Anubis:
Código: Seleccionar todo
___ __ _
+ /- / | ____ __ __/ /_ (_)____ -\ +
/s h- / /| | / __ \/ / / / __ \/ / ___/ -h s\
oh-:d/ / ___ |/ / / / /_/ / /_/ / (__ ) /d:-ho
shh+hy- /_/ |_/_/ /_/\__,_/_.___/_/____/ -yh+hhs
-:+hhdhyys/- -\syyhdhh+:-
-//////dhhhhhddhhyss- Analysis Report -ssyhhddhhhhhd\\\\\\-
/++/////oydddddhhyys/ ooooooooooooooooooooo \syyhhdddddyo\\\\\++\
-+++///////odh/- -+hdo\\\\\\\+++-
+++++++++//yy+/: :\+yy\\+++++++++
/+soss+sys//yyo/os++o+: :+o++so\oyy\\sys+ssos+\
+oyyyys++o/+yss/+/oyyyy: :yyyyo\+\ssy+\o++syyyyo+
+oyyyyyyso+os/o/+yyyyyy/ \yyyyyy+\o\so+osyyyyyyo+
[#############################################################################]
Analysis Report for 0018627509
MD5: 60a434a8a53fc30664ee326b49afc422
[#############################################################################]
Summary:
- Changes security settings of Internet Explorer:
This system alteration could seriously affect safety surfing the World
Wide Web.
- Performs Registry Activities:
The executable reads and modifies registry values. It also creates and
monitors registry keys.
[=============================================================================]
Table of Contents
[=============================================================================]
- General information
- 0018627509.exe
a) Registry Activities
b) File Activities
[#############################################################################]
1. General Information
[#############################################################################]
[=============================================================================]
Information about Anubis' invocation
[=============================================================================]
Time needed: 242 s
Report created: 10/06/10, 08:12:51 UTC
Termination reason: Timeout
Program version: 1.74.3195
[#############################################################################]
2. 0018627509.exe
[#############################################################################]
[=============================================================================]
General information about this executable
[=============================================================================]
Analysis Reason: Primary Analysis Subject
Filename: 0018627509.exe
MD5: 60a434a8a53fc30664ee326b49afc422
SHA-1: 25d92a9d22a2dffe2ba3a4bfe5b2f026058a6eb8
File Size: 1763595 Bytes
Command Line: "C:\0018627509.exe"
Process-status
at analysis end: alive
Exit Code: 0
[=============================================================================]
Load-time Dlls
[=============================================================================]
Module Name: [ C:\WINDOWS\system32\ntdll.dll ],
Base Address: [0x7C900000 ], Size: [0x000AF000 ]
Module Name: [ C:\WINDOWS\system32\kernel32.dll ],
Base Address: [0x7C800000 ], Size: [0x000F6000 ]
Module Name: [ C:\WINDOWS\system32\user32.dll ],
Base Address: [0x7E410000 ], Size: [0x00091000 ]
Module Name: [ C:\WINDOWS\system32\GDI32.dll ],
Base Address: [0x77F10000 ], Size: [0x00049000 ]
Module Name: [ C:\WINDOWS\system32\advapi32.dll ],
Base Address: [0x77DD0000 ], Size: [0x0009B000 ]
Module Name: [ C:\WINDOWS\system32\RPCRT4.dll ],
Base Address: [0x77E70000 ], Size: [0x00092000 ]
Module Name: [ C:\WINDOWS\system32\Secur32.dll ],
Base Address: [0x77FE0000 ], Size: [0x00011000 ]
Module Name: [ C:\WINDOWS\system32\oleaut32.dll ],
Base Address: [0x77120000 ], Size: [0x0008B000 ]
Module Name: [ C:\WINDOWS\system32\msvcrt.dll ],
Base Address: [0x77C10000 ], Size: [0x00058000 ]
Module Name: [ C:\WINDOWS\system32\ole32.dll ],
Base Address: [0x774E0000 ], Size: [0x0013D000 ]
Module Name: [ C:\WINDOWS\system32\version.dll ],
Base Address: [0x77C00000 ], Size: [0x00008000 ]
