD32	4004	2009.04.13	-
Norman	6.00.06	2009.04.13	-
nProtect	2009.1.8.0	2009.04.13	-
Panda	10.0.0.14	2009.04.13	-
PCTools	4.4.2.0	2009.04.08	-
Prevx1	V2	2009.04.13	-
Rising	21.25.04.00	2009.04.13	-
Sophos	4.40.0	2009.04.13	-
Sunbelt	3.2.1858.2	2009.04.12	-
Symantec	1.4.4.12	2009.04.13	-
TheHacker	6.3.4.0.306	2009.04.12	-
TrendMicro	8.700.0.1004	2009.04.13	-
VBA32	3.12.10.2	2009.04.12	-
ViRobot	2009.4.13.1690	2009.04.13	-
VirusBuster	4.6.5.0	2009.04.12	-

Additional information
File size: 115340 bytes
MD5...: 363e6ac5d28abd06ac0bd7c4c1b80eb9
SHA1..: 3e42a10bd76253b3ac8c8b60aadff65489311c4a
SHA256: 313529b483e47b9f3cf6e49503fc9abba0b4f94f675b6d9a82 ac24511783ef1f
SHA512: 0c1697a5000ce5941b15090564d62abfd500c363363edf70fa 02df20ce2f5767
5c4f886b1635fd0381195f54a7df88fe17162bf99695374f8e 3a1e58f3a6abca
ssdeep: 1536:0zETyjVPxLgXLYECpYJX6ihRwZUMwnImJzAWZ6pPI65lq l2turtVLG36uM5
Dw3OW:NEikXQqih6ZUxnpJM26FlqwwvLGe5057
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
PEInfo: -
RDS...: NSRL Reference Data Set

А теперь ещё и предложение скачать DrWeb для мобильного телефона.

File DrWeb.jar received on 04.13.2009 18:30:16 (CET)

Код:

Antivirus 	Version 	Last Update 	Result
a-squared	4.0.0.101	2009.04.13	Trojan-SMS!IK
AhnLab-V3	5.0.0.2	2009.04.13	-
AntiVir	7.9.0.138	2009.04.13	JAVA/SMS.Smaram.C
Antiy-AVL	2.0.3.1	2009.04.13	-
Authentium	5.1.2.4	2009.04.13	-
Avast	4.8.1335.0	2009.04.13	Other:Malware-gen
AVG	8.5.0.285	2009.04.13	-
BitDefender	7.2	2009.04.13	-
CAT-QuickHeal	10.00	2009.04.13	-
ClamAV	0.94.1	2009.04.13	-
Comodo	1112	2009.04.13	-
DrWeb	4.44.0.09170	2009.04.13	Java.SMSSend.5
eSafe	7.0.17.0	2009.04.13	-
eTrust-Vet	31.6.6453	2009.04.13	-
F-Prot	4.4.4.56	2009.04.13	-
F-Secure	8.0.14470.0	2009.04.13	Trojan-SMS.J2ME.Smarm.c
Fortinet	3.117.0.0	2009.04.13	-
GData	19	2009.04.13	Other:Malware-gen
Ikarus	T3.1.1.49.0	2009.04.13	Trojan-SMS
K7AntiVirus	7.10.700	2009.04.11	-
Kaspersky	7.0.0.125	2009.04.13	Trojan-SMS.J2ME.Smarm.c
McAfee	5583	2009.04.13	-
McAfee+Artemis	5583	2009.04.13	-
McAfee-GW-Edition	6.7.6	2009.04.13	Java.SMS.Smaram.C
Microsoft	1.4502	2009.04.13	-
NOD32	4004	2009.04.13	-
Norman	6.00.06	2009.04.13	-
nProtect	2009.1.8.0	2009.04.13	-
Panda	10.0.0.14	2009.04.13	-
PCTools	4.4.2.0	2009.04.08	-
Prevx1	V2	2009.04.13	High Risk Cloaked Malware
Rising	21.25.04.00	2009.04.13	-
Sophos	4.40.0	2009.04.13	-
Sunbelt	3.2.1858.2	2009.04.12	-
Symantec	1.4.4.12	2009.04.13	-
TheHacker	6.3.4.0.306	2009.04.12	-
TrendMicro	8.700.0.1004	2009.04.13	-
VBA32	3.12.10.2	2009.04.12	-
ViRobot	2009.4.13.1690	2009.04.13	-
VirusBuster	4.6.5.0	2009.04.12	-

Additional information
File size: 106796 bytes
MD5...: 8ba96aa0b0d72cd433e6716522cf03f9
SHA1..: 35a2670378c8c93adbbe9f53beaae73d0f0a0316
SHA256: 42201f0de9e0157ef05cf891c814ce9364706f8d05e518e937 34eb18d6499c0a
SHA512: c0f2463a41c81a5befaacf3130dfd26b6c7ac27f09abc4cfd1 163300eafaf5d8
31a20d72ab0ec6194e5e0b27236448ba83413062b206c308aa 9ce29f5eaa14eb
ssdeep: 1536:opV51puBccBcaBcEBcSBccBch4BcdWBchABc9uBchIBc7 U:V1blblRD5jxQ
U
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -
RDS...: NSRL Reference Data Set

[senyak]

