Цитата:
Тут бабка на двое сказала...[more=Пример]Здравствуйте,
123.exe - Trojan-PSW.Win32.LdPinch.apf,
Builder.exe - VirTool.Win32.LdPinch.i,
Builder.exe - Trojan-PSW.Win32.LdPinch.ang,
Crypt.exe - Trojan-PSW.Win32.LdPinch.uo,
Hooker.dll - Trojan-PSW.Win32.LdPinch.om,
Parser2.exe, Parser2.exe, Parser2.exe, Parser2.exe - VirTool.Win32.LdPinch.o,
Pinch Builder (mail).exe, pinch3 Builder.exe - Trojan-PSW.Win32.LdPinch.beo,
Pinch Builder (gate).exe, Pinch 3 Builder (gate).exe - Trojan-PSW.Win32.LdPinch.bjx,
SBILDER.EXE - Trojan-PSW.Win32.LdPinch.cds,
editor.exe - Constructor.Win32.Agent.an,
Pinch.exe - Trojan-PSW.Win32.LdPinch.cal,
ParserX.exe, ParserX.exe - Trojan-PSW.Win32.PdPinch.bn,
Xinch.exe - Trojan-PSW.Win32.LdPinch.sh,
Hooker.dll, Hooker.dll - Trojan-PSW.Win32.LdPinch.adu,
Crypt.exe, Crypt.exe - VirTool.Win32.LdPinch.l,
xfile.exe - Trojan-PSW.Win32.LdPinch.agy
Эти файлы определяются антивирусом. Обновите антивирусные базы.
PRO-HACK.RU.txt, readme.txt, CVTRES.EXE, cw3220mt.dll, EncodeToDb.exe, FSG.exe, FSG.INI, LINK.EXE, mew11.exe, ML.EXE, MSPDB50.DLL, msvcr80.dll, rc.exe, rcdll.dll, upx.exe, advapi32.inc, aplib.inc, gdi32.inc, kernel32.inc, masm32.inc, oaidl.inc, ole32.inc, oleaut32.inc, Pinch.Inc, rasapi32.inc, shell32.inc, shlwapi.inc, urlmon.inc, user32.inc, WINDOWS.INC, wininet.inc, ws2_32.inc, wsock32.inc, ADVAPI32.LIB, aplib.lib, gdi32.lib, KERNEL32.LIB, MASM32.lib, ntdll.lib, OLE32.LIB, OLEAUT32.LIB, RASAPI32.LIB, S1hell32.Lib, Shell32.Lib, shlwapi.lib, urlmon.lib, USER32.LIB, wininet.lib, ws2_32.lib, WSOCK32.LIB, actaftertime.asm, attach.asm, bypasFW.asm, checksize.asm, Console.asm, DLLautorun.asm, down.asm, Findfile.asm, GetCommand.asm, GetCoаmmand.asm, HYWK.asm, iegrab.asm, KeyLog.asm, killproc.asm, phpnotify.asm, Proxy.asm, screencap.asm, SelfDelete.asm, Service.asm, socks.asm, StopSVC.asm, TrojLayer.asm, tz.asm, Upd.asm, Xor.asm, Adler32.asm, KeyLog.asm, keylog.bat, KeyLog.def, analftp.inc, Commands.asm, CProcs.asm, DTPCommands.asm, DTPConnections.asm, ftp.asm, Autorun.inc, cap.inc, cap2.inc, cvs.inc, favorits.inc, Hooker.inc, ieh.inc, proc.inc, sites.inc, svc.inc, Bot.asm, httpd.asm, install.asm, irc.asm, procedures.asm, scanner.asm, shell.asm, socks4.asm, threads.asm, FILE.asm, HTTP.asm, SMTP.asm, &RQ.asm, 