�� esetnod32.ru [��: win32/Dorkbot.B]

win32/Dorkbot.B

Thu, 22 Dec 2011 06:10:28 +0400

win32/Dorkbot.B � �� .
�� ,
22.12.2011 06:10:28, santy.

win32/Dorkbot.B

Thu, 22 Dec 2011 05:45:12 +0400

win32/Dorkbot.B � �� .
� ��, ��, ��?
22.12.2011 05:45:12, anasta_sia.

win32/Dorkbot.B

Wed, 21 Dec 2011 20:49:23 +0400

win32/Dorkbot.B � �� .
anasta_sia,
�� ,
��
http://forum.esetnod32.ru/forum9/topic751/
21.12.2011 20:49:23, santy.

win32/Dorkbot.B

Wed, 21 Dec 2011 20:41:09 +0400

win32/Dorkbot.B � �� .
�� !
21.12.2011 20:41:09, anasta_sia.

win32/Dorkbot.B

Wed, 21 Dec 2011 03:13:17 +0400

win32/Dorkbot.B � �� .
�� . ��
21.12.2011 03:13:17, ��.

win32/Dorkbot.B

Wed, 21 Dec 2011 02:54:58 +0400

win32/Dorkbot.B � �� .
��

Malware �� ?
eScan ��, �� Nod �� .
mbam-log-2011-12-21 (01-48-39).txt
21.12.2011 02:54:58, anasta_sia.

win32/Dorkbot.B

Wed, 21 Dec 2011 02:24:59 +0400

win32/Dorkbot.B � �� .
�� . ��
21.12.2011 02:24:59, ��.

win32/Dorkbot.B

Wed, 21 Dec 2011 01:48:21 +0400

win32/Dorkbot.B � �� .

====quote====
santy ��:
eScan Internet Security � �� ? �� : ��, ��, ��? �� ESET NOD32.
=============

�� , �� . �� .

�� , ��, �� , �� (
mbam-log-2011-12-21 (00-44-33).txt
21.12.2011 01:48:21, anasta_sia.

win32/Dorkbot.B

Mon, 19 Dec 2011 05:39:20 +0400

win32/Dorkbot.B � �� .
eScan Internet Security � �� ? �� : ��, ��, ��? �� ESET NOD32.
19.12.2011 05:39:20, santy.

win32/Dorkbot.B

Sun, 18 Dec 2011 20:41:48 +0400

win32/Dorkbot.B � �� .
�� uVS �� , �� �� - �� 
�� :
�� , �� !
====code====

;uVS v3.73 script [http://dsrt.dyndns.org]

; D:\DOCUMENTS AND SETTINGS\DEFAULT USER\RARSFX2\BARSETUP.EXE
addsgn 9252775A116AC1CC0B84554E334BDFFACE9A6C66196A8FE80FC583345791709756104849BDBB6158F0F26927471649FA7C049D75DEC433C2D1667F3E0707F900 16 Trojan/Downloader.AutoIt.e [TheHacker]

zoo %SystemDrive%\DOCUMENTS AND SETTINGS\DEFAULT USER\RARSFX2\BARSETUP.EXE
delall %SystemDrive%\DOCUMENTS AND SETTINGS\DEFAULT USER\RARSFX2\BARSETUP.EXE
regt 1
regt 2
regt 3
regt 13
regt 12
regt 18
regt 17
deltmp
delnfr
czoo
restart

=============
� �� ��. �� .
� �� UVS �� \�� (�� ) - �� sendvirus2011@gmail.com
� �� Malwarebytes
18.12.2011 20:41:48, ��.

win32/Dorkbot.B

Sun, 18 Dec 2011 20:34:26 +0400

win32/Dorkbot.B � �� .
� �� .

�� , �� !

��
MICROSOF-C415FB_2011-12-18_18-55-54.rar
18.12.2011 20:34:26, anasta_sia.

win32/Dorkbot.B

Sat, 17 Dec 2011 00:25:42 +0400

win32/Dorkbot.B � �� .
��
17.12.2011 00:25:42, ��.

win32/Dorkbot.B

Sat, 17 Dec 2011 00:11:01 +0400

win32/Dorkbot.B � �� .
�� , �� . �� , �� . �� , �� Nod32 � �� . ��, �� ?