Module Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ],
Base Address: [0x773D0000 ], Size: [0x00103000 ]
Module Name: [ C:\WINDOWS\system32\SHLWAPI.dll ],
Base Address: [0x77F60000 ], Size: [0x00076000 ]
Module Name: [ C:\WINDOWS\system32\shell32.dll ],
Base Address: [0x7C9C0000 ], Size: [0x00817000 ]
Module Name: [ C:\WINDOWS\system32\wininet.dll ],
Base Address: [0x771B0000 ], Size: [0x000AA000 ]
Module Name: [ C:\WINDOWS\system32\CRYPT32.dll ],
Base Address: [0x77A80000 ], Size: [0x00095000 ]
Module Name: [ C:\WINDOWS\system32\MSASN1.dll ],
Base Address: [0x77B20000 ], Size: [0x00012000 ]
Module Name: [ C:\WINDOWS\system32\winmm.dll ],
Base Address: [0x76B40000 ], Size: [0x0002D000 ]
[=============================================================================]
Run-time Dlls
[=============================================================================]
Module Name: [ C:\WINDOWS\system32\UxTheme.dll ],
Base Address: [0x5AD70000 ], Size: [0x00038000 ]
Module Name: [ C:\WINDOWS\system32\NETAPI32.dll ],
Base Address: [0x5B860000 ], Size: [0x00055000 ]
Module Name: [ C:\WINDOWS\system32\olepro32.dll ],
Base Address: [0x5EDD0000 ], Size: [0x00017000 ]
Module Name: [ C:\WINDOWS\system32\MSCTF.dll ],
Base Address: [0x74720000 ], Size: [0x0004C000 ]
Module Name: [ C:\WINDOWS\system32\RichEd20.dll ],
Base Address: [0x74E30000 ], Size: [0x0006D000 ]
Module Name: [ C:\WINDOWS\system32\CRYPTUI.dll ],
Base Address: [0x754D0000 ], Size: [0x00080000 ]
Module Name: [ C:\WINDOWS\system32\WINTRUST.dll ],
Base Address: [0x76C30000 ], Size: [0x0002E000 ]
Module Name: [ C:\WINDOWS\system32\IMAGEHLP.dll ],
Base Address: [0x76C90000 ], Size: [0x00028000 ]
Module Name: [ C:\WINDOWS\system32\WLDAP32.dll ],
Base Address: [0x76F60000 ], Size: [0x0002C000 ]
Module Name: [ C:\WINDOWS\system32\CLBCATQ.DLL ],
Base Address: [0x76FD0000 ], Size: [0x0007F000 ]
Module Name: [ C:\WINDOWS\system32\COMRes.dll ],
Base Address: [0x77050000 ], Size: [0x000C5000 ]
Module Name: [ C:\WINDOWS\system32\shdocvw.dll ],
Base Address: [0x7E290000 ], Size: [0x00171000 ]
[=============================================================================]
Ikarus Virus Scanner
[=============================================================================]
Trojan-Dropper.Delf (Sig-Id: 45551430)
[=============================================================================]
2.a) 0018627509.exe - Registry Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Registry Values Modified:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths ],
Value Name: [ Directory ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths ],
Value Name: [ Paths ], New Value: [ 4 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1 ],
Value Name: [ CacheLimit ], New Value: [ 40852 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1 ],
Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache1 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2 ],
Value Name: [ CacheLimit ], New Value: [ 40852 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2 ],
Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache2 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3 ],
Value Name: [ CacheLimit ], New Value: [ 40852 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3 ],
Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache3 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4 ],
Value Name: [ CacheLimit ], New Value: [ 40852 ]
Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4 ],
Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache4 ]
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ],
Value Name: [ Cache ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files ]
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ],
Value Name: [ Cookies ], New Value: [ C:\Documents and Settings\Administrator\Cookies ]