99b-2002a.asm, Becky.asm, CuteFTP.asm, EDialer.asm, FAR.asm, ICQ2003.asm, Miranda.asm, Mozilla.asm, Opera.asm, Pack.asm, PStorage.asm, RAS.asm, SysInf.asm, SysInfo.asm, TheBat.asm, Trillian.asm, WS_FTP.asm, WTC.asm, CPL.asm, CplStub.inc, DNS.asm, EmailScanner.asm, HDDScanner.asm, mf.inc, Network.asm, PassGen.asm, SMTPMessage.asm, StartUp.asm, Stream.asm, Utils.asm, ZIP.asm, Autorun.asm, Autorun.def, build.bat, dll.asm, err.txt, Options.inc, Pinch.Asm, rsrc.rc, SEH.asm, undelete.asm, utils.asm, Копия Pinch.Asm, ConfVer.ini, proc.ini, setup.ini, ConfVer.ini, setup.ini, mail.php, CVTRES.EXE, cw3220mt.dll, EncodeToDb.exe, FSG.exe, FSG.INI, LINK.EXE, mew11.exe, ML.EXE, MSPDB50.DLL, msvcr80.dll, rc.exe, rcdll.dll, upx.exe, advapi32.inc, aplib.inc, gdi32.inc, kernel32.inc, masm32.inc, oaidl.inc, ole32.inc, oleaut32.inc, Pinch.Inc, rasapi32.inc, shell32.inc, shlwapi.inc, urlmon.inc, user32.inc, WINDOWS.INC, wininet.inc, ws2_32.inc, wsock32.inc, ADVAPI32.LIB, aplib.lib, gdi32.lib, KERNEL32.LIB, MASM32.lib, ntdll.lib, OLE32.LIB, OLEAUT32.LIB, RASAPI32.LIB, S1hell32.Lib, Shell32.Lib, shlwapi.lib, urlmon.lib, USER32.LIB, wininet.lib, ws2_32.lib, WSOCK32.LIB, actaftertime.asm, attach.asm, bypasFW.asm, checksize.asm, Console.asm, DLLautorun.asm, down.asm, Findfile.asm, GetCommand.asm, GetCoаmmand.asm, HYWK.asm, iegrab.asm, KeyLog.asm, killproc.asm, phpnotify.asm, Proxy.asm, screencap.asm, SelfDelete.asm, Service.asm, socks.asm, StopSVC.asm, TrojLayer.asm, tz.asm, Upd.asm, Xor.asm, Adler32.asm, KeyLog.asm, keylog.bat, KeyLog.def, analftp.inc, Commands.asm, CProcs.asm, DTPCommands.asm, DTPConnections.asm, ftp.asm, Autorun.inc, cap.inc, cap2.inc, cvs.inc, favorits.inc, Hooker.inc, ieh.inc, proc.inc, sites.inc, svc.inc, Bot.asm, httpd.asm, install.asm, irc.asm, procedures.asm, scanner.asm, shell.asm, socks4.asm, threads.asm, FILE.asm, HTTP.asm, SMTP.asm, &RQ.asm, 99b-2002a.asm, Becky.asm, CuteFTP.asm, EDialer.asm, FAR.asm, ICQ2003.asm, Miranda.asm, Mozilla.asm, Opera.asm, Pack.asm, PStorage.asm, RAS.asm, SysInf.asm, SysInfo.asm, TheBat.asm, Trillian.asm, WS_FTP.asm, WTC.asm, CPL.asm, CplStub.asm, CplStub.inc, DNS.asm, EmailScanner.asm, HashTable.asm, HDDScanner.asm, HTA.asm, mf.inc, Network.asm, PassGen.asm, PEInfector.asm, PVG.asm, SMTPClient.asm, SMTPMessage.asm, SMTPThread.asm, StartUp.asm, Stream.asm, Utils.asm, VBS.asm, ZIP.asm, Autorun.asm, Autorun.def, build.bat, dll.asm, err.txt, Options.inc, Pinch.Asm, rsrc.rc, SEH.asm, undelete.asm, utils.asm, Копия