Исследование антивирусов 6

Printable View

Показывать 40 сообщений этой темы на одной странице

23.02.2008, 15:08
XL

Вот такой улов:
[CODE]Файл avz00015.dta получен 2008.02.23 12:22:26

AhnLab-V3 2008.2.22.0 2008.02.22 -
[B]AntiVir 7.6.0.67 2008.02.22 TR/Agent.97792.1[/B]
Authentium 4.93.8 2008.02.23 -
[B]Avast 4.7.1098.0 2008.02.22 Win32:Warezov-BYG
AVG 7.5.0.516 2008.02.22 Generic9.AAVW
BitDefender 7.2 2008.02.23 Generic.Malware.SFYBd.610E7661[/B]
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.23 -
[B]DrWeb 4.44.0.09170 2008.02.22 Trojan.Popuper.5062
eSafe 7.0.15.0 2008.02.21 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5557 2008.02.23 -
Ewido 4.0 2008.02.22 -
[B]FileAdvisor 1 2008.02.23 High threat detected[/B]
Fortinet 3.14.0.0 2008.02.23 -
F-Prot 4.4.2.54 2008.02.22 -
[B]F-Secure 6.70.13260.0 2008.02.22 W32/Malware.BIAW[/B]
[B]Ikarus T3.1.1.20 2008.02.23 Virus.Win32.Warezov.BYG[/B]
Kaspersky 7.0.0.125 2008.02.23 -
McAfee 5236 2008.02.22 -
Microsoft 1.3204 2008.02.23 -
NOD32v2 2897 2008.02.22 -
[B]Norman 5.80.02 2008.02.22 W32/Malware.BIAW[/B]
Panda 9.0.0.4 2008.02.22 -
[B]Prevx1 V2 2008.02.23 Heuristic: Suspicious File With Outbound Communications[/B]
Rising 20.32.52.00 2008.02.23 -
Sophos 4.26.0 2008.02.23 -
Sunbelt 3.0.893.0 2008.02.23 -
[B]Symantec 10 2008.02.23 Trojan.Zlob[/B]
TheHacker 6.2.9.227 2008.02.22 -
[B]VBA32 3.12.6.1 2008.02.21 Trojan.Popuper.5062[/B]
VirusBuster 4.3.26:9 2008.02.22 -
[B]Webwasher-Gateway 6.6.2 2008.02.23 Trojan.Agent.97792.1
[/B]
File size: 97792 bytes
MD5: b3ac88d488a5b7555515f5d0c47a66d5
SHA1: 19666faabacbe7b657d65f7068c485f0fa4ef396
packers: PE_Patch.UPX, UPX
[/CODE]

[CODE]Файл avz00002.dta получен 2008.02.23 12:25:37 (CET)

AhnLab-V3 2008.2.22.0 2008.02.22 -
[B]AntiVir 7.6.0.67 2008.02.22 TR/Crypt.XDR.Gen[/B]
Authentium 4.93.8 2008.02.23 -
Avast 4.7.1098.0 2008.02.22 -
AVG 7.5.0.516 2008.02.22 -
BitDefender 7.2 2008.02.23 -
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.23 -
DrWeb 4.44.0.09170 2008.02.22 -
eSafe 7.0.15.0 2008.02.21 -
eTrust-Vet 31.3.5557 2008.02.23 -
Ewido 4.0 2008.02.23 -
FileAdvisor 1 2008.02.23 -
Fortinet 3.14.0.0 2008.02.23 -
F-Prot 4.4.2.54 2008.02.22 -
[B]F-Secure 6.70.13260.0 2008.02.22 Suspicious:W32/Malware!Gemini[/B]
Ikarus T3.1.1.20 2008.02.23 -
Kaspersky 7.0.0.125 2008.02.23 -
McAfee 5236 2008.02.22 -
Microsoft 1.3204 2008.02.23 -
NOD32v2 2897 2008.02.22 -
Norman 5.80.02 2008.02.22 -
[B]Panda 9.0.0.4 2008.02.22 Suspicious file[/B]
Prevx1 V2 2008.02.23 -
Rising 20.32.52.00 2008.02.23 -
Sophos 4.26.0 2008.02.23 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.23 -
TheHacker 6.2.9.227 2008.02.22 -
[B]VBA32 3.12.6.1 2008.02.21 suspected of Trojan-PSW.Pinch.35 (paranoid heuristics)[/B]
VirusBuster 4.3.26:9 2008.02.22 -
[B]Webwasher-Gateway 6.6.2 2008.02.23 Trojan.Crypt.XDR.Gen[/B]
Дополнительная информация
File size: 30208 bytes
MD5: 4d96f1f1d99f6a07791d708a2993ef71
SHA1: 34217b2249dfb93816e53fc5df50645ae2b91759[/CODE]

[CODE]Файл avz00002.dta получен 2008.02.23 12:30:03 (CET)

AhnLab-V3 2008.2.22.0 2008.02.22 -
AntiVir 7.6.0.67 2008.02.22 -
Authentium 4.93.8 2008.02.23 -
[B]Avast 4.7.1098.0 2008.02.22 VBS:Malware-gen
AVG 7.5.0.516 2008.02.22 Worm/Small.2.D[/B]
BitDefender 7.2 2008.02.23 -
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.23 -
[B]DrWeb 4.44.0.09170 2008.02.22 Win32.HLLW.Autoruner[/B]
eSafe 7.0.15.0 2008.02.21 -
[B]eTrust-Vet 31.3.5557 2008.02.23 INF/Liphew[/B]
[B]Ewido 4.0 2008.02.23 Trojan.Delf.aws[/B]
FileAdvisor 1 2008.02.23 -
Fortinet 3.14.0.0 2008.02.23 -
F-Prot 4.4.2.54 2008.02.22 -
[B]F-Secure 6.70.13260.0 2008.02.22 Autorun.NY[/B]
Ikarus T3.1.1.20 2008.02.23 -
Kaspersky 7.0.0.125 2008.02.23 -
[B]McAfee 5236 2008.02.22 Generic!atr[/B]
Microsoft 1.3204 2008.02.23 -
[B]NOD32v2 2897 2008.02.22 Win32/Delf.AWS
Norman 5.80.02 2008.02.22 Autorun.NY[/B]
Panda 9.0.0.4 2008.02.22 -
Rising 20.32.52.00 2008.02.23 -
[B]Sophos 4.26.0 2008.02.23 W32/SillyFDC-AV[/B]
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.23 -
TheHacker 6.2.9.227 2008.02.22 -
VBA32 3.12.6.1 2008.02.21 -
VirusBuster 4.3.26:9 2008.02.22 -
Webwasher-Gateway 6.6.2 2008.02.23 -
Дополнительная информация
File size: 186 bytes
MD5: 388cdce38219e26795c8df2e4b9a8a4c
SHA1: 0e72b83417eab223464533d1b749d4bd8a6caa13[/CODE]

[CODE]Файл avz00013.dta получен 2008.02.23 12:29:40 (CET)

AhnLab-V3 2008.2.22.0 2008.02.22 -
AntiVir 7.6.0.67 2008.02.22 -
[B]Authentium 4.93.8 2008.02.23 W32/Warezov.gen2!W32DL
Avast 4.7.1098.0 2008.02.22 Win32:Warezov-BYG[/B]
AVG 7.5.0.516 2008.02.22 -
[B]BitDefender 7.2 2008.02.23 DeepScan:Generic.Malware.SFMYBd.9DB05417[/B]
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.23 -
[B]DrWeb 4.44.0.09170 2008.02.22 Trojan.Popuper.origin
eSafe 7.0.15.0 2008.02.21 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5557 2008.02.23 -
Ewido 4.0 2008.02.23 -
FileAdvisor 1 2008.02.23 -
Fortinet 3.14.0.0 2008.02.23 -
[B]F-Prot 4.4.2.54 2008.02.22 W32/Warezov.gen2!W32DL[/B]
Ikarus T3.1.1.20 2008.02.23 -
Kaspersky 7.0.0.125 2008.02.23 -
McAfee 5236 2008.02.22 -
Microsoft 1.3204 2008.02.23 -
NOD32v2 2897 2008.02.22 -
[B]Norman 5.80.02 2008.02.22 W32/Malware[/B]
Panda 9.0.0.4 2008.02.22 -
[B]Prevx1 V2 2008.02.23 Heuristic: Suspicious File With Bad Child Associations[/B]
Rising 20.32.52.00 2008.02.23 -
Sophos 4.26.0 2008.02.23 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.23 -
TheHacker 6.2.9.227 2008.02.22 -
VBA32 3.12.6.1 2008.02.21 -
VirusBuster 4.3.26:9 2008.02.22 -
Webwasher-Gateway 6.6.2 2008.02.23 -
Дополнительная информация
File size: 157184 bytes
MD5: bb15f21db4b7ddac4324a4714ca61f04
SHA1: 67ceadd25f8cb6e9ee9b582e9cf86fe85eb975ab
PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers: UPX
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX[/CODE]

[size="1"][color="#666686"][B][I]Добавлено через 17 минут[/I][/B][/color][/size]

Еще одна малварка, выуженная мной у пользователя на форуме нашего провайдера:

[CODE]Файл avz00001.dta получен 2008.02.23 12:51:28 (CET)

AhnLab-V3 2008.2.22.0 2008.02.22 -
AntiVir 7.6.0.67 2008.02.22 -
Authentium 4.93.8 2008.02.23 -
Avast 4.7.1098.0 2008.02.22 -
AVG 7.5.0.516 2008.02.22 -
BitDefender 7.2 2008.02.23 -
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.23 -
DrWeb 4.44.0.09170 2008.02.22 -
eSafe 7.0.15.0 2008.02.21 -
[B]eTrust-Vet 31.3.5557 2008.02.23 Win32/Pripecs!generic[/B]
Ewido 4.0 2008.02.23 -
FileAdvisor 1 2008.02.23 -
Fortinet 3.14.0.0 2008.02.23 -
[B]F-Prot 4.4.2.54 2008.02.22 W32/FakeAlert.E.gen!Eldorado[/B]
F-Secure 6.70.13260.0 2008.02.22 -
Ikarus T3.1.1.20 2008.02.23 Virus.Win32.Agent.LTS
Kaspersky 7.0.0.125 2008.02.23 -
McAfee 5236 2008.02.22 -
[B]Microsoft 1.3204 2008.02.23 Adware:Win32/SmitFraud[/B]
NOD32v2 2897 2008.02.22 -
Norman 5.80.02 2008.02.22 -
Panda 9.0.0.4 2008.02.23 -
[B]Prevx1 V2 2008.02.23 Downloader.Zlob[/B]
Rising 20.32.52.00 2008.02.23 -
Sophos 4.26.0 2008.02.23 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.23 -
TheHacker 6.2.9.227 2008.02.22 -
[B]VBA32 3.12.6.1 2008.02.21 suspected of Downloader.Zlob.8[/B]
VirusBuster 4.3.26:9 2008.02.22 -
Webwasher-Gateway 6.6.2 2008.02.23 -
Дополнительная информация
File size: 233472 bytes
MD5: a5744a05fbffae4a6d2b29c35dd0ceb4
SHA1: 4c9123993836e14124619adc803f7a9732a3e24b[/CODE]
27.02.2008, 16:34
rubin