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ],
Value Name: [ History ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\History ]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Registry Values Read:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\INPROCSERVER32 ],
Value Name: [ ], Value: [ C:\WINDOWS\system32\shdocvw.dll ], 1 time
Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\INPROCSERVER32 ],
Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{000214E6-0000-0000-C000-000000000046}\PROXYSTUBCLSID32 ],
Value Name: [ ], Value: [ {bf50b68e-29b8-4386-ae9c-9734d5117cd5} ], 1 time
Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{79EAC9C4-BAF9-11CE-8C82-00AA004BA90B}\PROXYSTUBCLSID32 ],
Value Name: [ ], Value: [ {B8DA6310-E19B-11D0-933C-00A0C90DCAA9} ], 1 time
Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{93F2F68C-1D1B-11D3-A30E-00C04F79ABD1}\PROXYSTUBCLSID32 ],
Value Name: [ ], Value: [ {bf50b68e-29b8-4386-ae9c-9734d5117cd5} ], 1 time
Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{B722BCCB-4E68-101B-A2BC-00AA00404770}\PROXYSTUBCLSID32 ],
Value Name: [ ], Value: [ {B8DA6310-E19B-11D0-933C-00A0C90DCAA9} ], 1 time
Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{EAB22AC1-30C1-11CF-A7EB-0000C05BAE0B}\TYPELIB ],
Value Name: [ ], Value: [ {EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B} ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\CTF\SystemShared\ ],
Value Name: [ CUAS ], Value: [ 0 ], 1 time
Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ],
Value Name: [ UrlEncoding ], Value: [ 0x00000000 ], 2 times
Key: [ HKLM\SYSTEM\CurrentControlSet\Control\Session Manager ],
Value Name: [ CriticalSectionTimeout ], Value: [ 2592000 ], 1 time
Key: [ HKLM\SYSTEM\Setup ],
Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time
Key: [ HKLM\Software\Microsoft\COM3 ],
Value Name: [ Com+Enabled ], Value: [ 1 ], 2 times
Key: [ HKLM\Software\Microsoft\COM3 ],
Value Name: [ REGDBVersion ], Value: [ 0x0700000000000000 ], 2 times
Key: [ HKLM\Software\Microsoft\Internet Explorer ],
Value Name: [ IntegratedBrowser ], Value: [ 1 ], 1 time
Key: [ HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers ],
Value Name: [ TransparentEnabled ], Value: [ 1 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\Joystick\Winmm ],
Value Name: [ wheel ], Value: [ 1 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Control\Terminal Server ],
Value Name: [ TSUserEnabled ], Value: [ 0 ], 1 time
Key: [ HKLM\System\CurrentControlSet\Services\LDAP ],
Value Name: [ LdapClientIntegrity ], Value: [ 1 ], 1 time
Key: [ HKLM\System\Setup ],
Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Language Hotkey ], Value: [ 1 ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ],
Value Name: [ Layout Hotkey ], Value: [ 2 ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Internet Explorer\Security\P3Global ],
Value Name: [ Enabled ], Value: [ 1 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ],
Value Name: [ EnableHttp1_1 ], Value: [ 1 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ],
Value Name: [ EnableNegotiate ], Value: [ 1 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ],
Value Name: [ MimeExclusionListForCache ], Value: [ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges ], 4 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ],
Value Name: [ WarnOnPost ], Value: [ 0x01000000 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Cache ], Value: [ %USERPROFILE%\Local Settings\Temporary Internet Files ], 3 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ Cookies ], Value: [ %USERPROFILE%\Cookies ], 3 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ],