Файл jimm.jar получен 2009.04.14 13:44:53 (CET)
Текущий статус: закончено
Результат: 9/40 (22.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.14 Trojan-SMS!IK
AhnLab-V3 5.0.0.2 2009.04.14 -
AntiVir 7.9.0.138 2009.04.14 JAVA/SMS.Konov.e
Antiy-AVL 2.0.3.1 2009.04.14 Trojan/J2ME.Konov
Authentium 5.1.2.4 2009.04.14 -
Avast 4.8.1335.0 2009.04.13 -
AVG 8.5.0.285 2009.04.14 -
BitDefender 7.2 2009.04.14 -
CAT-QuickHeal 10.00 2009.04.14 -
ClamAV 0.94.1 2009.04.14 -
Comodo 1113 2009.04.14 -
DrWeb 4.44.0.09170 2009.04.14 Java.SMSSend.18
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.14 -
F-Secure 8.0.14470.0 2009.04.14 Trojan-SMS.J2ME.Konov.e
Fortinet 3.117.0.0 2009.04.14 -
GData 19 2009.04.14 -
Ikarus T3.1.1.49.0 2009.04.14 Trojan-SMS
K7AntiVirus 7.10.700 2009.04.11 -
Kaspersky 7.0.0.125 2009.04.14 Trojan-SMS.J2ME.Konov.e
McAfee 5583 2009.04.13 -
McAfee+Artemis 5583 2009.04.13 -
McAfee-GW-Edition 6.7.6 2009.04.14 Java.SMS.Konov.e
Microsoft 1.4502 2009.04.14 -
NOD32 4006 2009.04.14 -
Norman 6.00.06 2009.04.14 -
nProtect 2009.1.8.0 2009.04.13 -
Panda 10.0.0.14 2009.04.14 -
PCTools 4.4.2.0 2009.04.14 -
Prevx1 V2 2009.04.14 -
Rising 21.25.12.00 2009.04.14 -
Sophos 4.40.0 2009.04.14 -
Sunbelt 3.2.1858.2 2009.04.13 -
Symantec 1.4.4.12 2009.04.14 Trojan Horse
TheHacker 6.3.4.0.306 2009.04.12 -
TrendMicro 8.700.0.1004 2009.04.14 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.14.1692 2009.04.14 -
VirusBuster 4.6.5.0 2009.04.13 -

Дополнительная информация
File size: 122288 bytes
MD5...: 85ad202dc5f11d4112fbb8a3b7e2d41a
SHA1..: 63973875559fa56608c33cb076931b0191c2f803
SHA256: cb3e4f6b10b6a6a0cc24ac7a2c8d85049a17b2921c2c41095c fd77b8931742dc
SHA512: 54eb4f94831464c7094ff814025e55e26ecf41ff9c4754216e 54469c3979cab1
bf59204688a0ad571edde3574715cf39d7b9f6618cf6454565 9561faecf0cd30
ssdeep: 3072:WXb2OSN/AAdIHggYmoahfEY8EwO9CDVJeDLHSOQ4u31lifHZ:Wr2NN/VIAr
xUFZcJUL3Glih
PEiD..: -
TrID..: File type identification
Java Archive (78.2%)
ZIP compressed archive (21.5%)
Sybase iAnywhere database files (0.1%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -
RDS...: NSRL Reference Data Set

Добавлено через 1 час 11 минут

Файл servises.exe получен 2009.04.14 15:03:46 (CET)
Текущий статус: закончено
Результат: 6/40 (15%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.14 -
AhnLab-V3 5.0.0.2 2009.04.14 -
AntiVir 7.9.0.138 2009.04.14 -
Antiy-AVL 2.0.3.1 2009.04.14 -
Authentium 5.1.2.4 2009.04.14 -
Avast 4.8.1335.0 2009.04.14 -
AVG 8.5.0.285 2009.04.14 -
BitDefender 7.2 2009.04.14 -
CAT-QuickHeal 10.00 2009.04.14 -
ClamAV 0.94.1 2009.04.14 -
Comodo 1113 2009.04.14 -
DrWeb 4.44.0.09170 2009.04.14 -
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.14 -
F-Secure 8.0.14470.0 2009.04.14 -
Fortinet 3.117.0.0 2009.04.14 -
GData 19 2009.04.14 -
Ikarus T3.1.1.49.0 2009.04.14 -
K7AntiVirus 7.10.700 2009.04.11 -
Kaspersky 7.0.0.125 2009.04.14 -
McAfee 5583 2009.04.13 Spam-Mailbot.h.gen.a
McAfee+Artemis 5583 2009.04.13 Spam-Mailbot.h.gen.a
McAfee-GW-Edition 6.7.6 2009.04.14 -
Microsoft 1.4502 2009.04.14 Spammer:Win32/Tedroo.I
NOD32 4006 2009.04.14 a variant of Win32/Kryptik.MS
Norman 6.00.06 2009.04.14 -
nProtect 2009.1.8.0 2009.04.14 -
Panda 10.0.0.14 2009.04.14 -
PCTools 4.4.2.0 2009.04.14 -
Prevx1 V2 2009.04.14 Medium Risk Malware
Rising 21.25.14.00 2009.04.14 -
Sophos 4.40.0 2009.04.14 Mal/WaledPak-D
Sunbelt 3.2.1858.2 2009.04.13 -
Symantec 1.4.4.12 2009.04.14 -
TheHacker 6.3.4.0.306 2009.04.12 -
TrendMicro 8.700.0.1004 2009.04.14 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.14.1692 2009.04.14 -
VirusBuster 4.6.5.0 2009.04.13 -

Дополнительная информация
File size: 46080 bytes
MD5...: e672ffffe0affb7d6f04669dde24f606
SHA1..: e78332688cfa8a62ec9811eaef67f995ad0b1410
SHA256: 855c5b31d7461dd6aad9bd5cd8b6d7d589f524a76daba96794 75aaa7a498d00d
SHA512: cbbdf166091a4a71c4585a52eaa9322c209103e95ada66ccf0 e71eefd95c0a54
9106dcfa78f83de1bf5f754cd11dfeff0a7b68ee838b15c961 745ea903ea7bae
ssdeep: 768:biaOvljgyncACeMCqwbcTXEOIrxHvz6n53sYdHYIIFbkrU rZih6dT:9Oviyn
cAzLcXEOk6nZ/HYnlkiNZ
PEiD..: -
TrID..: File type identification
Windows Screen Saver (37.1%)
Win32 Executable Generic (24.1%)
Win32 Dynamic Link Library (generic) (21.4%)
Clipper DOS Executable (5.7%)
Generic Win/DOS Executable (5.6%)
PEInfo: PE Structure information

[VirCode]

пинчеподобная малварь

File ghost.exe received on 04.14.2009 17:25:45 (CET)
Current status: finished
Result: 6/40 (15%)

Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.04.14 Riskware.Win32.VBInject!IK
AhnLab-V3 5.0.0.2 2009.04.14 -
AntiVir 7.9.0.138 2009.04.14 -
Antiy-AVL 2.0.3.1 2009.04.14 -
Authentium 5.1.2.4 2009.04.14 -
Avast 4.8.1335.0 2009.04.14 -
AVG 8.5.0.285 2009.04.14 -
BitDefender 7.2 2009.04.14 -
CAT-QuickHeal 10.00 2009.04.14 Win32.Trojan.Agent.895988a9
ClamAV 0.94.1 2009.04.14 -
Comodo 1113 2009.04.14 -
DrWeb 4.44.0.09170 2009.04.14 -
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.14 -
F-Secure 8.0.14470.0 2009.04.14 -
Fortinet 3.117.0.0 2009.04.14 -
GData 19 2009.04.14 -
Ikarus T3.1.1.49.0 2009.04.14 VirTool.Win32.VBInject
K7AntiVirus 7.10.700 2009.04.11 -
Kaspersky 7.0.0.125 2009.04.14 -
McAfee 5584 2009.04.14 -
McAfee+Artemis 5583 2009.04.13 -
McAfee-GW-Edition 6.7.6 2009.04.14 -
Microsoft 1.4502 2009.04.14 VirTool:Win32/VBInject.AE
NOD32 4006 2009.04.14 a variant of Win32/Injector.MT
Norman 6.00.06 2009.04.14 -
nProtect 2009.1.8.0 2009.04.14 -
Panda 10.0.0.14 2009.04.14 -
PCTools 4.4.2.0 2009.04.14 -
Prevx1 V2 2009.04.14 Medium Risk Malware
Rising 21.25.14.00 2009.04.14 -
Sophos 4.40.0 2009.04.14 -
Sunbelt 3.2.1858.2 2009.04.13 -
Symantec 1.4.4.12 2009.04.14 -
TheHacker 6.3.4.0.306 2009.04.12 -
TrendMicro 8.700.0.1004 2009.04.14 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.14.1692 2009.04.14 -
VirusBuster 4.6.5.0 2009.04.14 -

Additional information
File size: 230565 bytes
MD5...: 762d7e4a2361107cf0c189c6f672f3cf
SHA1..: 0995f54b4a4a5c2843b020181485e122a23daa9f
SHA256: 8dfa1ee325c77a9cdb88b1a3315c761f030c66988db5ed2cb1 8cbe3b0fc448cb
SHA512: 93067dd4ad8cf1367a281a576c2775fa766b7b373878f741c4 e8200fd0f0ab47
6f541395f605433b4ee7f66235a8f82f164b0f987ba9f54bc3 978bb0da075293

[senyak]

Файл xvidDecoder59.exe получен 2009.04.14 22:39:46 (CET)
Текущий статус: закончено
Результат: 15/40 (37.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.14 Trojan-Dropper.Agent!IK
AhnLab-V3 5.0.0.2 2009.04.14 -
AntiVir 7.9.0.143 2009.04.14 TR/Drop.Agent.amer
Antiy-AVL 2.0.3.1 2009.04.14 -
Authentium 5.1.2.4 2009.04.14 -
Avast 4.8.1335.0 2009.04.14 Win32:Trojan-gen {Other}
AVG 8.5.0.285 2009.04.14 -
BitDefender 7.2 2009.04.14 -
CAT-QuickHeal 10.00 2009.04.14 TrojanDropper.Agent.amer
ClamAV 0.94.1 2009.04.14 -
Comodo 1113 2009.04.14 -
DrWeb 4.44.0.09170 2009.04.14 Trojan.Winlock.24
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.14 -
F-Secure 8.0.14470.0 2009.04.14 Trojan-Dropper.Win32.Agent.amer
Fortinet 3.117.0.0 2009.04.14 W32/Agent.AMER!tr
GData 19 2009.04.14 Win32:Trojan-gen {Other}
Ikarus T3.1.1.49.0 2009.04.14 Trojan-Dropper.Agent
K7AntiVirus 7.10.703 2009.04.14 Trojan-Dropper.Win32.Agent.amer
Kaspersky 7.0.0.125 2009.04.14 Trojan-Dropper.Win32.Agent.amer
McAfee 5584 2009.04.14 -
McAfee+Artemis 5584 2009.04.14 -
McAfee-GW-Edition 6.7.6 2009.04.14 Trojan.Drop.Agent.amer
Microsoft 1.4502 2009.04.14 -
NOD32 4007 2009.04.14 -
Norman 6.00.06 2009.04.14 -
nProtect 2009.1.8.0 2009.04.14 -
Panda 10.0.0.14 2009.04.14 Trj/CI.A
PCTools 4.4.2.0 2009.04.14 -
Prevx1 V2 2009.04.14 -
Rising 21.25.14.00 2009.04.14 -
Sophos 4.40.0 2009.04.14 -
Sunbelt 3.2.1858.2 2009.04.14 -
Symantec 1.4.4.12 2009.04.14 Trojan Horse
TheHacker 6.3.4.0.306 2009.04.12 Trojan/Dropper.Agent.amer
TrendMicro 8.700.0.1004 2009.04.14 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.14.1692 2009.04.14 -
VirusBuster 4.6.5.0 2009.04.14 -

Дополнительная информация
File size: 74752 bytes
MD5...: 272e019cfb9bc49fe2187943e53a0c61
SHA1..: bdba188df500921fa9f91b044ac92830564052eb
SHA256: a629deefac8e0ab884da43e231950ac9f19df5961766729477 103e03e93ac51d
SHA512: 1959909f8ea3af74d818fc734f8f5edc239cd86c2bcb61728b 94c38ceb6173e5
30243ff328f82963ccfd1d57589f11b76699102f2e8370a51f de8e90d789707f
ssdeep: 1536:W7XDQ6Ch22bqaKNOlzX7g9PUOUukwZ7gU47S0o/S0:W7XDC222XNOlX7WUG
eUSm/
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[senyak]