��: �� , �� , �� -�� )
17.12.2011 00:11:01, anasta_sia.

win32/Dorkbot.B

Fri, 16 Dec 2011 22:53:34 +0400

win32/Dorkbot.B � �� .
��
�� uVS �� , �� �� - �� 
�� :
�� , �� !
====code====

;uVS v3.73 script [http://dsrt.dyndns.org]

; D:\DOCUMENTS AND SETTINGS\ADMIN\START MENU\PROGRAMS\STARTUP\STEPX2.EXE
addsgn 1A0F8965AA598C225B84FE59DAE31205E6DCAB7DF5DE13F374480A356E3EA1EBDCE84A1136DCCB45A00798934616C0BC6D8063B40B18B42CA6B62F274C563248 16 Vir
; D:\DOCUMENTS AND SETTINGS\ADMIN\START MENU\PROGRAMS\STARTUP\TASKMGRSX.EXE
addsgn A7679BF0AA02DCE24AD4C651E8891261848AFCF689AA7BF1A0C3C5BC50559D24704194DE5BBDAE92A2DD78F544E95CD6ED9EE82BD6D764906C775BACCADE9E32 32 AutoRun.Injector
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\START MENU\PROGRAMS\STARTUP\TASKMGRSX.EXE
bl 3D0FB1FAB61BE9B7E7ADF51ED08558E0 360448
bl 0764BEF5D967DCE3784E18D204BB90E6 348530
delall %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\START MENU\PROGRAMS\STARTUP\STEPX2.EXE
delall %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\START MENU\PROGRAMS\STARTUP\TASKMGRSX.EXE
; D:\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\8.EXE
addsgn A7679BF0AA023C124BD4C6B135881261848AFCF689AA7BF1A0C3C5BC50559D24704194DE5BBDAE92A2DD78F544E95CB61D9FE82BD6D744586D775BACCAFE5633 16 AutoRun.Injector
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\8.EXE
; D:\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\9.EXE
addsgn A7679BF0AA02CCC24AD4C671C1891261848AFCF689AA7BF1A0C3C5BC50559D24704194DE5BBDAE92A2DD78F544E95CD2CD9EE82BD6D714CC6C775BACCAAEC232 16 AutoRun.Injector
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\9.EXE
; D:\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\XKLGLD.EXE
addsgn A7679BF0AA021C074DD4C659268C1261848AFCF689AA7BF1A0C3C5BC50559D6C704194DE5BBD1E2CD780EE9EB903D5E83BDFB1F158D201642D882722CBB76A73 32 BitCoinMiner
; D:\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\REGSRV64.EXE
addsgn 9A3C62DA5582BC8DF42BAEB164C81205158AFCF6B1FA1F7885C3C5BC8293EF5BBC08251EAFEEEF2A8BD16FAE461649FA7DDFE97255DA9809045AD207A3695612 16 Trojan-Downloader
; D:\WINDOWS\TEMP\X30811.EXE
zoo %SystemRoot%\TEMP\X30811.EXE
delall %SystemRoot%\TEMP\X30811.EXE
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\REGSRV64.EXE
delref %SystemDrive%\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\MJLGLS.EXE
chklst
delvir
delref HTTP://WWW.MAIL.RU/CNT/5087
regt 2
regt 3
regt 1
regt 13
regt 14
regt 12
regt 18
regt 17
czoo
deltmp
delnfr
restart

=============
� �� ��. �� .
� �� UVS �� \�� - �� sendvirus2011@gmail.com
�� Malwarebytes � ��
16.12.2011 22:53:34, ��.

win32/Dorkbot.B

Fri, 16 Dec 2011 22:33:27 +0400

win32/Dorkbot.B � �� .
��, �� 15 �� .
16.12.2011 22:33:27, anasta_sia.

win32/Dorkbot.B

Fri, 16 Dec 2011 22:29:05 +0400

win32/Dorkbot.B � �� .
� �� , �� . �� , �� , �� !
MICROSOF-C415FB_2011-12-16_20-54-00.rar
16.12.2011 22:29:05, anasta_sia.

����� esetnod32.ru [����: win32/Dorkbot.B]

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

win32/Dorkbot.B

�� esetnod32.ru [��: win32/Dorkbot.B]