Файл avz00006.dta получен 2008.02.27 14:25:40 (CET)
[CODE][B]AhnLab-V3 2008.2.27.0 2008.02.27 Win-Trojan/Stresid.9728
AntiVir 7.6.0.67 2008.02.27 TR/Stresid.G[/B]
Authentium 4.93.8 2008.02.27 -
[B]Avast 4.7.1098.0 2008.02.26 Win32:Trojan-gen {Other}
AVG 7.5.0.516 2008.02.27 PSW.Generic5.AZV
BitDefender 7.2 2008.02.27 Trojan.Stresid.G[/B]
CAT-QuickHeal 9.50 2008.02.26 -
ClamAV 0.92.1 2008.02.27 -
DrWeb 4.44.0.09170 2008.02.27 -
eSafe 7.0.15.0 2008.02.26 -
[B]eTrust-Vet 31.3.5567 2008.02.27 Win32/Stresid.D[/B]
Ewido 4.0 2008.02.27 -
FileAdvisor 1 2008.02.27 -
[B]Fortinet 3.14.0.0 2008.02.27 Agent.BF!tr.spy[/B]
F-Prot 4.4.2.54 2008.02.26 -
F-Secure 6.70.13260.0 2008.02.27 -
Ikarus T3.1.1.20 2008.02.27 -
Kaspersky 7.0.0.125 2008.02.27 -
[B]McAfee 5238 2008.02.26 Spy-Agent.bf.dldr
Microsoft 1.3301 2008.02.27 Trojan:Win32/Stresid.gen[/B]
NOD32v2 2905 2008.02.27 -
Norman 5.80.02 2008.02.26 -
[B]Panda 9.0.0.4 2008.02.27 Trj/Agent.DPE
Prevx1 V2 2008.02.27 Generic.Malware[/B]
Rising 20.33.22.00 2008.02.27 -
Sophos 4.27.0 2008.02.27 -
[B]Sunbelt 3.0.893.0 2008.02.23 Trojan.LinkOptimizer[/B]
[B]Symantec 10 2008.02.27 Trojan.LinkOptimizer[/B]
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.26 -
[B]Webwasher-Gateway 6.6.2 2008.02.27 Trojan.Stresid.G[/B][/CODE]

File size: 9728 bytes
MD5: e7bfcaf612251e76228c3c5f2abc7b0b
SHA1: 37047c3153179b69ae7134d2439c5d57faa59e20
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=7E904DAA00792017264000123BA89E0067E2A30F[/url]
28.02.2008, 21:16
rubin

virtumonde

Файл avz00003.dta получен 2008.02.28 19:00:01 (CET)

[CODE]AhnLab-V3 2008.2.28.2 2008.02.28 -
[B]AntiVir 7.6.0.67 2008.02.28 TR/Vundo.Gen[/B]
Authentium 4.93.8 2008.02.28 -
Avast 4.7.1098.0 2008.02.27 -
AVG 7.5.0.516 2008.02.28 -
BitDefender 7.2 2008.02.28 -
CAT-QuickHeal 9.50 2008.02.28 -
ClamAV 0.92.1 2008.02.28 -
DrWeb 4.44.0.09170 2008.02.28 -
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5571 2008.02.28 -
Ewido 4.0 2008.02.28 -
FileAdvisor 1 2008.02.28 -
Fortinet 3.14.0.0 2008.02.28 -
[B]F-Prot 4.4.2.54 2008.02.27 W32/Virtumonde.G.gen!Eldorado
F-Secure 6.70.13260.0 2008.02.28 Vundo.gen58[/B]
Ikarus T3.1.1.20 2008.02.28 -
Kaspersky 7.0.0.125 2008.02.28 -
McAfee 5241 2008.02.28 -
[B]Microsoft 1.3301 2008.02.28 Trojan:Win32/Vundo.gen!A[/B]
NOD32v2 2909 2008.02.28 -
[B]Norman 5.80.02 2008.02.28 Vundo.gen58[/B]
Panda 9.0.0.4 2008.02.27 -
[B]Prevx1 V2 2008.02.28 Trojan.Vundo[/B]
Rising 20.33.32.00 2008.02.28 -
Sophos 4.27.0 2008.02.28 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.02.28 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.27 -
[B]VirusBuster 4.3.26:9 2008.02.28 Adware.Vundo.Gen!Pac.18
Webwasher-Gateway 6.6.2 2008.02.28 Trojan.Vundo.Gen[/B][/CODE]

File size: 289280 bytes
MD5: bdaf285c8738d0081b1507b5b3bf6554
SHA1: 9ed3cec505fda56ba5d465a51f8bca2fa053fa57
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=82699DE7006F27B76A3804A38AA8F60090A9E7EF[/url]
29.02.2008, 17:47
Shu_b

Вложений: 3

Февраль.
Жаль что мало результатов...
01.03.2008, 13:58
strawser

File CuteFTP8_Keygen.exe received on 03.01.2008 11:52:30 (CET)
AhnLab-V3 2008.2.29.1 2008.02.29 -
[B]AntiVir 7.6.0.73 2008.02.29 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.02.29 -
[B]BitDefender 7.2 2008.03.01 MemScan:Trojan.PWS.LDPinch.TJR
CAT-QuickHeal 9.50 2008.03.01 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.02.29 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.02.29 -
[B]F-Secure 6.70.13260.0 2008.03.01 W32/Malware
Ikarus T3.1.1.20 2008.03.01 BehavesLikeWin32.ProcessHijack
Kaspersky 7.0.0.125 2008.03.01 Trojan-PSW.Win32.Agent.zp[/B]
McAfee 5242 2008.02.29 -
Microsoft 1.3301 2008.03.01 -
NOD32v2 2913 2008.03.01 -
[B]Norman 5.80.02 2008.02.29 W32/Malware
Panda 9.0.0.4 2008.03.01 Suspicious file[/B]
Prevx1 V2 2008.03.01 -
Rising 20.33.52.00 2008.03.01 -
Sophos 4.27.0 2008.03.01 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.229 2008.02.25 -
[B]VBA32 3.12.6.2 2008.02.27 suspected of Embedded.MalwareScope.Trojan-PSW.Pinch.1[/B]
VirusBuster 4.3.26:9 2008.02.29 -
[B]Webwasher-Gateway 6.6.2 2008.03.01 Trojan.Crypt.XPACK.Gen[/B]
Additional information
File size: 23040 bytes
MD5: fb8983a47983f4335790705ce98aa7c2
SHA1: 3e66bb78992e387ce6e49fd92ec64031eab36213
PEiD: -

File game.rar received on 03.01.2008 11:54:49 (CET)
AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.02.29 -
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.02.29 -
BitDefender 7.2 2008.03.01 -
[B]CAT-QuickHeal 9.50 2008.03.01 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.02.29 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.02.29 -
F-Secure 6.70.13260.0 2008.03.01 -
Ikarus T3.1.1.20 2008.03.01 -
[B]Kaspersky 7.0.0.125 2008.03.01 Heur.Trojan.Generic[/B]
McAfee 5242 2008.02.29 -
Microsoft 1.3301 2008.03.01 -
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
[B]Panda 9.0.0.4 2008.03.01 Suspicious file
Prevx1 V2 2008.03.01 Heuristic: Suspicious File With Covert [/B][B]Attributes[/B]
Rising 20.33.52.00 2008.03.01 -
[B]Sophos 4.27.0 2008.03.01 Sus/DelpDldr-A[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.229 2008.02.25 -
[B]VBA32 3.12.6.2 2008.02.27 suspected of Win32.Trojan-Downloader[/B]
VirusBuster 4.3.26:9 2008.02.29 -
[B]Webwasher-Gateway 6.6.2 2008.03.01 Win32.Malware.gen#PECompact (suspicious)[/B]
Additional information
File size: 232572 bytes
MD5: 60a7fa716edd916d85b436d0987722d2
SHA1: 817910417fc937980872e7c64730d3c9fe4a8ac2
PEiD: -
packers: PecBundle, PECompact
packers: PE_Patch.PECompact, PecBundle, PECompact, PE_Patch.PECompact, PecBundle, PECompact
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=F097827800113AB1401F01409B641C00620DE4E0[/url]
01.03.2008, 23:00
rubin

C:\WINDOWS\system32\mssrv32.exe

Файл avz00002.dta получен 2008.03.01 15:08:31 (CET)

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
[B]AntiVir 7.6.0.73 2008.02.29 DR/Delphi.Gen[/B]
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.02.29 -
BitDefender 7.2 2008.03.01 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.01 -
[B]DrWeb 4.44.0.09170 2008.03.01 Trojan.PWS.LDPinch.1941[/B]
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.02.29 -
F-Secure 6.70.13260.0 2008.03.01 -
[B]Ikarus T3.1.1.20 2008.03.01 Virus.Win32.Zapchast.DA[/B]
Kaspersky 7.0.0.125 2008.03.01 -
McAfee 5242 2008.02.29 -
[B]Microsoft 1.3301 2008.03.01 VirTool:Win32/DelfInject.gen!AA[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.01 -
Prevx1 V2 2008.03.01 -
[B]Rising 20.33.52.00 2008.03.01 Trojan.DL.Win32.Agent.bxw
Sophos 4.27.0 2008.03.01 Mal/EncPk-CM[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.29 -
[B]Webwasher-Gateway 6.6.2 2008.03.01 Trojan.Dropper.Delphi.Gen[/B][/CODE]
File size: 32256 bytes
MD5: 2de32a43ad09d558c3ff0bd3ac093760
SHA1: 5772af34611ea4ab5536e27362b5ce91a723501a
PEiD: -