Pinch.Asm, ConfVer.ini, proc.ini, setup.ini, ConfVer.ini, setup.ini, lzma.exe, PEC2.exe, pec2codec_aplib.dll, pec2codec_brieflz.dll, pec2codec_copy.dll, pec2codec_crc32.dll, pec2codec_ffce.dll, pec2codec_inv.dll, pec2codec_jcalg1.dll, pec2codec_lzma.dll, pec2codec_messagebox.dll, pec2codec_password.dll, pec2ldr_default.dll, filelist.php, gate.php, ReadMe.txt, lzma.exe, PEC2.exe, pec2codec_aplib.dll, pec2codec_brieflz.dll, pec2codec_copy.dll, pec2codec_crc32.dll, pec2codec_ffce.dll, pec2codec_inv.dll, pec2codec_jcalg1.dll, pec2codec_lzma.dll, pec2codec_messagebox.dll, pec2codec_password.dll, pec2ldr_default.dll, filelist.php, gate.php, ReadMe.txt, lzma.exe, PEC2.exe, pec2codec_aplib.dll, pec2codec_brieflz.dll, pec2codec_copy.dll, pec2codec_crc32.dll, pec2codec_ffce.dll, pec2codec_inv.dll, pec2codec_jcalg1.dll, pec2codec_lzma.dll, pec2codec_lzma2.dll, pec2codec_messagebox.dll, pec2codec_password.dll, pec2ldr_default.dll, gate.php, lzma.exe, PEC2.exe, pec2codec_aplib.dll, pec2codec_brieflz.dll, pec2codec_copy.dll, pec2codec_crc32.dll, pec2codec_ffce.dll, pec2codec_inv.dll, pec2codec_jcalg1.dll, pec2codec_lzma.dll, pec2codec_lzma2.dll, pec2codec_messagebox.dll, pec2codec_password.dll, pec2ldr_default.dll, lzma.dll, spack.exe, pinch.html, pinch.php, pinch.sql, readme.txt, Project1.exe, BuilderX.exe, log.txt, mail.php, ocm15.bin, randhtml.cgi, reg.key, [1].DS_Store, db.dat, db.idx, base.eml, inbase.php, infile.php, infile2.php, mail.php, mail2.php, ReadMe.txt, telnet.exe, dll.rar, Xinch.Asm, Autorun.inc, DLLautorun.asm, runnormal.asm, Service.asm, analftp.inc, Bot.asm, Commands.asm, Console.asm, CProcs.asm, DTPCommands.asm, DTPConnections.asm, ftp.asm, httpd.asm, install.asm, irc.asm, procedures.asm, scanner.asm, shell.asm, socks4.asm, threads.asm, brcc32.exe, CVTRES.EXE, cw3220mt.dll, EncodeToDb.exe, LINK.EXE, ML.ERR, ML.EXE, MSPDB50.DLL, msvcr80.dll, rc.exe, rcdll.dll, Adler32.asm, KeyLog.asm, keylog.bat, KeyLog.def, HYWK.asm, iegrab.asm, ieh.inc, screencap.asm, actaftertime.asm, attach.asm, DelSysFile.asm, downloader.asm, downloader2.asm, Hooker.inc, KeyLog.asm, Reboot.asm, SEH.asm, SelfDelete.asm, UnderFW.asm, Upd.asm, favorits.asm, hosts.asm, sites.asm, advapi32.inc, aplib.inc, gdi32.inc, kernel32.inc, masm32.inc, oaidl.inc, ole32.inc, oleaut32.inc, rasapi32.inc, shell32.inc, shlwapi.inc, urlmon.inc, user32.inc, WINDOWS.INC, wininet.inc, ws2_32.inc, wsock32.inc, Xinch.Inc, delautor.asm, killproc.asm, proc.inc, stopService.asm, svc.inc, ADVAPI32.LIB, aplib.lib, gdi32.lib, KERNEL32.LIB, masm32.lib, ntdll.lib, OLE32.LIB, OLEAUT32.LIB, RASAPI32.LIB, S1hell32.Lib, SHELL32.LIB, shlwapi.lib, urlmon.lib, USER32.LIB, wininet.lib, ws2_32.lib, WSOCK32.LIB, GetCommand.asm, phpnotify.asm, Proxy.asm, socks.asm, FSG1.EXE, FSG2.EXE, mew11.exe, UPX.EXE, &RQ.asm, 