23.04.2007, 14:41
|
|
Флудер
Регистрация: 21.06.2006
Сообщений: 3,193
Провел на форуме:
12702287
Репутация:
4738
|
|
Зайдите ребята сюда mail3.q0.ru
Отчёт по загрузчику...
Complete scanning result of "1111.exe", received in VirusTotal at 04.23.2007, 12:34:55 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.4.21.0 04.23.2007 no virus found
AntiVir 7.3.1.53 04.23.2007 HEUR/Malware
Authentium 4.93.8 04.20.2007 Possibly a new variant of W32/new-malware!Maximus
Avast 4.7.981.0 04.21.2007 no virus found
AVG 7.5.0.464 04.22.2007 no virus found
BitDefender 7.2 04.23.2007 Generic.Malware.dld!!.1F9AA8F5
CAT-QuickHeal 9.00 04.21.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 04.23.2007 no virus found
DrWeb 4.33 04.23.2007 no virus found
eSafe 7.0.15.0 04.22.2007 Suspicious Trojan/Worm
eTrust-Vet 30.7.3589 04.23.2007 no virus found
Ewido 4.0 04.23.2007 no virus found
FileAdvisor 1 04.23.2007 no virus found
Fortinet 2.85.0.0 04.23.2007 suspicious
F-Prot 4.3.2.48 04.20.2007 W32/Downloader-Tir-based!Maximus
F-Secure 6.70.13030.0 04.23.2007 W32/Downloader
Ikarus T3.1.1.5 04.23.2007 no virus found
Kaspersky 4.0.2.24 04.23.2007 no virus found
McAfee 5014 04.20.2007 no virus found
Microsoft 1.2405 04.23.2007 no virus found
NOD32v2 2212 04.23.2007 no virus found
Norman 5.80.02 04.21.2007 W32/Downloader
Panda 9.0.0.4 04.23.2007 Suspicious file
Prevx1 V2 04.23.2007 no virus found
Sophos 4.16.0 04.20.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.23.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.4 04.23.2007 suspected of Win32.Trojan.Downloader (http://...)
VirusBuster 4.3.7:9 04.22.2007 Packed/FSG
Webwasher-Gateway 6.0.1 04.23.2007 Heuristic.Malware
Aditional Information
File size: 1577 bytes
MD5: ceea390518e72ecf3692ff4147a21593
SHA1: e607c6c0764eb77486efa7a1f28a5acd112f58e5
packers: FSG
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing Unk3!FSG?.
* File length: 1577 bytes.
[ Changes to filesystem ]
* Creates file C:WINDOWSSYSTEM32scrss.exe.
[ Network services ]
* Opens URL: http://lebed.ucoz.ru/soft/enjoy.exe.
* Connects to "lebed.ucoz.ru" on port 80 (TCP).
* Opens URL: lebed.ucoz.ru/soft/enjoy.exe.
[ Security issues ]
* Starting downloaded file - potential security problem.
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
Последний раз редактировалось Koller; 23.04.2007 в 15:07..
|
|
|