C:\WINDOWS\system32\WLCtrl32.dll
Файл avz00005.dta получен 2008.03.01 15:08:31 (CET)

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.02.29 -
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.02.29 -
BitDefender 7.2 2008.03.01 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.02.29 -
F-Secure 6.70.13260.0 2008.03.01 -
Ikarus T3.1.1.20 2008.03.01 -
Kaspersky 7.0.0.125 2008.03.01 -
McAfee 5242 2008.02.29 -
[B]Microsoft 1.3301 2008.03.01 TrojanDropper:Win32/Cutwail.Y[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.01 -
[B]Prevx1 V2 2008.03.01 KAVKOP:Trojan-A[/B]
Rising 20.33.52.00 2008.03.01 -
Sophos 4.27.0 2008.03.01 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.229 2008.02.25 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.29 -
Webwasher-Gateway 6.6.2 2008.03.01 -[/code]
Дополнительная информация
File size: 11776 bytes
MD5: 31143dab862917c131d3216af7553448
SHA1: 2bc62f5a377171f5d4f2b4332e8e18f7bd33cd98
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=4F89B280000554D82E1300A2B9636300C0F15FC3[/url]

[size="1"][color="#666686"][B][I]Добавлено через 5 часов 34 минуты[/I][/B][/color][/size]

C:\Documents and Settings\LocalService\Local Settings\Application Data\cftmon.exe

Файл avz00001.dta получен 2008.03.01 20:43:28 (CET)

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
[B]AntiVir 7.6.0.73 2008.02.29 TR/Drop.Agent.snu[/B]
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.01 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.03.01 -
F-Secure 6.70.13260.0 2008.03.01 -
Ikarus T3.1.1.20 2008.03.01 -
Kaspersky 7.0.0.125 2008.03.01 -
McAfee 5242 2008.02.29 -
Microsoft 1.3301 2008.03.01 -
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.01 -
Prevx1 V2 2008.03.01 -
Rising 20.33.52.00 2008.03.01 -
Sophos 4.27.0 2008.03.01 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.230 2008.03.01 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.29 -
[B]Webwasher-Gateway 6.6.2 2008.03.01 Trojan.Drop.Agent.snu[/B][/CODE]

File size: 27032 bytes
MD5: 9c88404d896787714e9b9a5f7a3c07b9
SHA1: f37c0ce3d0095dcb51be2c405b9111ade0dc3549
PEiD: -

[size="1"][color="#666686"][B][I]Добавлено через 11 минут[/I][/B][/color][/size]

Продолжаем пополнение :)

C:\Program Files\Common Files\System\ntsvc32k.exe

Файл avz00002.dta получен 2008.03.01 20:51:48 (CET)

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
[B]AntiVir 7.6.0.73 2008.02.29 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.01 -
[B]CAT-QuickHeal 9.50 2008.03.01 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.03.01 -
[B]F-Secure 6.70.13260.0 2008.03.01 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.03.01 Trojan.Crypt.XPACK[/B]
Kaspersky 7.0.0.125 2008.03.01 -
McAfee 5242 2008.02.29 -
[B]Microsoft 1.3301 2008.03.01 Trojan:Win32/Chksyn.gen!A[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
[B]Panda 9.0.0.4 2008.03.01 Suspicious file
Prevx1 V2 2008.03.01 Generic.Malware[/B]
Rising 20.33.52.00 2008.03.01 -
[B]Sophos 4.27.0 2008.03.01 Mal/Generic-A[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.230 2008.03.01 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.29 -
[B]Webwasher-Gateway 6.6.2 2008.03.01 Trojan.Crypt.XPACK.Gen[/B][/CODE]

File size: 14032 bytes
MD5: dd701590a5745d4af33ff88e3f0ea02b
SHA1: 3c33f183e479c735b18cdf7feef80fce3401ee1b
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=1F5DD87DD0DC2229369F00A4BCD29400323D834C[/url]

C:\Program Files\Common Files\System\RDPsvc2.exe

Файл avz00004.dta получен 2008.03.01 20:52:06 (CET)

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
[B]AntiVir 7.6.0.73 2008.02.29 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.01 -
[B]CAT-QuickHeal 9.50 2008.03.01 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.01 -
FileAdvisor 1 2008.03.01 -
Fortinet 3.14.0.0 2008.03.01 -
F-Prot 4.4.2.54 2008.03.01 -
[B]F-Secure 6.70.13260.0 2008.03.01 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.03.01 Trojan.Crypt.XPACK[/B]
Kaspersky 7.0.0.125 2008.03.01 -
McAfee 5242 2008.02.29 -
[B]Microsoft 1.3301 2008.03.01 Trojan:Win32/Chksyn.gen!A[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
[B]Panda 9.0.0.4 2008.03.01 Suspicious file
Prevx1 V2 2008.03.01 Generic.Malware[/B]
Rising 20.33.52.00 2008.03.01 -
[B]Sophos 4.27.0 2008.03.01 Mal/Generic-A[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.01 -
TheHacker 6.2.9.230 2008.03.01 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.02.29 -
[B]Webwasher-Gateway 6.6.2 2008.03.01 Trojan.Crypt.XPACK.Gen[/B][/CODE]

File size: 31728 bytes
MD5: 633272b631f9935df968f1dbce840667
SHA1: f5fe22583139085b8857adea7606f0c45604d7ff
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=2C4CA0BBF07750D27B550062F0376A00A69FD467[/url]
02.03.2008, 20:33
rubin

t=18975

C:\WINDOWS\explorer.exe:whois2.jpg:$DATA
Файл avz00002.dta получен 2008.03.02 10:54:04 (CET)
[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.02.29 -
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.02 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV None 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
[B]eSafe 7.0.15.0 2008.02.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.02 -
FileAdvisor 1 2008.03.02 -
Fortinet 3.14.0.0 2008.03.02 -
[B]F-Prot 4.4.2.54 2008.03.01 W32/Heuristic-MU2!Eldorado[/B]
F-Secure 6.70.13260.0 2008.03.01 -
Ikarus T3.1.1.20 2008.03.02 -
Kaspersky 7.0.0.125 2008.03.02 -
McAfee 5242 2008.02.29 -
Microsoft 1.3301 2008.03.02 -
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.01 -
Prevx1 V2 2008.03.02 -
Rising 20.33.52.00 2008.03.01 -
Sophos 4.27.0 2008.03.02 -
[B]Sunbelt 3.0.906.0 2008.02.28 VIPRE.Suspicious[/B]
Symantec 10 2008.03.02 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.02 -
[B]Webwasher-Gateway 6.6.2 2008.03.02 Win32.Malware.dam (suspicious)[/B][/CODE]
File size: 28319 bytes
MD5: d7bc1d1f3c55ef3c5823edd0b8855b3c
SHA1: c88c2091ce620e08340a3eaaae86a9cf0d8f5ad9
PEiD: -
packers: PE_Patch

Файл avz00010.dta получен 2008.03.02 10:55:15 (CET)
C:\WINDOWS\system32\consol.dll

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.02.29 -
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.02 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
[B]eSafe 7.0.15.0 2008.02.28 suspicious Trojan/Worm
eTrust-Vet 31.3.5574 2008.02.29 Win32/Kvol!generic[/B]
Ewido 4.0 2008.03.02 -
FileAdvisor 1 2008.03.02 -
Fortinet 3.14.0.0 2008.03.02 -
F-Prot 4.4.2.54 2008.03.01 -
F-Secure 6.70.13260.0 2008.03.01 -
[B]Ikarus T3.1.1.20 2008.03.02 Virus.Trojan.Win32.Pakes.cdw[/B]
Kaspersky 7.0.0.125 2008.03.02 -
McAfee 5242 2008.02.29 -
[B]Microsoft 1.3301 2008.03.02 Trojan:Win32/Boaxxe.B[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
[B]Panda 9.0.0.4 2008.03.01 Suspicious file
Prevx1 V2 2008.03.02 Generic.Malware[/B]
Rising 20.33.52.00 2008.03.01 -
Sophos 4.27.0 2008.03.02 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.02 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.02 -
Webwasher-Gateway 6.6.2 2008.03.02 -[/CODE]

File size: 88064 bytes
MD5: 4fbabeff1bfe366c916cf00ca29eb640
SHA1: 4a02ef50600b89bef0ac8ad5c7caf520a7fd5d85
PEiD: -
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=A4FE0FD500FD49C0583E0134C2F7F500BBBB980C[/url]

Файл avz00006.dta получен 2008.03.02 10:57:20 (CET)
C:\WINDOWS\explorer.exe:crawler1.jpg:$DATA

[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.02.29 -
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.01 -
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.02 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.01 -
DrWeb 4.44.0.09170 2008.03.01 -
[B]eSafe 7.0.15.0 2008.02.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.02 -
FileAdvisor 1 2008.03.02 -
Fortinet 3.14.0.0 2008.03.02 -
F-Prot 4.4.2.54 2008.03.01 -
F-Secure 6.70.13260.0 2008.03.01 -
Ikarus T3.1.1.20 2008.03.02 -
Kaspersky 7.0.0.125 2008.03.02 -
McAfee 5242 2008.02.29 -
Microsoft 1.3301 2008.03.02 -
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
[B]Panda 9.0.0.4 2008.03.01 Suspicious file
Prevx1 V2 2008.03.02 Heuristic: Suspicious File With Mass Email Capabilities[/B]
Rising 20.33.52.00 2008.03.01 -
Sophos 4.27.0 2008.03.02 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.02 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.02 -
Webwasher-Gateway 6.6.2 2008.03.02 -[/CODE]

File size: 96256 bytes
MD5: c9262818fe4434d000747266303a3c74
SHA1: 6272819b4a1c6044c33091ac449e5c80170af1d4
PEiD: -
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=AAC3E01900ABA4D278F201971880750081EE0D07[/url]

[size="1"][color="#666686"][B][I]Добавлено через 7 часов 19 минут[/I][/B][/color][/size]