Файл setup.exe получен 2009.04.15 14:24:56 (CET)
Текущий статус: закончено
Результат: 13/39 (33.34%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.15 Trojan.Win32.Vaklik!IK
AhnLab-V3 5.0.0.2 2009.04.15 -
AntiVir 7.9.0.143 2009.04.15 ADSPY/AdSpy.Gen
Antiy-AVL 2.0.3.1 2009.04.15 -
Authentium 5.1.2.4 2009.04.14 W32/FakeAlert.4!Generic
Avast 4.8.1335.0 2009.04.15 -
AVG 8.5.0.287 2009.04.15 -
BitDefender 7.2 2009.04.15 -
CAT-QuickHeal 10.00 2009.04.15 -
ClamAV 0.94.1 2009.04.15 -
Comodo 1115 2009.04.15 -
DrWeb 4.44.0.09170 2009.04.15 -
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.14 W32/FakeAlert.4!Generic
F-Secure 8.0.14470.0 2009.04.15 -
Fortinet 3.117.0.0 2009.04.15 -
GData 19 2009.04.15 -
Ikarus T3.1.1.49.0 2009.04.15 Trojan.Win32.Vaklik
K7AntiVirus 7.10.704 2009.04.15 -
Kaspersky 7.0.0.125 2009.04.15 -
McAfee 5584 2009.04.14 FakeAlert-BY
McAfee+Artemis 5584 2009.04.14 FakeAlert-BY
McAfee-GW-Edition 6.7.6 2009.04.15 Ad-Spyware.AdSpy.Gen
Microsoft 1.4502 2009.04.15 TrojanDownloader:Win32/Renos.HL
NOD32 4010 2009.04.15 Win32/Adware.MSAntispyware2009
Norman 6.00.06 2009.04.14 -
nProtect 2009.1.8.0 2009.04.15 -
Panda 10.0.0.14 2009.04.14 -
PCTools 4.4.2.0 2009.04.14 -
Prevx1 V2 2009.04.15 -
Rising 21.25.23.00 2009.04.15 Packer.Win32.UnkPacker.a
Sophos 4.40.0 2009.04.15 Mal/FakeAV-AH
Sunbelt 3.2.1858.2 2009.04.15 MSAntispyware 2009 (v)
Symantec 1.4.4.12 2009.04.15 -
TheHacker 6.3.4.0.309 2009.04.15 -
TrendMicro 8.700.0.1004 2009.04.15 -
ViRobot 2009.4.15.1694 2009.04.15 -
VirusBuster 4.6.5.0 2009.04.15 -

Дополнительная информация
File size: 87563 bytes
MD5...: 57d1a8388bcba89b1a7a4a030cd6b679
SHA1..: a25489f4a740a0f3b6e02108d4dc616fa62a4047
SHA256: 2f4f31670dbc10adb9ed615186a7820eca63a7d07d7950e104 be2e4e9d3a2060
SHA512: f52e9c1f7fcb6f3415b60610fc172c9a3285b797740a41fa69 e3fb2493212e1d
919b39f0d30bde57c4ac5b18591825e2b87b4141607b2b0563 3ddfc7cefa00e6
ssdeep: 1536:Bm7ZLr4Nf5vi68DCf87v9CS/Pl4+5I9/EPm:6ZLUfgeExt+b9n
PEiD..: -
TrID..: File type identification
Win16/32 Executable Delphi generic (25.1%)
Clipper DOS Executable (24.5%)
Generic Win/DOS Executable (24.3%)
DOS Executable Generic (24.2%)
Lumena CEL bitmap (0.7%)
PEInfo: PE Structure information

Добавлено через 1 час 59 минут

Файл video_codec.exe получен 2009.04.15 16:25:01 (CET)
Текущий статус: закончено
Результат: 12/40 (30%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.15 Trojan-Downloader.Win32.FakeRean!IK
AhnLab-V3 5.0.0.2 2009.04.15 Win-Trojan/FakeRean.107523
AntiVir 7.9.0.143 2009.04.15 TR/Dldr.FakeRean
Antiy-AVL 2.0.3.1 2009.04.15 -
Authentium 5.1.2.4 2009.04.14 -
Avast 4.8.1335.0 2009.04.15 -
AVG 8.5.0.287 2009.04.15 Win32/Heur
BitDefender 7.2 2009.04.15 -
CAT-QuickHeal 10.00 2009.04.15 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.04.15 -
Comodo 1115 2009.04.15 -
DrWeb 4.44.0.09170 2009.04.15 -
eSafe 7.0.17.0 2009.04.13 Suspicious File
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.14 -
F-Secure 8.0.14470.0 2009.04.15 Trojan-Downloader:W32/FakeAlert.ET
Fortinet 3.117.0.0 2009.04.15 -
GData 19 2009.04.15 -
Ikarus T3.1.1.49.0 2009.04.15 Trojan-Downloader.Win32.FakeRean
K7AntiVirus 7.10.704 2009.04.15 -
Kaspersky 7.0.0.125 2009.04.15 Trojan.Win32.Agent.cbiw
McAfee 5584 2009.04.14 -
McAfee+Artemis 5584 2009.04.14 Generic!Artemis
McAfee-GW-Edition 6.7.6 2009.04.15 Trojan.Dldr.FakeRean
Microsoft 1.4502 2009.04.15 TrojanDownloader:Win32/FakeRean
NOD32 4010 2009.04.15 -
Norman 6.00.06 2009.04.15 -
nProtect 2009.1.8.0 2009.04.15 -
Panda 10.0.0.14 2009.04.14 -
PCTools 4.4.2.0 2009.04.15 -
Prevx1 V2 2009.04.15 -
Rising 21.25.24.00 2009.04.15 -
Sophos 4.40.0 2009.04.15 -
Sunbelt 3.2.1858.2 2009.04.15 -
Symantec 1.4.4.12 2009.04.15 -
TheHacker 6.3.4.0.309 2009.04.15 -
TrendMicro 8.700.0.1004 2009.04.15 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.15.1694 2009.04.15 -
VirusBuster 4.6.5.0 2009.04.15 -