Value Name: [ History ], Value: [ %USERPROFILE%\Local Settings\History ], 3 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache ],
Value Name: [ Signature ], Value: [ Client UrlCache MMF Ver 5.2 ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content ],
Value Name: [ CacheLimit ], Value: [ 163410 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content ],
Value Name: [ CachePrefix ], Value: [ ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content ],
Value Name: [ PerUserItem ], Value: [ 1 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies ],
Value Name: [ CacheLimit ], Value: [ 8192 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies ],
Value Name: [ CachePrefix ], Value: [ Cookie: ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies ],
Value Name: [ PerUserItem ], Value: [ 1 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History ],
Value Name: [ CacheLimit ], Value: [ 8192 ], 1 time
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History ],
Value Name: [ CachePrefix ], Value: [ Visited: ], 2 times
Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History ],
Value Name: [ PerUserItem ], Value: [ 1 ], 1 time
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Monitored Registry Keys:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Key: [ HKLM\Software\Classes ],
Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 3 times
Key: [ HKLM\Software\Classes\CLSID ],
Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 2 times
Key: [ HKLM\Software\Microsoft\COM3 ],
Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 6 times
Key: [ HKU ],
Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 3 times
[=============================================================================]
2.b) 0018627509.exe - File Activities
[=============================================================================]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Files Read:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ C:\0018627509.exe ]
File Name: [ C:\WINDOWS\Registration\R000000000007.clb ]
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Device Control Communication:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File: [ \Device\KsecDD ], Control Code: [ 0x00390008 ], 8 times
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
Memory Mapped Files:
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
File Name: [ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ]
File Name: [ C:\WINDOWS\WindowsShell.Manifest ]
File Name: [ C:\WINDOWS\system32\CLBCATQ.DLL ]
File Name: [ C:\WINDOWS\system32\COMRes.dll ]
File Name: [ C:\WINDOWS\system32\MSCTF.dll ]
File Name: [ C:\WINDOWS\system32\RichEd20.dll ]
File Name: [ C:\WINDOWS\system32\UxTheme.dll ]
File Name: [ C:\WINDOWS\system32\imm32.dll ]
File Name: [ C:\WINDOWS\system32\olepro32.dll ]
File Name: [ C:\WINDOWS\system32\rpcss.dll ]
File Name: [ C:\WINDOWS\system32\shdocvw.dll ]
File Name: [ C:\WINDOWS\system32\shell32.dll ]
File Name: [ C:\WINDOWS\system32\wininet.dll ]
File Name: [ C:\WINDOWS\system32\winmm.dll ]
[#############################################################################]
International Secure Systems Lab
http://www.iseclab.org
Vienna University of Technology Eurecom France UC Santa Barbara
http://www.tuwien.ac.at http://www.eurecom.fr http://www.cs.ucsb.edu
Contact: [email protected]
File name:
Iniciar Curso.exe
Submission date:
2011-01-11 15:20:05 (UTC)
Current status:
queued (#2) queued (#2) analysing finished
Result:
23/ 43 (53.5%)
[Enlace externo eliminado para invitados] ... 294759205#
Antivirus Version Last Update Result
AhnLab-V3 2011.01.11.00 2011.01.10 Win-Trojan/Xema.variant
AntiVir 7.11.1.97 2011.01.11 TR/Spy.Delf.kkx.1
Antiy-AVL 2.0.3.7 2011.01.11 Trojan/Win32.Delf.gen
Avast 4.8.1351.0 2011.01.11 Win32:Spyware-gen