C:\Program Files\NetProject\sbmntr.exe

Файл avz00002.dta получен 2008.03.02 18:24:40 (CET)
[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.03.02 -
Authentium 4.93.8 2008.03.01 -
[B]Avast 4.7.1098.0 2008.03.02 Win32:Zlob-AGV[/B]
AVG 7.5.0.516 2008.03.01 -
BitDefender 7.2 2008.03.02 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.02 -
DrWeb 4.44.0.09170 2008.03.02 -
[B]eSafe 7.0.15.0 2008.02.28 suspicious Trojan/Worm
eTrust-Vet 31.3.5574 2008.02.29 Win32/Crushpy!generic[/B]
Ewido 4.0 2008.03.02 -
FileAdvisor 1 2008.03.02 -
Fortinet 3.14.0.0 2008.03.02 -
F-Prot 4.4.2.54 2008.03.01 -
F-Secure 6.70.13260.0 2008.03.01 -
[B]Ikarus T3.1.1.20 2008.03.02 Trojan.Zlob.2[/B]
Kaspersky 7.0.0.125 2008.03.02 -
McAfee 5242 2008.02.29 Puper
[B]Microsoft 1.3301 2008.03.02 TrojanDownloader:Win32/Zlob.gen!AS[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
[B]Panda 9.0.0.4 2008.03.02 Suspicious file
Prevx1 V2 2008.03.02 Trojan.Popuper[/B]
Rising 20.33.62.00 2008.03.02 -
Sophos 4.27.0 2008.03.02 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.02 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
[B]VirusBuster 4.3.26:9 2008.03.02 Trojan.DL.Zlob.Gen.34[/B]
Webwasher-Gateway 6.6.2 2008.03.02 -[/CODE]

File size: 19456 bytes
MD5: 786195fe521229ee428856017b63aaf3
SHA1: cf3bcc4e2e6b8dc9300d4fed5018b6ec9b69442f
PEiD: UPX 2.93 - 3.00 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers: UPX
packers: embedded, UPX_LZMA
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=0238809000632F5E4CEC009DABB03000C9A1649B[/url]

C:\Program Files\NetProject\sbsm.exe
Файл avz00003.dta получен 2008.03.02 18:24:45 (CET)
[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
AntiVir 7.6.0.73 2008.03.02 -
Authentium 4.93.8 2008.03.01 -
[B]Avast 4.7.1098.0 2008.03.02 Win32:Zlob-AGV
AVG 7.5.0.516 2008.03.01 Downloader.Zlob.AAH[/B]
BitDefender 7.2 2008.03.02 -
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.02 -
DrWeb 4.44.0.09170 2008.03.02 -
eSafe 7.0.15.0 2008.02.28 -
[B]eTrust-Vet 31.3.5574 2008.02.29 Win32/Crushpy!generic[/B]
Ewido 4.0 2008.03.02 -
FileAdvisor 1 2008.03.02 -
Fortinet 3.14.0.0 2008.03.02 -
[B]F-Prot 4.4.2.54 2008.03.01 W32/Nilage.gen!GSA[/B]
F-Secure 6.70.13260.0 2008.03.01 -
[B]Ikarus T3.1.1.20 2008.03.02 Virus.Win32.Zlob.AGV[/B]
Kaspersky 7.0.0.125 2008.03.02 -
McAfee 5242 2008.02.29 -
[B]Microsoft 1.3301 2008.03.02 TrojanDownloader:Win32/Zlob.gen!AU[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.02 -
[B]Prevx1 V2 2008.03.02 Downloader.Zlob.AAH[/B]
Rising 20.33.62.00 2008.03.02 -
Sophos 4.27.0 2008.03.02 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.02 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
[B]VirusBuster 4.3.26:9 2008.03.02 Trojan.DL.Zlob.Gen.34[/B]
Webwasher-Gateway 6.6.2 2008.03.02 -[/CODE]

File size: 7168 bytes
MD5: d5080c753fc432c953253fdf177c47f1
SHA1: 348838430ec86c187d75c12341d5afe36fa9bcb3
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=C69FC715003A40A91C160067CCEF4E003AAA3D50[/url]

C:\Program Files\Helper\1204389949.dll
Файл avz00004.dta получен 2008.03.02 18:24:50 (CET)
[CODE]AhnLab-V3 2008.2.29.1 2008.02.29 -
[B]AntiVir 7.6.0.73 2008.03.02 TR/Downloader.Gen[/B]
Authentium 4.93.8 2008.03.01 -
Avast 4.7.1098.0 2008.03.02 -
AVG 7.5.0.516 2008.03.01 -
[B]BitDefender 7.2 2008.03.02 Trojan.Downloader.Zlob.ABMP[/B]
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.02 -
DrWeb 4.44.0.09170 2008.03.02 -
[B]eSafe 7.0.15.0 2008.02.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5574 2008.02.29 -
Ewido 4.0 2008.03.02 -
FileAdvisor 1 2008.03.02 -
Fortinet 3.14.0.0 2008.03.02 -
F-Prot 4.4.2.54 2008.03.01 -
F-Secure 6.70.13260.0 2008.03.01 -
[B]Ikarus T3.1.1.20 2008.03.02 Trojan-Downloader[/B]
Kaspersky 7.0.0.125 2008.03.02 -
McAfee 5242 2008.02.29 Puper.dll
[B]Microsoft 1.3301 2008.03.02 BrowserModifier:Win32/E404[/B]
NOD32v2 2913 2008.03.01 -
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.02 -
[B]Prevx1 V2 2008.03.02 TROJAN.DA.DLL[/B]
Rising 20.33.62.00 2008.03.02 -
Sophos 4.27.0 2008.03.02 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.02 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.02 -
[B]Webwasher-Gateway 6.6.2 2008.03.02 Trojan.Downloader.Gen[/B][/CODE]

File size: 12800 bytes
MD5: 49046bfdf2d145519da86272dacb31c6
SHA1: 6b4d637f63dce4e558cb2b967626bdeff1d3b2af
PEiD: -
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=A53746AA00726F9332FF004902A8C5003F2C68D3[/url]
03.03.2008, 16:57
drongo

t=18497
[code]
File avz00019.dta received on 03.03.2008 14:47:37 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 14/32 (43.75%)

Antivirus Version Last Update Result
[B]AhnLab-V3 2008.2.29.1 2008.03.03 Dropper/Downloader.23552.AB
AntiVir 7.6.0.73 2008.03.03 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.02 -
[B]Avast 4.7.1098.0 2008.03.02 Win32:Delf-IFY
AVG 7.5.0.516 2008.03.03 Win32/PolyCrypt
BitDefender 7.2 2008.03.03 Packer.Malware.FriCryptor.B[/B]
CAT-QuickHeal 9.50 2008.03.01 -
ClamAV 0.92.1 2008.03.03 -
DrWeb 4.44.0.09170 2008.03.03 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5582 2008.03.03 -
Ewido 4.0 2008.03.03 -
FileAdvisor 1 2008.03.03 -
Fortinet 3.14.0.0 2008.03.03 -
[B]F-Prot 4.4.2.54 2008.03.02 W32/Dropper.ITS
F-Secure 6.70.13260.0 2008.03.03 PolyCrypt.F
Ikarus T3.1.1.20 2008.03.03 Trojan.Win32.Pakes.bod
Kaspersky 7.0.0.125 2008.03.03 Heur.Trojan.Generic
McAfee 5242 2008.02.29 New Malware.cn[/B]
Microsoft 1.3301 2008.03.03 -
NOD32v2 2917 2008.03.03 -
[B]Norman 5.80.02 2008.02.29 PolyCrypt.F[/B]
Panda 9.0.0.4 2008.03.02 -
Prevx1 V2 2008.03.03 -
Rising 20.34.02.00 2008.03.03 -
[B]Sophos 4.27.0 2008.03.03 Mal/Basine-C[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.03 -
TheHacker 6.2.92.231 2008.03.02 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.02 -
[B]Webwasher-Gateway 6.6.2 2008.03.03 Trojan.Crypt.XPACK.Gen[/B]
Additional information
File size: 23552 bytes
MD5: 7b1e68660309bb255ad7f0dbc29a70b5
SHA1: 281ada06492035a47c36bc74fd8cb7363de4a3cd
PEiD: -[/code]
03.03.2008, 19:41
XL

Желатин новой волны

[quote]Файл e-card.rar получен 2008.03.03 17:28:20 (CET)

AhnLab-V3 2008.2.29.1 2008.03.03 -
[b]AntiVir 7.6.0.73 2008.03.03 Worm/Zhelatin.pc[/b]
Authentium 4.93.8 2008.03.02 -
Avast 4.7.1098.0 2008.03.02 -
[b]AVG 7.5.0.516 2008.03.03 I-Worm/Nuwar.N
BitDefender 7.2 2008.03.03 Trojan.Peed.IWV
CAT-QuickHeal 9.50 2008.03.01 Win32.Email-Worm.Zhelatin.vg
ClamAV 0.92.1 2008.03.03 Trojan.Peed-130
DrWeb 4.44.0.09170 2008.03.03 Trojan.Packed.357
eSafe 7.0.15.0 2008.02.28 Suspicious File[/b]
eTrust-Vet 31.3.5582 2008.03.03 -
Ewido 4.0 2008.03.03 -
FileAdvisor 1 2008.03.03 -
[b]Fortinet 3.14.0.0 2008.03.03 W32/PackTibs.M
F-Prot 4.4.2.54 2008.03.02 W32/Zhelatin.F.gen!Eldorado
F-Secure 6.70.13260.0 2008.03.03 Email-Worm.Win32.Zhelatin.vg
Ikarus T3.1.1.20 2008.03.03 Trojan.Peed.IWV
Kaspersky 7.0.0.125 2008.03.03 Email-Worm.Win32.Zhelatin.vg
McAfee 5242 2008.02.29 W32/Nuwar@MM
Microsoft 1.3301 2008.03.03 TrojanDropper:Win32/Nuwar.gen!B
NOD32v2 2917 2008.03.03 probably a variant of Win32/Nuwar.Gen[/b]
Norman 5.80.02 2008.02.29 -
Panda 9.0.0.4 2008.03.02 -
Prevx1 V2 2008.03.03 -
[b]Rising 20.34.02.00 2008.03.03 Worm.Mail.Win32.Zhelatin.wqu
Sophos 4.27.0 2008.03.03 W32/Dorf-AX[/b]
Sunbelt 3.0.906.0 2008.02.28 -
TheHacker 6.2.92.231 2008.03.02 -
[b]VBA32 3.12.6.2 2008.02.27 Email-Worm.Win32.Zhelatin.vg
VirusBuster 4.3.26:9 2008.03.03 Worm.DR.Zhelatin.Gen.4
Webwasher-Gateway 6.6.2 2008.03.03 Worm.Zhelatin.pc[/b]
Дополнительная информация
File size: 112204 bytes
MD5: 2da17496133f43e5d8255becbed11520
SHA1: 75791e54fff722d17366d3ce09e51a89ada06254[/quote]
04.03.2008, 10:53
ALEX(XX)