Дополнительная информация
File size: 107523 bytes
MD5...: e8a4b719b606ddc9623cd1415a33625d
SHA1..: 2370e692013ec4765c2a32680f97e7b3c9d0b7d9
SHA256: 717703c1811e29a4b8770eae8508fab16ce0a179ab061292d6 cff803a2921f50
SHA512: 89376c98177b063990f4e13131236fcc494a72c722a70719f7 09d1abfe9a4dc6
9346253293397c5c06a4f9c10826e8ca18e67d82f850bc04dd f112b0e7d9f176
ssdeep: 3072:lGU3tTPLNNit6nTrkWwSXosoFOjSjdH6SibHyi9X3kua: NVLDiSPkSXossl
6Sirp8
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[ISO]

File Wprotected.exe received on 04.16.2009 04:37:31 (CET)

Код:

Antivirus 	Version 	Last Update 	Result
a-squared	4.0.0.101	2009.04.16	-
AhnLab-V3	5.0.0.2	2009.04.15	-
AntiVir	7.9.0.143	2009.04.15	TR/ATRAPS.Gen
Antiy-AVL	2.0.3.1	2009.04.16	-
Authentium	5.1.2.4	2009.04.16	-
Avast	4.8.1335.0	2009.04.15	-
AVG	8.5.0.287	2009.04.16	Generic3.RFF
CAT-QuickHeal	10.00	2009.04.15	-
ClamAV	0.94.1	2009.04.16	-
Comodo	1115	2009.04.15	-
DrWeb	4.44.0.09170	2009.04.16	-
eSafe	7.0.17.0	2009.04.13	Suspicious File
eTrust-Vet	31.6.6455	2009.04.14	-
F-Prot	4.4.4.56	2009.04.15	-
F-Secure	8.0.14470.0	2009.04.16	-
Fortinet	3.117.0.0	2009.04.15	-
GData	19	2009.04.16	-
Ikarus	T3.1.1.49.0	2009.04.16	-
K7AntiVirus	7.10.704	2009.04.15	-
Kaspersky	7.0.0.125	2009.04.16	Heur.Trojan.Generic
McAfee	5585	2009.04.15	-
McAfee+Artemis	5585	2009.04.15	-
McAfee-GW-Edition	6.7.6	2009.04.15	Trojan.ATRAPS.Gen
Microsoft	1.4502	2009.04.15	Trojan:Win32/SystemHijack.gen
NOD32	4012	2009.04.16	probably unknown NewHeur_PE
Norman	6.00.06	2009.04.15	-
nProtect	2009.1.8.0	2009.04.15	-
Panda	10.0.0.14	2009.04.15	Suspicious file
PCTools	4.4.2.0	2009.04.15	-
Prevx1	V2	2009.04.16	-
Rising	21.25.24.00	2009.04.15	-
Sophos	4.40.0	2009.04.16	Sus/Behav-1014
Sunbelt	3.2.1858.2	2009.04.15	BehavesLike.Win32.Malware (v)
Symantec	1.4.4.12	2009.04.16	-
TheHacker	6.3.4.0.309	2009.04.16	-
TrendMicro	8.700.0.1004	2009.04.15	PAK_Generic.001
VBA32	3.12.10.2	2009.04.12	suspected of Win32 Shadow AutoStart Install
ViRobot	2009.4.16.1695	2009.04.16	-
VirusBuster	4.6.5.0	2009.04.15	-

Additional information
File size: 64000 bytes
MD5...: 312b8d1bc674ccd1b86bffb7b27e3771
SHA1..: 0b06ea20887624f1cc49c35dbd7ab68452d6df7e
SHA256: 5d6cda2a61c0038063f2b2277cae80586548f9b615c40f2354 0b3d158b088f4f
SHA512: 05ebca1faa22354de5b8c3a78ce05fb0d97eae325cbe461197 2c622a3ca98109
fcc878a650ad51caa3233056f3d52e2d17f6d8c1b8cda1f8e8 28239287fb0374
ssdeep: 1536:AfxgkH+AuBTEBostwhrxV/wz4DcINWRc1Lu3BV/oKirx7SfuaF:AfVH+A2E
BvmoycIMc1L8V/oZx7Yl
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information

[Kuzz]

Файл avz00006.dta (STTRUTNL.sys) получен 2009.04.16 15:37:18 (CET)

Код:

Антивирус	Версия	Обновление	Результат
a-squared	4.0.0.101	2009.04.16	Trojan.Generic!IK
AhnLab-V3	5.0.0.2	2009.04.16	-
AntiVir	7.9.0.143	2009.04.16	TR/Rootkit.Gen
Antiy-AVL	2.0.3.1	2009.04.16	-
Authentium	5.1.2.4	2009.04.16	-
Avast	4.8.1335.0	2009.04.16	Win32:TrPack
AVG	8.5.0.287	2009.04.16	-
BitDefender	7.2	2009.04.16	Trojan.Generic.1222859
CAT-QuickHeal	10.00	2009.04.16	-
ClamAV	0.94.1	2009.04.16	-
Comodo	1116	2009.04.16	-
DrWeb	4.44.0.09170	2009.04.16	Trojan.Sentinel.based
eSafe	7.0.17.0	2009.04.13	-
eTrust-Vet	31.6.6455	2009.04.14	-
F-Prot	4.4.4.56	2009.04.15	-
F-Secure	8.0.14470.0	2009.04.16	-
Fortinet	3.117.0.0	2009.04.16	-
GData	19	2009.04.16	Trojan.Generic.1222859
Ikarus	T3.1.1.49.0	2009.04.16	Trojan.Generic
K7AntiVirus	7.10.704	2009.04.15	Trojan.Win32.Malware
Kaspersky	7.0.0.125	2009.04.16	-
McAfee	5585	2009.04.15	Generic.dx
McAfee+Artemis	5585	2009.04.15	Generic.dx
McAfee-GW-Edition	6.7.6	2009.04.16	Trojan.Rootkit.Gen
Microsoft	1.4502	2009.04.16	Spammer:WinNT/Srizbi.A
NOD32	4013	2009.04.16	probably a variant of Win32/Agent
Norman	6.00.06	2009.04.15	-
nProtect	2009.1.8.0	2009.04.16	-
Panda	10.0.0.14	2009.04.15	-
PCTools	4.4.2.0	2009.04.15	-
Prevx1	V2	2009.04.16	High Risk Worm
Rising	21.25.34.00	2009.04.16	-
Sophos	4.40.0	2009.04.16	-
Sunbelt	3.2.1858.2	2009.04.15	Trojan.1
Symantec	1.4.4.12	2009.04.16	Trojan Horse
TheHacker	6.3.4.0.309	2009.04.16	-
TrendMicro	8.700.0.1004	2009.04.16	Cryp_Xed-3
VBA32	3.12.10.2	2009.04.12	-
ViRobot	2009.4.16.1696	2009.04.16	-
VirusBuster	4.6.5.0	2009.04.15	-