99b-2002a.asm, Becky.asm, checksize.asm, CuteFTP.asm, EDialer.asm, FAR.asm, ICQ2003.asm, Miranda.asm, Mozilla.asm, Opera.asm, Pack.asm, PStorage.asm, RAS.asm, SysInf.asm, SysInfo.asm, TheBat.asm, Trillian.asm, WS_FTP.asm, WTC.asm, Xor.asm, FILE.asm, HTTP.asm, SMTP.asm, Project1.exe, BuilderX.exe, License.txt, log.txt, ocm15.bin, randhtml.cgi, reg.key, status.txt, Versions.doc, [1].DS_Store, db.dat, db.idx, base.eml, inbase.php, infile.php, infile2.php, mail.php, mail2.php, ReadMe.txt, telnet.exe, dll.rar, Xinch.Asm, Autorun.inc, DLLautorun.asm, runnormal.asm, Service.asm, analftp.inc, Bot.asm, Commands.asm, Console.asm, CProcs.asm, DTPCommands.asm, DTPConnections.asm, ftp.asm, httpd.asm, install.asm, irc.asm, procedures.asm, scanner.asm, shell.asm, socks4.asm, threads.asm, brcc32.exe, CVTRES.EXE, cw3220mt.dll, EncodeToDb.exe, LINK.EXE, ML.ERR, ML.EXE, MSPDB50.DLL, msvcr80.dll, rc.exe, rcdll.dll, Adler32.asm, KeyLog.asm, keylog.bat, KeyLog.def, HYWK.asm, iegrab.asm, ieh.inc, screencap.asm, actaftertime.asm, attach.asm, DelSysFile.asm, downloader.asm, downloader2.asm, Hooker.inc, KeyLog.asm, Reboot.asm, SEH.asm, SelfDelete.asm, UnderFW.asm, Upd.asm, favorits.asm, hosts.asm, sites.asm, advapi32.inc, aplib.inc, gdi32.inc, kernel32.inc, masm32.inc, oaidl.inc, ole32.inc, oleaut32.inc, rasapi32.inc, shell32.inc, shlwapi.inc, urlmon.inc, user32.inc, WINDOWS.INC, wininet.inc, ws2_32.inc, wsock32.inc, Xinch.Inc, delautor.asm, killproc.asm, proc.inc, stopService.asm, svc.inc, ADVAPI32.LIB, aplib.lib, gdi32.lib, KERNEL32.LIB, masm32.lib, ntdll.lib, OLE32.LIB, OLEAUT32.LIB, RASAPI32.LIB, S1hell32.Lib, SHELL32.LIB, shlwapi.lib, urlmon.lib, USER32.LIB, wininet.lib, ws2_32.lib, WSOCK32.LIB, GetCommand.asm, phpnotify.asm, Proxy.asm, socks.asm, FSG1.EXE, FSG2.EXE, mew11.exe, UPX.EXE, &RQ.asm, 99b-2002a.asm, Becky.asm, checksize.asm, CuteFTP.asm, EDialer.asm, FAR.asm, ICQ2003.asm, Miranda.asm, Mozilla.asm, Opera.asm, Pack.asm, PStorage.asm, RAS.asm, SysInf.asm, SysInfo.asm, TheBat.asm, Trillian.asm, WS_FTP.asm, WTC.asm, Xor.asm, FILE.asm, HTTP.asm, SMTP.asm
Вредоносный код в файлах не обнаружен.
favorits.ini, hosts.ini, keys.ini, mf.ini, proc.ini, sites.ini, svc.ini, favorits.ini, hosts.ini, keys.ini, mf.ini, proc.ini, sites.ini, svc.ini, index.php, index.php, index.php, index.php, .ico, .ico
Файлы нулевой длины.
Parser2.exe - VirTool.Win32.LdPinch.r
Детектирование файла будет добавлено в следующее обновление.[/more]Почти всё...