File kgxpltsrh_xplore_keygen.exe received on 03.04.2008 08:42:07 (CET)

[code]Antivirus Version Last Update Result
AhnLab-V3 2008.3.4.0 2008.03.03 -
[B]AntiVir 7.6.0.73 2008.03.04 Worm/SdBot.21176.1[/B]
Authentium 4.93.8 2008.03.04 -
[B]Avast 4.7.1098.0 2008.03.04 Win32:SdBot-5210[/B]
[B]AVG 7.5.0.516 2008.03.03 IRC/BackDoor.SdBot3.BHV[/B]
[B]BitDefender 7.2 2008.03.03 Win32.Worm.Sdbot.AS[/B]
[B]CAT-QuickHeal 9.50 2008.03.03 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.04 -
DrWeb 4.44.0.09170 2008.03.04 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5585 2008.03.04 -
Ewido 4.0 2008.03.03 -
FileAdvisor 1 2008.03.04 -
[B]Fortinet 3.14.0.0 2008.03.04 W32/SDBot.AS!worm[/B]
[B]F-Prot 4.4.2.54 2008.03.03 W32/Heuristic-162!Eldorado[/B]
[B]F-Secure 6.70.13260.0 2008.03.04 W32/SDBot.BIDF[/B]
[B]Ikarus T3.1.1.20 2008.03.04 P2P-Worm.Win32.SpyBot.gl[/B]
Kaspersky 7.0.0.125 2008.03.04 -
[B]McAfee 5243 2008.03.03 W32/Sdbot.worm.gen.as[/B]
Microsoft 1.3301 2008.03.03 -
NOD32v2 2919 2008.03.04 -
[B]Norman 5.80.02 2008.03.03 W32/SDBot.BIDF[/B]
[B]Panda 9.0.0.4 2008.03.03 W32/Sdbot.LAR.worm[/B]
[B]Prevx1 V2 2008.03.04 Generic.Malware[/B]
Rising 20.34.10.00 2008.03.04 -
[B]Sophos 4.27.0 2008.03.04 Mal/Generic-A[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.04 -
[B]TheHacker 6.2.92.232 2008.03.04 W32/SdBot.worm.gen[/B]
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.03 -
[B]Webwasher-Gateway 6.6.2 2008.03.04 Worm.SdBot.21176.1[/B]
[/code]

Additional informationFile size: 21176 bytesMD5: 5c7080f7cd3668801c44f677ca9f0621SHA1: fad19e7f07e3ba825d7014c7fa7ef3526aba8872PEiD: PECompact 2.xx (Slim Loader) --> BitSum Technologiespackers: PecBundle, PECompactpackers: PE_Patch.PECompact, PecBundle, PECompactPrevx info: [URL]http://info.prevx.com/aboutprogramtext.asp?PX5=728963E3B87532C5526500906DC301006020C823[/URL]
04.03.2008, 15:03
rubin

mssrv32.exe

[CODE]AhnLab-V3 2008.3.4.0 2008.03.04 -
[B]AntiVir 7.6.0.73 2008.03.04 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.04 -
Avast 4.7.1098.0 2008.03.04 -
[B]AVG 7.5.0.516 2008.03.03 Flooder.O[/B]
BitDefender 7.2 2008.03.04 -
CAT-QuickHeal 9.50 2008.03.03 -
ClamAV 0.92.1 2008.03.04 -
DrWeb 4.44.0.09170 2008.03.04 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5585 2008.03.04 -
Ewido 4.0 2008.03.03 -
FileAdvisor 1 2008.03.04 -
Fortinet 3.14.0.0 2008.03.04 -
F-Prot 4.4.2.54 2008.03.03 -
F-Secure 6.70.13260.0 2008.03.04 -
Ikarus T3.1.1.20 2008.03.04 -
[B]Kaspersky 7.0.0.125 2008.03.04 Heur.Trojan.Generic[/B]
McAfee 5243 2008.03.03 -
Microsoft 1.3301 2008.03.03 -
NOD32v2 2920 2008.03.04 -
Norman 5.80.02 2008.03.03 -
Panda 9.0.0.4 2008.03.03 -
[B]Prevx1 V2 2008.03.04 Heuristic: Suspicious Self Modifying EXE[/B]
Rising 20.34.12.00 2008.03.04 -
[B]Sophos 4.27.0 2008.03.04 Mal/Basine-C[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.04 -
TheHacker 6.2.92.232 2008.03.04 -
VBA32 3.12.6.2 2008.02.27 -
VirusBuster 4.3.26:9 2008.03.03 -
[B]Webwasher-Gateway 6.6.2 2008.03.04 Trojan.Crypt.XPACK.Gen[/B][/CODE]

File size: 15872 bytes
MD5: b7ca5bcaf7ef79981343af80230c965c
SHA1: 1274e0f42b799a2b3d38678fd01de513917d6941
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=E5E80E4700C9E35D3EB100A598791E00A868A12F[/url]
04.03.2008, 22:50
ALEX(XX)

File avz00001.dta received on 03.04.2008 20:40:54 (CET)

[code]Antivirus Version Last Update Result
AhnLab-V3 2008.3.4.0 2008.03.04 -
[B]AntiVir 7.6.0.73 2008.03.04 TR/Dropper.Gen[/B]
Authentium 4.93.8 2008.03.04 -
Avast 4.7.1098.0 2008.03.04 -
AVG 7.5.0.516 2008.03.04 -
BitDefender 7.2 2008.03.04 -
CAT-QuickHeal 9.50 2008.03.04 -
ClamAV 0.92.1 2008.03.04 -
DrWeb 4.44.0.09170 2008.03.04 -
[B]eSafe 7.0.15.0 2008.02.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.3.5587 2008.03.04 -
Ewido 4.0 2008.03.04 -
FileAdvisor 1 2008.03.04 -
Fortinet 3.14.0.0 2008.03.04 -
F-Prot 4.4.2.54 2008.03.04 -
[B]F-Secure 6.70.13260.0 2008.03.04 W32/Smalltroj.CVQM[/B]
Ikarus T3.1.1.20 2008.03.04 -
[B]Kaspersky 7.0.0.125 2008.03.04 Trojan-Spy.Win32.Agent.ig[/B]
McAfee 5244 2008.03.04 -
Microsoft 1.3301 2008.03.04 -
NOD32v2 2921 2008.03.04 -
[B]Norman 5.80.02 2008.03.04 W32/Smalltroj.CVQM[/B]
Panda 9.0.0.4 2008.03.04 -
Prevx1 V2 2008.03.04 Taz
Rising 20.34.12.00 2008.03.04 -
[B]Sophos 4.27.0 2008.03.04 Sus/Dropper-A[/B]
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.04 -
TheHacker 6.2.92.233 2008.03.04 -
[B]VBA32 3.12.6.2 2008.02.27 suspected of Embedded.Trojan.Proxy.2240[/B]
VirusBuster 4.3.26:9 2008.03.04 -
[B]Webwasher-Gateway 6.6.2 2008.03.04 Trojan.Dropper.Gen[/B][/code]

Additional information
File size: 17408 bytes
MD5: 8c7f5ddbac559e025c1fcb5298535e88
SHA1: fabd90ac6eac34d0700b68fb65036c3cda927dd8
PEiD: -
packers: embedded, UPX
packers: PE_Patch.UPX, UPX
Prevx info: [URL]http://info.prevx.com/aboutprogramtext.asp?PX5=FB986A0F00033B184462005F49608E00014A63AF[/URL]
05.03.2008, 09:45
Karlson

Файл winfshs.exe получен 2008.03.04 15:50:44 (CET)
Текущий статус: закончено
Результат: [COLOR=red]13[/COLOR]/32 (40.62%)

[CODE]АнтивирусВерсияОбновлениеРезультат
[B]AhnLab-V32008.3.4.02008.03.04Win-Trojan/Xema.274944.B[/B]
AntiVir7.6.0.732008.03.04-
Authentium4.93.82008.03.02-
Avast4.7.1098.02008.03.02-
AVG7.5.0.5162008.03.04-
BitDefender7.22008.03.04-
CAT-QuickHeal9.502008.03.04-
ClamAV0.92.12008.03.04-
DrWeb4.44.0.091702008.03.04-
[B]eSafe7.0.15.02008.02.28suspiciousTrojan/Worm[/B]
e-TrustVet31.3.55822008.03.03-
Ewido4.02008.03.04-
FileAdvisor12008.03.04-
[B]Fortinet3.14.0.02008.03.03HackerTool/Evid[/B]
F-Prot4.4.2.542008.03.02-
[B]F-Secure6.70.13260.02008.03.04W32/Malware.BNIW[/B]
IkarusT3.1.1.202008.03.04-
Kaspersky7.0.0.1252008.03.04-
[B]McAfee52432008.03.03potentially unwanted program Tool-Evid[/B]
Microsoft1.33012008.03.03-
[B]NOD32v229212008.03.04Win32/Tool.EvID4226
Norman5.80.022008.03.04W32/Malware.BNIW
Panda9.0.0.42008.03.02Suspicious file
Prevx1V22008.03.04Win32.Malware.gen[/B]
Rising20.34.12.002008.03.04-
[B]Sophos4.27.02008.03.04EvID4226 Installer[/B]
Sunbelt3.0.906.02008.02.28-
[B]Symantec102008.03.04Backdoor.Trojan[/B]
TheHacker6.2.92.2312008.03.02-
VBA323.12.6.22008.02.27-
[B]VirusBuster4.3.26:92008.03.04RiskWare.DR.TCPIPPatcher.B
Webwasher-Gateway6.6.22008.03.04Riskware.Tool.EvID4226.A[/B][/CODE]
Дополнительная информацияFile size: 45568 bytes
MD5: a5e346828cd93262e9a9b4b874f29b89
SHA1: 4c1ba5e828f99edafcf5130e81020f09919d7fd4
PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiserpackers: UPXpackers: UPXpackers: PE_Patch.UPX, UPX
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=9AAF1B3400D51C18B205004A83DE0100A3785025[/url]
05.03.2008, 23:01
rubin

Файл TheBestFebruary.zip получен 2008.03.05 19:35:11 (CET)