Дополнительная информация
File size: 178176 bytes
MD5...: e065942dc96c43974d0fd186ee394547
SHA1..: c174be06ef497d2ac4b825f2cd4bed2ee87c867d
SHA256: 89b7d26e004e4f1636e1c782e335782127563edc4953a2d38b 436541c76abea1
SHA512: 9f9fc92b4ff91f01489883ac51540ee80bdb8bec3a5d01af07 639f9626a46644<br>c59bf3aa21d7853a527fb244a18a3894 c39e4cdb584de9fe9f438a041724b2c1
ssdeep: 3072:13tjwmwSwqwh37+Es01KirzMVZYIsRmd8saVWKgRiR8QM hsti4k0bp:ttjw<br>mwSwqwx7qziruZERmdjakhRia2is<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.5%)

[senyak]

Файл video_codec.exe получен 2009.04.18 11:24:10 (CET)
Текущий статус: закончено
Результат: 8/40 (20%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.18 -
AhnLab-V3 5.0.0.2 2009.04.17 -
AntiVir 7.9.0.143 2009.04.17 -
Antiy-AVL 2.0.3.1 2009.04.17 -
Authentium 5.1.2.4 2009.04.18 -
Avast 4.8.1335.0 2009.04.17 -
AVG 8.5.0.287 2009.04.17 Win32/Heur
BitDefender 7.2 2009.04.18 -
CAT-QuickHeal 10.00 2009.04.18 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.04.18 -
Comodo 1117 2009.04.17 -
DrWeb 4.44.0.09170 2009.04.18 Trojan.Fakealert.4216
eSafe 7.0.17.0 2009.04.13 Suspicious File
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.17 -
F-Secure 8.0.14470.0 2009.04.18 -
Fortinet 3.117.0.0 2009.04.18 -
GData 19 2009.04.18 -
Ikarus T3.1.1.49.0 2009.04.18 -
K7AntiVirus 7.10.707 2009.04.17 -
Kaspersky 7.0.0.125 2009.04.18 Trojan-Downloader.Win32.Agent.broo
McAfee 5587 2009.04.17 Downloader-BOI
McAfee+Artemis 5587 2009.04.17 Downloader-BOI
McAfee-GW-Edition 6.7.6 2009.04.18 -
Microsoft 1.4502 2009.04.18 TrojanDownloader:Win32/FakeRean
NOD32 4018 2009.04.18 -
Norman 6.00.06 2009.04.17 -
nProtect 2009.1.8.0 2009.04.18 -
Panda 10.0.0.14 2009.04.17 -
PCTools 4.4.2.0 2009.04.17 -
Prevx1 V2 2009.04.18 -
Rising 21.25.52.00 2009.04.18 -
Sophos 4.40.0 2009.04.18 -
Sunbelt 3.2.1858.2 2009.04.18 -
Symantec 1.4.4.12 2009.04.18 -
TheHacker 6.3.4.0.309 2009.04.16 -
TrendMicro 8.700.0.1004 2009.04.17 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.18.1685 2009.04.18 -
VirusBuster 4.6.5.0 2009.04.17 -

Дополнительная информация
File size: 107011 bytes
MD5...: ae9a600288c2e2dafb6ec141474848fd
SHA1..: 9a462156de7de53dcc29aac7dcba5a6a72ed0e3f
SHA256: b0245819ae02d0bc6e18cdff07f566a3d84e3f6fa8d7c9639d fd332f2d7d60b1
SHA512: 53fb5b3086b1334df157f97b9301af2347c6d578d6e6550d3b 4db70fc85b152b
dc7a96a1fad285fe76b535fb2efd06777cbede5a7ed9e460f7 425d38040abbed
ssdeep: 1536mPkZ+A1yrdEN2uTJQP/F0TfkUDR0GZFalMS0vSVzTotKgrKCVcdTX3kua:
O8yrDuTD5DikFxvSVzUtkCi9X3kua
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[senyak]

Файл setup.exe получен 2009.04.19 10:44:11 (CET)
Текущий статус: закончено
Результат: 14/40 (35%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.19 -
AhnLab-V3 5.0.0.2 2009.04.18 -
AntiVir 7.9.0.148 2009.04.18 ADSPY/AdSpy.Gen
Antiy-AVL 2.0.3.1 2009.04.17 -
Authentium 5.1.2.4 2009.04.19 W32/FakeAlert.4!Generic
Avast 4.8.1335.0 2009.04.18 -
AVG 8.5.0.287 2009.04.18 Generic13.ZPK
BitDefender 7.2 2009.04.19 -
CAT-QuickHeal 10.00 2009.04.18 -
ClamAV 0.94.1 2009.04.19 -
Comodo 1120 2009.04.18 -
DrWeb 4.44.0.09170 2009.04.19 Trojan.DownLoad.31851
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.19 W32/FakeAlert.4!Generic
F-Secure 8.0.14470.0 2009.04.19 Trojan-Downloader.Win32.FraudLoad.eep
Fortinet 3.117.0.0 2009.04.19 -
GData 19 2009.04.19 -
Ikarus T3.1.1.49.0 2009.04.19 -
K7AntiVirus 7.10.707 2009.04.17 -
Kaspersky 7.0.0.125 2009.04.19 Trojan-Downloader.Win32.FraudLoad.eep
McAfee 5588 2009.04.18 FakeAlert-BY
McAfee+Artemis 5588 2009.04.18 FakeAlert-BY
McAfee-GW-Edition 6.7.6 2009.04.19 Ad-Spyware.AdSpy.Gen
Microsoft 1.4502 2009.04.19 -
NOD32 4019 2009.04.18 -
Norman 6.00.06 2009.04.17 -
nProtect 2009.1.8.0 2009.04.19 -
Panda 10.0.0.14 2009.04.18 -
PCTools 4.4.2.0 2009.04.17 -
Prevx1 V2 2009.04.19 -
Rising 21.25.61.00 2009.04.19 Packer.Win32.UnkPacker.a
Sophos 4.40.0 2009.04.19 Mal/FakeAV-AH
Sunbelt 3.2.1858.2 2009.04.18 MSAntispyware 2009 (v)
Symantec 1.4.4.12 2009.04.19 -
TheHacker 6.3.4.0.309 2009.04.16 -
TrendMicro 8.700.0.1004 2009.04.17 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.18.1685 2009.04.18 -
VirusBuster 4.6.5.0 2009.04.18 Trojan.DL.FraudLoad.EKE