Avast5 5.0.677.0 2011.01.11 Win32:Spyware-gen
AVG 9.0.0.851 2011.01.11 PSW.Generic8.AOYX
BitDefender 7.2 2011.01.11 Trojan.Generic.4957020
CAT-QuickHeal 11.00 2011.01.11 TrojanSpy.Delf.kkx
ClamAV 0.96.4.0 2011.01.11 Trojan.Spy-77612
Command 5.2.11.5 2011.01.11 -
Comodo 7362 2011.01.11 -
DrWeb 5.0.2.03300 2011.01.11 -
Emsisoft 5.1.0.1 2011.01.11 Trojan-Dropper.Delf!IK
eSafe 7.0.17.0 2011.01.10 -
eTrust-Vet 36.1.8092 2011.01.11 -
F-Prot 4.6.2.117 2011.01.10 -
F-Secure 9.0.16160.0 2011.01.11 Trojan.Generic.4957020
Fortinet 4.2.254.0 2011.01.10 -
GData 21 2011.01.11 Trojan.Generic.4957020
Ikarus T3.1.1.90.0 2011.01.11 Trojan-Dropper.Delf
Jiangmin 13.0.900 2011.01.11 TrojanSpy.Delf.gwt
K7AntiVirus 9.75.3497 2011.01.10 -
Kaspersky 7.0.0.125 2011.01.11 Trojan-Spy.Win32.Delf.kkx
McAfee 5.400.0.1158 2011.01.11 -
McAfee-GW-Edition 2010.1C 2011.01.11 -
Microsoft 1.6402 2011.01.11 -
NOD32 5776 2011.01.10 -
Norman 6.06.12 2011.01.11 W32/Suspicious_Gen2.EOUNL
nProtect 2011-01-11.01 2011.01.11 Trojan-Spy/W32.Agent.1763595
Panda 10.0.2.7 2011.01.10 Trj/CI.A
PCTools 7.0.3.5 2011.01.11 -
Prevx 3.0 2011.01.11 -
Rising 22.82.01.05 2011.01.11 -
Sophos 4.61.0 2011.01.11 -
SUPERAntiSpyware 4.40.0.1006 2011.01.11 -
Symantec 20101.3.0.103 2011.01.11 WS.Reputation.1
TheHacker 6.7.0.1.113 2011.01.11 Trojan/Spy.Delf.kkx
TrendMicro 9.120.0.1004 2011.01.11 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.11 -
VBA32 3.12.14.2 2011.01.11 Trojan-Spy.Win32.Delf.kkx
VIPRE 8030 2011.01.11 Trojan.Win32.Generic!BT
ViRobot 2011.1.11.4248 2011.01.11 -
VirusBuster 13.6.139.0 2011.01.11 TrojanSpy.Delf!Xbd1zAqcygo
Antivirus Version Last Update Result
AhnLab-V3 2011.01.11.00 2011.01.10 Win-Trojan/Xema.variant
AntiVir 7.11.1.97 2011.01.11 TR/Spy.Delf.kkx.1
Antiy-AVL 2.0.3.7 2011.01.11 Trojan/Win32.Delf.gen
Avast 4.8.1351.0 2011.01.11 Win32:Spyware-gen
Avast5 5.0.677.0 2011.01.11 Win32:Spyware-gen
AVG 9.0.0.851 2011.01.11 PSW.Generic8.AOYX
BitDefender 7.2 2011.01.11 Trojan.Generic.4957020
CAT-QuickHeal 11.00 2011.01.11 TrojanSpy.Delf.kkx
ClamAV 0.96.4.0 2011.01.11 Trojan.Spy-77612
Command 5.2.11.5 2011.01.11 -
Comodo 7362 2011.01.11 -
DrWeb 5.0.2.03300 2011.01.11 -
Emsisoft 5.1.0.1 2011.01.11 Trojan-Dropper.Delf!IK
eSafe 7.0.17.0 2011.01.10 -
eTrust-Vet 36.1.8092 2011.01.11 -
F-Prot 4.6.2.117 2011.01.10 -
F-Secure 9.0.16160.0 2011.01.11 Trojan.Generic.4957020
Fortinet 4.2.254.0 2011.01.10 -
GData 21 2011.01.11 Trojan.Generic.4957020
Ikarus T3.1.1.90.0 2011.01.11 Trojan-Dropper.Delf
Jiangmin 13.0.900 2011.01.11 TrojanSpy.Delf.gwt
K7AntiVirus 9.75.3497 2011.01.10 -
Kaspersky 7.0.0.125 2011.01.11 Trojan-Spy.Win32.Delf.kkx
McAfee 5.400.0.1158 2011.01.11 -
McAfee-GW-Edition 2010.1C 2011.01.11 -
Microsoft 1.6402 2011.01.11 -
NOD32 5776 2011.01.10 -
Norman 6.06.12 2011.01.11 W32/Suspicious_Gen2.EOUNL
nProtect 2011-01-11.01 2011.01.11 Trojan-Spy/W32.Agent.1763595
Panda 10.0.2.7 2011.01.10 Trj/CI.A
PCTools 7.0.3.5 2011.01.11 -
Prevx 3.0 2011.01.11 -
Rising 22.82.01.05 2011.01.11 -
Sophos 4.61.0 2011.01.11 -
SUPERAntiSpyware 4.40.0.1006 2011.01.11 -
Symantec 20101.3.0.103 2011.01.11 WS.Reputation.1
TheHacker 6.7.0.1.113 2011.01.11 Trojan/Spy.Delf.kkx
TrendMicro 9.120.0.1004 2011.01.11 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.11 -
VBA32 3.12.14.2 2011.01.11 Trojan-Spy.Win32.Delf.kkx
VIPRE 8030 2011.01.11 Trojan.Win32.Generic!BT
ViRobot 2011.1.11.4248 2011.01.11 -
VirusBuster 13.6.139.0 2011.01.11 TrojanSpy.Delf!Xbd1zAqcygo
No me digais que la culpa es mia por no haberlo analizado en su tiempo pero es lo que tiene la confianza cosa que acabo para este sujeto.
----
Alguien podría desinfectar este .exe ? porque el contenido de verdad merece la pena
Edito: Subo solo el .exe para no tener que descargar todo [Enlace externo eliminado para invitados]