[CODE]AhnLab-V3 2008.3.4.0 2008.03.05 -
[B]AntiVir 7.6.0.73 2008.03.05 TR/Crypt.CFI.Gen[/B]
Authentium 4.93.8 2008.03.04 -
Avast 4.7.1098.0 2008.03.05 -
[B]AVG 7.5.0.516 2008.03.05 Dropper.Joiner.2.AD[/B]
BitDefender 7.2 2008.03.05 -
[B]CAT-QuickHeal 9.50 2008.03.05 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.05 -
[B]DrWeb 4.44.0.09170 2008.03.05 Trojan.PWS.LDPinch.3118[/B]
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5590 2008.03.05 -
Ewido 4.0 2008.03.05 -
FileAdvisor 1 2008.03.05 -
Fortinet 3.14.0.0 2008.03.05 -
F-Prot 4.4.2.54 2008.03.04 -
[B]F-Secure 6.70.13260.0 2008.03.05 Trojan-PSW.Win32.LdPinch.rfj
Ikarus T3.1.1.20 2008.03.05 Trojan.Crypt.CFI
Kaspersky 7.0.0.125 2008.03.05 Trojan-PSW.Win32.LdPinch.rfj[/B]
McAfee 5245 2008.03.05 -
Microsoft 1.3301 2008.03.05 -
NOD32v2 2923 2008.03.05 -
Norman 5.80.02 2008.03.05 -
[B]Panda 9.0.0.4 2008.03.04 Suspicious file[/B]
Prevx1 V2 2008.03.05 -
Rising 20.34.22.00 2008.03.05 -
[B]Sophos 4.27.0 2008.03.05 Sus/UnkPacker[/B]
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.05 -
TheHacker 6.2.92.233 2008.03.04 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.05 -
[B]Webwasher-Gateway 6.6.2 2008.03.05 Trojan.Crypt.CFI.Gen[/B][/CODE]

File size: 475978 bytes
MD5: a1d47f256cadc6bfbc567b67b38ecb79
SHA1: a16235f1e67ff6a4cc45f976332e97e87df12e6a
PEiD: -

[size="1"][color="#666686"][B][I]Добавлено через 1 час 17 минут[/I][/B][/color][/size]

t=19250
Файл avz00001.dta получен 2008.03.05 20:40:49 (CET)
[CODE]AhnLab-V3 2008.3.4.0 2008.03.05 -
[B]AntiVir 7.6.0.73 2008.03.05 WORM/Zhelatin.Gen[/B]
Authentium 4.93.8 2008.03.04 -
Avast 4.7.1098.0 2008.03.05 -
[B]AVG 7.5.0.516 2008.03.05 I-Worm/Nuwar.N
BitDefender 7.2 2008.03.05 Trojan.Peed.JAN
CAT-QuickHeal 9.50 2008.03.05 Win32.Email-Worm.Zhelatin.uw4[/B]
ClamAV 0.92.1 2008.03.05 -
DrWeb 4.44.0.09170 2008.03.05 -
[B]eSafe 7.0.15.0 2008.02.28 Suspicious File[/B]
eTrust-Vet 31.3.5590 2008.03.05 -
Ewido 4.0 2008.03.05 -
FileAdvisor 1 2008.03.05 -
Fortinet 3.14.0.0 2008.03.05 -
F-Prot 4.4.2.54 2008.03.04 -
[B]F-Secure 6.70.13260.0 2008.03.05 Tibs.gen136
Ikarus T3.1.1.20 2008.03.05 Worm.Zhelatin
Kaspersky 7.0.0.125 2008.03.05 Trojan-Downloader.Win32.Tibs.wa[/B]
McAfee 5245 2008.03.05 -
[B]Microsoft 1.3301 2008.03.05 Trojan:Win32/Tibs.FS[/B]
NOD32v2 2924 2008.03.05 -
[B]Norman 5.80.02 2008.03.05 Tibs.gen136[/B]
Panda 9.0.0.4 2008.03.05 -
Prevx1 V2 2008.03.05 -
Rising 20.34.22.00 2008.03.05 -
Sophos 4.27.0 2008.03.05 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.05 -
TheHacker 6.2.92.233 2008.03.04 -
VBA32 3.12.6.2 2008.03.05 -
[B]VirusBuster 4.3.26:9 2008.03.05 Trojan.Tibs.Gen!Pac.G
Webwasher-Gateway 6.6.2 2008.03.05 Worm.Zhelatin.Gen[/B][/CODE]

File size: 13450 bytes
MD5: d8eb97562b628c838eb4336f70c6c51c
SHA1: 8e63e57d7780754b90a476c99156a3ba74ed937d
PEiD: -

Файл avz00016.dta получен 2008.03.05 20:54:37 (CET)

[CODE]AhnLab-V3 2008.3.4.0 2008.03.05 -
AntiVir 7.6.0.73 2008.03.05 -
Authentium 4.93.8 2008.03.04 -
Avast 4.7.1098.0 2008.03.05 -
AVG 7.5.0.516 2008.03.05 -
BitDefender 7.2 2008.03.05 -
CAT-QuickHeal 9.50 2008.03.05 -
ClamAV 0.92.1 2008.03.05 -
DrWeb 4.44.0.09170 2008.03.05 -
eSafe 7.0.15.0 2008.02.28 -
[B]eTrust-Vet 31.3.5590 2008.03.05 Win32/Pripecs!generic[/B]
Ewido 4.0 2008.03.05 -
FileAdvisor 1 2008.03.05 -
Fortinet 3.14.0.0 2008.03.05 -
[B]F-Prot 4.4.2.54 2008.03.04 W32/FakeAlert.E.gen!Eldorado[/B]
F-Secure 6.70.13260.0 2008.03.05 -
[B]Ikarus T3.1.1.20 2008.03.05 Virus.Win32.Agent.LTS[/B]
Kaspersky 7.0.0.125 2008.03.05 -
McAfee 5245 2008.03.05 -
Microsoft 1.3301 2008.03.05 -
NOD32v2 2923 2008.03.05 -
Norman 5.80.02 2008.03.05 -
Panda 9.0.0.4 2008.03.05 -
Prevx1 V2 2008.03.05 -
Rising 20.34.22.00 2008.03.05 -
Sophos 4.27.0 2008.03.05 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.05 -
TheHacker 6.2.92.233 2008.03.04 -
[B]VBA32 3.12.6.2 2008.03.05 suspected of Downloader.Zlob.7[/B]
VirusBuster 4.3.26:9 2008.03.05 -
Webwasher-Gateway 6.6.2 2008.03.05 -[/CODE]

File size: 266240 bytes
MD5: 81e82a1a255628b9454143403f45f302
SHA1: 44156be097de5dbfdb311cfae6ffb3406d99d61f
PEiD: -
07.03.2008, 11:22
pig

AVZ выдала подозрение на Brontok.

Файл avz00001.dta получен 2008.03.07 08:57:12 (CET)
Результат: [b]11/32[/b] (34.38%)

[code]Антивирус Версия Обновление Результат
[b]AhnLab-V3 2008.3.4.0 2008.03.07 Win32/Rontokbro.worm.81920[/b]
[b]AntiVir 7.6.0.73 2008.03.07 TR/Crypt.CFI.Gen[/b]
Authentium 4.93.8 2008.03.07 -
[b]Avast 4.7.1098.0 2008.03.06 Win32:Brontok[/b]
[b]AVG 7.5.0.516 2008.03.06 I-Worm/Brontok.A[/b]
[b]BitDefender 7.2 2008.03.07 Win32.Brontok.AP@mm[/b]
CAT-QuickHeal 9.50 2008.03.06 -
[b]ClamAV 0.92.1 2008.03.07 Worm.Brontok.B[/b]
DrWeb 4.44.0.09170 2008.03.07 -
eSafe 7.0.15.0 2008.03.06 -
eTrust-Vet 31.3.5593 2008.03.06 -
[b]Ewido 4.0 2008.03.06 Worm.Brontok.a[/b]
FileAdvisor 1 2008.03.07 -
Fortinet 3.14.0.0 2008.03.07 -
[b]F-Prot 4.4.2.54 2008.03.07 W32/Brontok.C.gen!Eldorado[/b]
F-Secure 6.70.13260.0 2008.03.07 -
[b]Ikarus T3.1.1.20 2008.03.07 Email-Worm.Win32.Brontok.N[/b]
Kaspersky 7.0.0.125 2008.03.07 -
McAfee 5246 2008.03.06 -
Microsoft 1.3301 2008.03.06 -
NOD32v2 2928 2008.03.06 -
Norman 5.80.02 2008.03.06 -
Panda 9.0.0.4 2008.03.06 -
Prevx1 V2 2008.03.07 -
[b]Rising 20.34.32.00 2008.03.06 Worm.Win32.Agent.yxh[/b]
Sophos 4.27.0 2008.03.07 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.07 -
TheHacker 6.2.92.235 2008.03.07 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.06 -
[b]Webwasher-Gateway 6.6.2 2008.03.07 Trojan.Crypt.CFI.Gen[/b][/code]

File size: 81920 bytes
MD5: 22ba17311630376b665361fdc93e9c52
SHA1: f6d27a594dff04a29f48dcab88573e9ec30d7a34
PEiD: -

P.S.
[code]Файл сохранён как 080307_022500_virusinfo_cure_47d0fbdc3e8be.zip
Размер файла 149162
MD5 e563f379b8b783b012b6cd4817fe31e5[/code]