Дополнительная информация
File size: 87563 bytes
MD5...: 68276c5eb83d83ff0ca43f15c42169b9
SHA1..: 7f72ecb858db67d9732e0575f9bb9eb1f4763587
SHA256: 5756f736a6dce21554a7e982d5082ea1e8a842b6d24f6a97a0 824774926b8947
SHA512: a141f92b6e948486aa1fe69d2941a777b5c77741e29e4dc069 b79be01208aac6
c89f52bd139adb3af7f9e57b6c694777412ae163b82242860e ac01a3d5c5dc1a
ssdeep: 768:KstIpKba9LXoY2IehhyNHYEk7NuP6XscqyFaqDldNQUWmy/EPAIgUXpeOH
lgS6XFXFVQUxy/EPA
PEiD..: -
TrID..: File type identification
Win16/32 Executable Delphi generic (25.1%)
Clipper DOS Executable (24.5%)
Generic Win/DOS Executable (24.3%)
DOS Executable Generic (24.2%)
Lumena CEL bitmap (0.7%)
PEInfo: PE Structure information

Добавлено через 50 минут

Файл setup___.exe получен 2009.04.19 11:13:51 (CET)
Текущий статус: закончено
Результат: 8/40 (20%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.19 -
AhnLab-V3 5.0.0.2 2009.04.18 -
AntiVir 7.9.0.148 2009.04.18 ADSPY/AdSpy.Gen
Antiy-AVL 2.0.3.1 2009.04.17 -
Authentium 5.1.2.4 2009.04.19 W32/FakeAlert.4!Generic
Avast 4.8.1335.0 2009.04.18 -
AVG 8.5.0.287 2009.04.18 -
BitDefender 7.2 2009.04.19 -
CAT-QuickHeal 10.00 2009.04.18 -
ClamAV 0.94.1 2009.04.19 -
Comodo 1120 2009.04.18 -
DrWeb 4.44.0.09170 2009.04.19 -
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.19 W32/FakeAlert.4!Generic
F-Secure 8.0.14470.0 2009.04.19 -
Fortinet 3.117.0.0 2009.04.19 -
GData 19 2009.04.19 -
Ikarus T3.1.1.49.0 2009.04.19 -
K7AntiVirus 7.10.707 2009.04.17 -
Kaspersky 7.0.0.125 2009.04.19 -
McAfee 5588 2009.04.18 -
McAfee+Artemis 5588 2009.04.18 -
McAfee-GW-Edition 6.7.6 2009.04.19 Ad-Spyware.AdSpy.Gen
Microsoft 1.4502 2009.04.19 Trojan:Win32/WinSpywareProtect
NOD32 4019 2009.04.18 -
Norman 6.00.06 2009.04.17 -
nProtect 2009.1.8.0 2009.04.19 -
Panda 10.0.0.14 2009.04.18 -
PCTools 4.4.2.0 2009.04.17 -
Prevx1 V2 2009.04.19 -
Rising 21.25.62.00 2009.04.19 Packer.Win32.UnkPacker.a
Sophos 4.40.0 2009.04.19 Mal/FakeAV-AH
Sunbelt 3.2.1858.2 2009.04.18 MSAntispyware 2009 (v)
Symantec 1.4.4.12 2009.04.19 -
TheHacker 6.3.4.0.309 2009.04.16 -
TrendMicro 8.700.0.1004 2009.04.17 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.18.1685 2009.04.18 -
VirusBuster 4.6.5.0 2009.04.18 -

Дополнительная информация
File size: 115712 bytes
MD5...: 93d5add0142d172e41ccfc80b61a0300
SHA1..: 9bfae9fa2341a2b3a0839741516eafc07a6fd879
SHA256: 7f3dfd6a37518543a8a3617df529cd83cf75e3b78e32d68792 71465b3f2f1d94
SHA512: c857f552d045051119ff94c196d52d74281d32c0244a7388e7 9e50c6d7fbdb56
fe74e2321af4dffd87d6c8f5562d3a48ae02db1792fac3095e cd627b7f15dc28
ssdeep: 1536:CMWhZNa/O9OAKc72dwVfvOebxfWV+FHbQA+ym/EPd:NWhZs/GOLWYAOeb0V
cQ9
PEiD..: -
TrID..: File type identification
Win16/32 Executable Delphi generic (25.1%)
Clipper DOS Executable (24.5%)
Generic Win/DOS Executable (24.3%)
DOS Executable Generic (24.2%)
Lumena CEL bitmap (0.7%)
PEInfo: PE Structure information

Добавлено через 2 часа 10 минут

Файл video_codec.exe получен 2009.04.19 13:44:34 (CET)
Текущий статус: закончено
Результат: 15/40 (37.5%)