P.P.S. Ответ из вирус-лаба Dr.Web:
[quote]Ваш запрос был проанализирован. Это был разрушенный файл.[/quote]
Ответ из вирлаба ЛК:
[quote]csrss.exe_ - Email-Worm.Win32.Brontok.bp[/quote]
07.03.2008, 22:19
rubin

t=19369

ntos.exe
Файл avz00001.dta получен 2008.03.07 20:10:39 (CET)
[CODE]AhnLab-V3 2008.3.4.0 2008.03.07 -
[B]AntiVir 7.6.0.73 2008.03.07 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.07 -
Avast 4.7.1098.0 2008.03.07 -
AVG 7.5.0.516 2008.03.07 -
[B]BitDefender 7.2 2008.03.07 Trojan.Loader.J[/B]
CAT-QuickHeal 9.50 2008.03.07 -
ClamAV 0.92.1 2008.03.07 -
DrWeb 4.44.0.09170 2008.03.07 -
eSafe 7.0.15.0 2008.03.06 -
eTrust-Vet 31.3.5595 2008.03.07 -
Ewido 4.0 2008.03.07 -
FileAdvisor 1 2008.03.07 -
Fortinet 3.14.0.0 2008.03.07 -
F-Prot 4.4.2.54 2008.03.07 -
[B]F-Secure 6.70.13260.0 2008.03.07 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.03.07 Trojan-Spy.Win32.Zbot.aft[/B]
Kaspersky 7.0.0.125 2008.03.07 -
McAfee 5247 2008.03.07 -
[B]Microsoft 1.3301 2008.03.07 TrojanDownloader:Win32/Agent
NOD32v2 2930 2008.03.07 Win32/Spy.Agent.NFJ[/B]
Norman 5.80.02 2008.03.07 -
[B]Panda 9.0.0.4 2008.03.06 Suspicious file[/B]
Prevx1 V2 2008.03.07 -
Rising 20.34.42.00 2008.03.07 -
Sophos 4.27.0 2008.03.07 -
Sunbelt 3.0.930.0 2008.03.05 -
TheHacker 6.2.92.236 2008.03.07 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.07 -
[B]Webwasher-Gateway 6.6.2 2008.03.07 Trojan.Crypt.XPACK.Gen[/B][/code]

base*.dll
Файл avz00004.dta получен 2008.03.07 20:10:40 (CET)
[CODE]AhnLab-V3 2008.3.4.0 2008.03.07 -
[B]AntiVir 7.6.0.73 2008.03.07 HEUR/Crypted[/B]
Authentium 4.93.8 2008.03.07 -
Avast 4.7.1098.0 2008.03.07 -
AVG 7.5.0.516 2008.03.07 -
[B]BitDefender 7.2 2008.03.07 Trojan.Agent.AGKK[/B]
CAT-QuickHeal 9.50 2008.03.07 -
ClamAV 0.92.1 2008.03.07 -
DrWeb 4.44.0.09170 2008.03.07 -
eSafe 7.0.15.0 2008.03.06 -
eTrust-Vet 31.3.5595 2008.03.07 -
Ewido 4.0 2008.03.07 -
FileAdvisor 1 2008.03.07 -
Fortinet 3.14.0.0 2008.03.07 -
F-Prot 4.4.2.54 2008.03.07 -
F-Secure 6.70.13260.0 2008.03.07 -
Ikarus T3.1.1.20 2008.03.07 -
Kaspersky 7.0.0.125 2008.03.07 -
McAfee 5247 2008.03.07 -
Microsoft 1.3301 2008.03.07 -
NOD32v2 2930 2008.03.07 -
Norman 5.80.02 2008.03.07 -
[B]Panda 9.0.0.4 2008.03.06 Suspicious file
Prevx1 V2 2008.03.07 Generic.Malware[/B]
Rising 20.34.42.00 2008.03.07 -
Sophos 4.27.0 2008.03.07 -
Sunbelt 3.0.930.0 2008.03.05 -
TheHacker 6.2.92.236 2008.03.07 -
VBA32 3.12.6.2 2008.03.05 -
[B]VirusBuster 4.3.26:9 2008.03.07 Trojan.DL.BServ.Gen
Webwasher-Gateway 6.6.2 2008.03.07 Heuristic.Crypted[/B][/CODE]
File size: 24576 bytes
MD5: 73d9aebc5d241ba04fc5ffbac27cc365
SHA1: ddd1ed6f52ea9181217d4084a3e504cd3c794bbb
PEiD: -
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=8AA4F30C0080419B60690057B8827A0054134F9C[/url]
10.03.2008, 12:38
Karlson

[CENTER][COLOR=#333333][FONT=Helvetica]Файл [B]Install_exe.vir[/B] получен [B]2008.03.10 09:33:21 (CET)[/B][/FONT][/COLOR]

[FONT=Helvetica][COLOR=#333333]Текущий статус: Загрузка ... [/COLOR][/FONT][B][COLOR=black][FONT=Helvetica]закончено[/FONT][/COLOR][/B][/CENTER]

[CENTER][COLOR=black][FONT=Helvetica]Результат: [/FONT][/COLOR][B][COLOR=red][FONT=Helvetica]11[/FONT][/COLOR][/B][COLOR=red][FONT=Helvetica][B][COLOR=black][FONT=Helvetica]/32 (34.38%)[/FONT][/COLOR][/B][/FONT][/COLOR][/CENTER]

[code]Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.4.0 2008.03.07 -
[B]AntiVir 7.6.0.73 2008.03.10 TR/Crypt.XDR.Gen[/B]
Authentium 4.93.8 2008.03.07 -
[B]Avast 4.7.1098.0 2008.03.09 Win32:LdPinch-BMA[/B]
AVG 7.5.0.516 2008.03.09 -
[B]BitDefender 7.2 2008.03.10 Trojan.Peed.Gen[/B]
[B]CAT-QuickHeal 9.50 2008.03.08 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.09 -
DrWeb 4.44.0.09170 2008.03.10 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5597 2008.03.07 -
Ewido 4.0 2008.03.09 -
FileAdvisor 1 2008.03.10 -
[B]Fortinet 3.14.0.0 2008.03.10 W32/LdPinch.FVA!tr.pws[/B]
F-Prot 4.4.2.54 2008.03.09 -
[B]F-Secure 6.70.13260.0 2008.03.10 Trojan-PSW.Win32.LdPinch.fva[/B]
[B]Ikarus T3.1.1.20 2008.03.10 Virus.Win32.LdPinch.BMA[/B]
[B]Kaspersky 7.0.0.125 2008.03.10 Trojan-PSW.Win32.LdPinch.fva[/B]
McAfee 5247 2008.03.07 -
Microsoft 1.3301 2008.03.07 -
NOD32v2 2933 2008.03.10 -
Norman 5.80.02 2008.03.07 -
[B]Panda 9.0.0.4 2008.03.09 Suspicious file[/B]
Prevx1 V2 2008.03.10 -
Rising 20.35.00.00 2008.03.10 -
Sophos 4.27.0 2008.03.10 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.10 -
TheHacker 6.2.92.239 2008.03.09 -
[B]VBA32 3.12.6.2 2008.03.05 MalwareScope.Trojan-PSW.Pinch.1[/B]
VirusBuster 4.3.26:9 2008.03.09 -
[B]Webwasher-Gateway 6.6.2 2008.03.10 Trojan.Crypt.XDR.Gen[/B]
[/code]
Дополнительная информация
File size: 44032 bytes
MD5: c43b2a91048e8bec446ae274077ff7e7
SHA1: d2831dc30541f06db92115fe3b9223edcf7a6808
PEiD: -

[size="1"][color="#666686"][B][I]Добавлено через 24 минуты[/I][/B][/color][/size]

отковырял при помощи IceSword, другими средствами не смог.
Файл 001.001 получен 2008.03.10 10:14:15 (CET)
Текущий статус: ка закончено
Результат: [COLOR=red]8[/COLOR]/32 (25%)

[code]Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.4.0 2008.03.07 -
[B]AntiVir 7.6.0.73 2008.03.10 TR/Drop.Agent.NBG [/B]
Authentium 4.93.8 2008.03.07 -
Avast 4.7.1098.0 2008.03.09 -
[B]AVG 7.5.0.516 2008.03.09 BackDoor.Ntrootkit.AC [/B]
BitDefender 7.2 2008.03.10 -
CAT-QuickHeal 9.50 2008.03.08 -
ClamAV 0.92.1 2008.03.10 -
DrWeb 4.44.0.09170 2008.03.10 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5597 2008.03.07 -
Ewido 4.0 2008.03.09 -
FileAdvisor 1 2008.03.10 -
Fortinet 3.14.0.0 2008.03.10 -
F-Prot 4.4.2.54 2008.03.09 -
F-Secure 6.70.13260.0 2008.03.10 -
Ikarus T3.1.1.20 2008.03.10 -
Kaspersky 7.0.0.125 2008.03.10 -
McAfee 5247 2008.03.07 -
[B]Microsoft 1.3301 2008.03.07 VirTool:WinNT/Cutwail.F [/B]
[B]NOD32v2 2933 2008.03.10 probably a variant of Win32/Wigon [/B]
Norman 5.80.02 2008.03.07 -
Panda 9.0.0.4 2008.03.09 -
Prevx1 V2 2008.03.10 -
[B]Rising 20.35.00.00 2008.03.10 Trojan.Win32.Undef.dqm [/B]
[B]Sophos 4.27.0 2008.03.10 Mal/Generic-A [/B]
Sunbelt 3.0.930.0 2008.03.05 -
[B]Symantec 10 2008.03.10 Trojan.Pandex[/B]
TheHacker 6.2.92.239 2008.03.09 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.09 -
[B]Webwasher-Gateway 6.6.2 2008.03.10 Trojan.Drop.Agent.NBG[/B] [/code]
Дополнительная информация
File size: 26496 bytes
MD5: ad872a3dbeb7265cd3145292a4d8829c
SHA1: 950d2cee6d5f2159436d93ac8f50e7147c010cfe
PEiD: -

[size="1"][color="#666686"][B][I]Добавлено через 5 минут[/I][/B][/color][/size]

сплошные подозрения..

Файл winfshs.exe получен 2008.03.10 10:20:51 (CET)
Текущий статус: закончено
Результат: 15/32 (46.88%)
[CODE]Результат: 15/32 (46.88%)
Антивирус Версия Обновление Результат
[B]AhnLab-V3 2008.3.4.0 2008.03.07 Win-Trojan/Xema.274944.B
AntiVir 7.6.0.73 2008.03.10 APPL/Tool.EvID4226.A
[/B]Authentium 4.93.8 2008.03.07 -
[B]Avast 4.7.1098.0 2008.03.09 Win32:Trojan-gen {UPX}
[/B]AVG 7.5.0.516 2008.03.09 -
BitDefender 7.2 2008.03.10 -
CAT-QuickHeal 9.50 2008.03.08 -
ClamAV 0.92.1 2008.03.10 -
DrWeb 4.44.0.09170 2008.03.10 -
[B]eSafe 7.0.15.0 2008.03.09 suspicious Trojan/Worm
[/B]eTrust-Vet 31.3.5597 2008.03.07 -
Ewido 4.0 2008.03.09 -
FileAdvisor 1 2008.03.10 -
[B]Fortinet 3.14.0.0 2008.03.10 HackerTool/Evid
[/B]F-Prot 4.4.2.54 2008.03.09 -
[B]F-Secure 6.70.13260.0 2008.03.10 W32/Malware.BNIW
[/B]Ikarus T3.1.1.20 2008.03.10 -
Kaspersky 7.0.0.125 2008.03.10 -
[B]McAfee 5247 2008.03.07 potentially unwanted program Tool-Evid
[/B]Microsoft 1.3301 2008.03.07 -
[B]NOD32v2 2933 2008.03.10 Win32/Tool.EvID4226
Norman 5.80.02 2008.03.07 W32/Malware.BNIW
Panda 9.0.0.4 2008.03.09 Suspicious file
Prevx1 V2 2008.03.10 Win32.Malware.gen
[/B]Rising 20.35.00.00 2008.03.10 -
[B]Sophos 4.27.0 2008.03.10 EvID4226 Installer
[/B]Sunbelt 3.0.930.0 2008.03.05 -
[B]Symantec 10 2008.03.10 Backdoor.Trojan
[/B]TheHacker 6.2.92.239 2008.03.09 -
VBA32 3.12.6.2 2008.03.05 -
[B]VirusBuster 4.3.26:9 2008.03.09 RiskWare.DR.TCPIPPatcher.B
Webwasher-Gateway 6.6.2 2008.03.10 Riskware.Tool.EvID4226.A
[/B][/CODE]
Дополнительная информация
File size: 45568 bytes
MD5: a5e346828cd93262e9a9b4b874f29b89
SHA1: 4c1ba5e828f99edafcf5130e81020f09919d7fd4
PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: [URL]http://info.prevx.com/aboutprogramtext.asp?PX5=9AAF1B3400D51C18B205004A83DE0100A3785025[/URL]
10.03.2008, 14:54
Биомеханик

[url]http://www.virustotal.com/analisis/8121566d4488e6f0561d02154468bea9[/url]
[CODE]AhnLab-V3 2008.3.4.0 2008.03.10 -
AntiVir 7.6.0.73 2008.03.10 -
Authentium 4.93.8 2008.03.07 -
Avast 4.7.1098.0 2008.03.09 -
AVG 7.5.0.516 2008.03.09 -
BitDefender 7.2 2008.03.10 -
[B]CAT-QuickHeal 9.50 2008.03.08 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.03.10 PUA.Packed.UPack-2
eSafe 7.0.15.0 2008.03.09 Suspicious File [/B]
eTrust-Vet 31.3.5597 2008.03.07 -
Ewido 4.0 2008.03.09 -
FileAdvisor 1 2008.03.10 -
Fortinet 3.14.0.0 2008.03.10 -
[B]F-Prot 4.4.2.54 2008.03.09 W32/Heuristic-162!Eldorado [/B]
F-Secure 6.70.13260.0 2008.03.10 -
[B]Ikarus T3.1.1.20 2008.03.10 Trojan-Downloader.Win32.Zlob.and [/B]
Kaspersky 7.0.0.125 2008.03.10 -
McAfee 5247 2008.03.07 -
Microsoft 1.3301 2008.03.07 -
NOD32v2 2934 2008.03.10 -
Norman 5.80.02 2008.03.07 -
[B]Panda 9.0.0.4 2008.03.09 Suspicious file [/B]
Prevx1 V2 2008.03.10 -
Rising 20.35.02.00 2008.03.10 -
[B]Sophos 4.27.0 2008.03.10 Mal/Packer
Sunbelt 3.0.930.0 2008.03.05 VIPRE.Suspicious [/B]
Symantec 10 2008.03.10 -
[B]TheHacker 6.2.92.239 2008.03.09 W32/Behav-Heuristic-060 [/B]
VBA32 3.12.6.2 2008.03.05 -
[B]VirusBuster 4.3.26:9 2008.03.09 Packed/Upack [/B]
[B]Webwasher-Gateway 6.6.2 2008.03.10 Win32.Malware.gen (suspicious)[/B] [/CODE]

[url]http://www.virustotal.com/analisis/b035642ed15bf28dbfdaf9e760f8ff38[/url]
[CODE]AhnLab-V3 2008.3.4.0 2008.03.10 -
AntiVir 7.6.0.73 2008.03.10 -
Authentium 4.93.8 2008.03.07 -
Avast 4.7.1098.0 2008.03.09 -
AVG 7.5.0.516 2008.03.09 -
BitDefender 7.2 2008.03.10 -
[B]CAT-QuickHeal 9.50 2008.03.08 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.03.10 PUA.Packed.UPack-2 [/B]
DrWeb 4.44.0.09170 2008.03.10 -
eTrust-Vet 31.3.5597 2008.03.07 -
Ewido 4.0 2008.03.09 -
FileAdvisor 1 2008.03.10 -
Fortinet 3.14.0.0 2008.03.10 -
[B]F-Prot 4.4.2.54 2008.03.09 W32/Heuristic-162!Eldorado[/B]
F-Secure 6.70.13260.0 2008.03.10 -
Ikarus T3.1.1.20 2008.03.10 -
Kaspersky 7.0.0.125 2008.03.10 -
[B]McAfee 5247 2008.03.07 New Malware.aj [/B]
Microsoft 1.3301 2008.03.07 -
NOD32v2 2934 2008.03.10 -
Norman 5.80.02 2008.03.07 -
[B]Panda 9.0.0.4 2008.03.09 Suspicious file [/B]
Prevx1 V2 2008.03.10 -
Rising 20.35.02.00 2008.03.10 -
[B]Sophos 4.27.0 2008.03.10 Mal/Heuri-D
Sunbelt 3.0.930.0 2008.03.05 VIPRE.Suspicious [/B]
Symantec 10 2008.03.10 -
[B]TheHacker 6.2.92.239 2008.03.09 W32/Behav-Heuristic-060 [/B]
VBA32 3.12.6.2 2008.03.05 -
[B]VirusBuster 4.3.26:9 2008.03.09 Packed/Upack
Webwasher-Gateway 6.6.2 2008.03.10 Win32.Malware.gen (suspicious)[/B][/CODE]
12.03.2008, 10:02
Karlson

setupapi.dll в папке IE

Файл avz00001.dta получен 2008.03.12 00:16:40 (CET)
Текущий статус: закончено
Результат: 7/32 (21.88%)
[CODE]
Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.12.0 2008.03.11 -
[B]AntiVir 7.6.0.73 2008.03.11 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2008.03.11 -
[B]Avast 4.7.1098.0 2008.03.11 Win32:Trojan-gen {Other}
AVG 7.5.0.516 2008.03.11 Dropper.Delf.ABC[/B]
BitDefender 7.2 2008.03.11 -
CAT-QuickHeal 9.50 2008.03.10 -
ClamAV 0.92.1 2008.03.11 -
[B]DrWeb 4.44.0.09170 2008.03.11 Trojan.Proxy.2240[/B]
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5607 2008.03.11 -
[B]Ewido 4.0 2008.03.11 Downloader.Small.fah [/B]
FileAdvisor 1 2008.03.12 -
Fortinet 3.14.0.0 2008.03.11 -
F-Prot 4.4.2.54 2008.03.11 -
F-Secure 6.70.13260.0 2008.03.11 -
Ikarus T3.1.1.20 2008.03.11 -
Kaspersky 7.0.0.125 2008.03.11 -
McAfee 5249 2008.03.11 -
Microsoft 1.3301 2008.03.10 -
NOD32v2 2938 2008.03.11 -
Norman 5.80.02 2008.03.11 -
Panda 9.0.0.4 2008.03.11 -
Prevx1 V2 2008.03.12 -
Rising 20.35.12.00 2008.03.11 -
Sophos 4.27.0 2008.03.11 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.11 -
TheHacker 6.2.92.241 2008.03.11 -
[B]VBA32 3.12.6.2 2008.03.05 Trojan-Downloader.Win32.Agent.fny[/B]
VirusBuster 4.3.26:9 2008.03.11 -
[B]Webwasher-Gateway 6.6.2 2008.03.11 Trojan.Crypt.XPACK.Gen[/B] [/CODE]

Дополнительная информация
File size: 22016 bytes
MD5: 27da7393c655677b7ee8348f35a759c0
SHA1: 8b7ad74791defa90c69c677c97d09c62f7b3942c
PEiD: -
12.03.2008, 18:26
Kuzz

[CODE]Антивирус Версия Обновление Результат
AhnLab-V3 2008.3.12.0 2008.03.12 -
AntiVir 7.6.0.73 2008.03.12 -
Authentium 4.93.8 2008.03.11 -
Avast 4.7.1098.0 2008.03.11 -
AVG 7.5.0.516 2008.03.12 -
BitDefender 7.2 2008.03.12 -
[B]CAT-QuickHeal 9.50 2008.03.10 (Suspicious) - DNAScan[/B]
ClamAV 0.92.1 2008.03.12 -
DrWeb 4.44.0.09170 2008.03.12 -
[B]eSafe 7.0.15.0 2008.03.09 Suspicious File[/B]
eTrust-Vet 31.3.5608 2008.03.12 -
Ewido 4.0 2008.03.12 -
FileAdvisor 1 2008.03.12 -
Fortinet 3.14.0.0 2008.03.12 -
F-Prot 4.4.2.54 2008.03.11 -
[B]F-Secure 6.70.13260.0 2008.03.12 Trojan-Downloader.Win32.Agent.lbg[/B]
Ikarus T3.1.1.20 2008.03.12 -
[B]Kaspersky 7.0.0.125 2008.03.12 Trojan-Downloader.Win32.Agent.lbg[/B]
McAfee 5249 2008.03.11 -
Microsoft 1.3301 2008.03.12 -
NOD32v2 2941 2008.03.12 -
Norman 5.80.02 2008.03.11 -
Panda 9.0.0.4 2008.03.12 -
Prevx1 V2 2008.03.12 -
Rising 20.35.22.00 2008.03.12 -
Sophos 4.27.0 2008.03.12 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.12 -
TheHacker 6.2.92.243 2008.03.12 -
VBA32 3.12.6.2 2008.03.05 -
[B]VirusBuster 4.3.26:9 2008.03.12 Trojan.DL.Zlob.Gen!Pac.46[/B]
Webwasher-Gateway 6.6.2 2008.03.12 -
Дополнительная информация
File size: 62976 bytes
MD5: 44626092824a48ab50c3f7fb9fccfa69
SHA1: d0c908703cf0d039dcdf0f13219c812cf0483881[/CODE]

Показывать 40 сообщений этой темы на одной странице