Антивирус Версия Обновление Результат
a-squared 4.0.0.101 2009.04.19 Trojan-Dropper.Agent!IK
AhnLab-V3 5.0.0.2 2009.04.18 -
AntiVir 7.9.0.148 2009.04.18 TR/Dldr.Agent.broo
Antiy-AVL 2.0.3.1 2009.04.17 -
Authentium 5.1.2.4 2009.04.19 -
Avast 4.8.1335.0 2009.04.18 -
AVG 8.5.0.287 2009.04.18 Win32/Heur
BitDefender 7.2 2009.04.19 -
CAT-QuickHeal 10.00 2009.04.18 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.04.19 -
Comodo 1121 2009.04.19 -
DrWeb 4.44.0.09170 2009.04.19 Trojan.Fakealert.4216
eSafe 7.0.17.0 2009.04.13 Suspicious File
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.19 -
F-Secure 8.0.14470.0 2009.04.19 Trojan-Downloader.Win32.Agent.broo
Fortinet 3.117.0.0 2009.04.19 W32/Agent.BROO!tr.dldr
GData 19 2009.04.19 -
Ikarus T3.1.1.49.0 2009.04.19 Trojan-Dropper.Agent
K7AntiVirus 7.10.707 2009.04.17 -
Kaspersky 7.0.0.125 2009.04.19 Trojan-Downloader.Win32.Agent.broo
McAfee 5588 2009.04.18 Downloader-BOI
McAfee+Artemis 5588 2009.04.18 Downloader-BOI
McAfee-GW-Edition 6.7.6 2009.04.19 Trojan.Dldr.Agent.broo
Microsoft 1.4502 2009.04.19 TrojanDownloader:Win32/FakeRean
NOD32 4019 2009.04.18 -
Norman 6.00.06 2009.04.17 -
nProtect 2009.1.8.0 2009.04.19 -
Panda 10.0.0.14 2009.04.19 -
PCTools 4.4.2.0 2009.04.17 -
Prevx1 V2 2009.04.19 -
Rising 21.25.62.00 2009.04.19 -
Sophos 4.40.0 2009.04.19 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.04.18 -
Symantec 1.4.4.12 2009.04.19 -
TheHacker 6.3.4.0.309 2009.04.16 -
TrendMicro 8.700.0.1004 2009.04.17 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.18.1685 2009.04.18 -
VirusBuster 4.6.5.0 2009.04.18 -

Дополнительная информация
File size: 107011 bytes
MD5...: ae9a600288c2e2dafb6ec141474848fd
SHA1..: 9a462156de7de53dcc29aac7dcba5a6a72ed0e3f
SHA256: b0245819ae02d0bc6e18cdff07f566a3d84e3f6fa8d7c9639d fd332f2d7d60b1
SHA512: 53fb5b3086b1334df157f97b9301af2347c6d578d6e6550d3b 4db70fc85b152b
dc7a96a1fad285fe76b535fb2efd06777cbede5a7ed9e460f7 425d38040abbed
ssdeep: 1536mPkZ+A1yrdEN2uTJQP/F0TfkUDR0GZFalMS0vSVzTotKgrKCVcdTX3kua:
O8yrDuTD5DikFxvSVzUtkCi9X3kua
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[Winsent]

Файл index.htm получен 2009.04.19 18:50:42 (CET)
Антивирус Версия Обновление Результат

Код:

a-squared 4.0.0.101 2009.04.19 Exploit.JS.Agent!IK
AhnLab-V3 5.0.0.2 2009.04.19 -
AntiVir 7.9.0.148 2009.04.19 -
Antiy-AVL 2.0.3.1 2009.04.17 -
Authentium 5.1.2.4 2009.04.19 -
Avast 4.8.1335.0 2009.04.19 -
AVG 8.5.0.287 2009.04.18 JS/Obfuscated
BitDefender 7.2 2009.04.19 -
CAT-QuickHeal 10.00 2009.04.18 -
ClamAV 0.94.1 2009.04.19 -
Comodo 1121 2009.04.19 -
DrWeb 4.44.0.09170 2009.04.19 Trojan.DownLoad.35036
eSafe 7.0.17.0 2009.04.19 -
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.19 -
F-Secure 8.0.14470.0 2009.04.19 Exploit.JS.Agent.agc
Fortinet 3.117.0.0 2009.04.19 -
GData 19 2009.04.19 -
Ikarus T3.1.1.49.0 2009.04.19 Exploit.JS.Agent
K7AntiVirus 7.10.707 2009.04.17 -
Kaspersky 7.0.0.125 2009.04.19 Exploit.JS.Agent.agc
McAfee 5589 2009.04.19 -
McAfee+Artemis 5589 2009.04.19 -
McAfee-GW-Edition 6.7.6 2009.04.19 -
Microsoft 1.4502 2009.04.19 -
NOD32 4019 2009.04.18 -
Norman 6.00.06 2009.04.17 -
nProtect 2009.1.8.0 2009.04.19 -
Panda 10.0.0.14 2009.04.19 -
PCTools 4.4.2.0 2009.04.17 -
Prevx1 V2 2009.04.19 -
Rising 21.25.62.00 2009.04.19 -
Sophos 4.40.0 2009.04.19 -
Sunbelt 3.2.1858.2 2009.04.18 -
Symantec 1.4.4.12 2009.04.19 -
TheHacker 6.3.4.0.309 2009.04.16 -
TrendMicro 8.700.0.1004 2009.04.17 -
VBA32 3.12.10.2 2009.04.12 -
ViRobot 2009.4.18.1685 2009.04.18 -
VirusBuster 4.6.5.0 2009.04.19 -

Дополнительная информация
File size: 2206 bytes
MD5...: 3ec737affc1e52191c39a2d9dbfc5f34
SHA1..: 1fc64055c758b32a5f06f5e709f2bac1e188f186
SHA256: c13cf6ff8dd7130098be76874d2438fce13c921161a054b1e1 ea73fbc4e0b95f
SHA512: fa7f4e5378020a8c34bb334bc11ffdf440a31617dac93c1bb3 d4c8033ba0cbe6<BR>e539c49b958479daa8a4552fe016815a 7adcd02ff8ec5d01ace6db5c63d81593
ssdeep: 48:rtERaCpNIU1jVAxlnn09cE4MOd/aIdPKv2dNAiS6f:ryRaHWV456cqOdNdSv+<BR>As<BR>
PEiD..: -
TrID..: File type identification<BR>HyperText Markup Language (100.0%)
PEInfo: -
RDS...: NSRL Reference Data Set<BR>-