daily something......

[MysteryFCM]

I'd be surprised if they weren't all Est ......... "cleaning up" my arse .....

[SysAdMini]

Detection is rubbish (3/36)

Report from Anubis :

http://anubis.iseclab.org/result.php?taskid=a2867294c98294b4c5be525712d4473a&refresh=1

IAInstall.exe downloads

Code: [Select]

hxxp://ia-install.com/download/InternetAntivirus.exe
http://www.virustotal.com/de/analisis/612efcc0065c050fb49876f6a82f476b

[sowhat-x]

you'll start seeing patterns ---> system_.php,move.html,r.html and several others.

That's why I said... 

"Whatever the case,all of the following are open dirs,
so you can examine directories/scripts contained there at will..."

And there's even more crap planted there per occasion except from the above patterns,
but I didn't had the patience to try following them over...

go-scan-pc.com
scan-ia.com

= ESTDOMAINS

KOKACH !!

(UPolyX v0.5 packed according to UE);

At least at a first glance,it seems to be a home-made protection,but I may be wrong on this...
it's been years since I had checked UPolyX...maybe I should so again 

[lanvin]

Code: [Select]

http://stat.antivirusxp08.net/download/AntivirusXP2008Installer.exe
http://fwt.txdnl.com/4-10/j/a/jacklinda1/videos2008.exe
http://fwt.txdnl.com/5-10/v/i/videoshowww/You_tube_play.exe
http://fwt.txdnl.com/6-10/d/o/downloadflash/svchostss.exe
http://fwt.txdnl.com/6-30/p/h/phongcan/girlvietvip.jpg


[sowhat-x]

I agree,the thread here has already got messy...and it's my fault.
I'll edit/move the haitou.php links I've posted in a new thread...

[lanvin]

nice discussion

[sowhat-x]

Lol! 

[SysAdMini]

nice discussion

I'm sorry. This was your thread. We have messed it up.

[CM_MWR]

Blame it on TJS 

[tjs]

lol

[lanvin]

Code: [Select]

http://www.mastercrew.xpg.com.br/CPF.jpg    5.4M
http://dd7.tesekl.info/net.exe
http://trabalho01.pisem.su/imglog.jpg    2.7M
http://greg-search.com/G7/control.exe
http://novotempo01.sites.uol.com.br/nega.jpg 
http://gsnet.front.ru/gm.exe

[JohnC]

Thank you.

[lanvin]

nice discussion

I'm sorry. This was your thread. We have messed it up.

That's ok:)
Glad to see your discussion

[lanvin]

Code: [Select]

http://bestantivirusscan.com/2009/download/trial/A9installer_880221.exe
http://bestantivirusscan.com/2009/download/trial/A9installer_880658.exe
http://bestantivirusscan.com/2009/download/trial/A9installer_880154.exe
http://bestantivirusscan.com/2009/download/trial/A9installer_880221.exe
http://bestantivirusscan.com/2009/download/trial/A9installer_880658.exe
http://ia-scanonline.com/download/IAInstall.exe

[lanvin]

Code: [Select]

http://enu.v6.update.cab.en.winupdate.com.updatescabensrv70.cn/setup.exe
https://s.aolcdn.com/art/aimindia/aol_india_messenger_6.5.16.2.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_880595.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_77040502.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_880113.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_880181.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_880056.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_77013615.exe
http://onlineprivatescan.com/2009/download/trial/A9installer_77040506.exe
http://fullantivirusscan.com/2009/download/trial/A9installer_880221.exe
http://fullantivirusscan.com/2009/download/trial/A9installer_77071503.exe
http://www.acespy.com/dls/acespy.exe
http://secureclick1.com/2009/download/trial/A9installer_880285.exe
http://secureclick1.com/2009/download/trial/A9installer_880293.exe
http://secureclick1.com/2009/download/trial/A9installer_880488.exe
http://secureclick1.com/2009/download/trial/A9installer_880135.exe
http://secureclick1.com/2009/download/trial/A9installer_880551.exe
http://secureclick1.com/2009/download/trial/A9installer_880705.exe
http://secureclick1.com/2009/download/trial/A9installer_880221.exe
http://ia-scanonline.com/download/IAInstall.exe
http://bestprivatetube.com/cd/519/0/Adobe%20Acrobat%20Pro%207.0%20(Serial).exe
http://bestprivatetube.com/cd/519/0/Active%20Partition%20Recovery%20v3.0.exe
http://bestprivatetube.com/cd/519/0/Zoom%20Search%20Engine%20Professional%20Edition%20v5.1.exe
http://bestprivatetube.com/cd/519/0/Mystery%20P.I.%20The%20Lottery%20Ticket%20v1.0.0.3%20by%20LineZer0.exe
http://personalantispy.com/.ware/js/order.js
http://www.personalantispy.com/.ware/js/order.js
http://bestantivirusscan.com/2009/download/trial/A9installer_880221.exe
http://bestantivirusscan.com/2009/download/trial/A9installer_880658.exe
http://bestantivirusscan.com/2009/download/trial/A9installer_880154.exe
http://stat.antimalware2009.com/download/17/AntiMalware2009Installer.exe
http://stat.antivirusxp08.net/download/AntivirusXP2008Installer.exe
http://theprivatetube.com/cd/219/0/wmcodec_update.exe
http://theprivatetube.com/cd/174/0/wmcodec_update.exe
http://theprivatetube.com/cd/183/0/wmcodec_update.exe
http://theprivatetube.com/cd/83/0/wmcodec_update.exe
http://theprivatetube.com/cd/357/0/wmcodec_update.exe
http://theprivatetube.com/cd/402/0/image_decoder.exe
http://theprivatetube.com/cd/767/0/wmcodec_update.exe
http://theprivatetube.com/cd/519/0/AutoDesk%20AutoCAD%202007.exe
http://softwaredesign6.com/2009/download/trial/A9loader_770522160214.exe
http://prtectionactivescan.com/2009/download/trial/A9loader_770522164720.exe
http://prtectionactivescan.com/2009/download/trial/A9loader_77052201.exe
http://smartantivirusv2.com/soft/sa2009.exe
http://viruslabs2009.com/distrib/1/virlab_install.exe
http://viruslabs2009.com/distrib/1012/virlab_install.exe
http://scanner.microantivirus-2009.com/setup/install_3697_MHwzNnwxMDEwMDAwMDAwfHx8fHx8fHw_.exe
http://scanner.microantivirus-2009.com/setup/install_4887_MHwzNnwxMDAwMDAwMDAwfHx8fHx8fHw_.exe
http://scanner.microantivirus-2009.com/setup/install_4749_MHwzNnwxMDIwMDAwMDAwfHx8fHx8fHw_.exe
http://win-antivirus-2008.com/a/Install.exe
http://scanner.win-antivirus-2008.com/setup/setup_1257_MHwzM3wxMDIwMDAwMDAwfHx8fHx8_.exe
http://up.50db34d5.info/update.gif
http://xh-codec.net/download/crack.Steinberg.Nuendo.3.2.0.1128c3098.exe
http://xh-codec.net/download/crack.Visual.CertExam.Suite.1.9.978c3098.exe
http://xh-codec.net/download/keygen.Nero.8.3.6.0c3098.exe
http://xh-codec.net/download/keygen.Nero.8.3.6.0c3098.exe
http://xh-codec.net/download/keygen.Norton.Internet.Security.2008c3098.exe
http://xh-codec.net/download/keygen.Microsoft.Live.OneCare.2.0c3098.exe
http://xh-codec.net/download/keygen.RealPlayer.11.0.0.446c3098.exe
http://xh-codec.net/download/serial.Microsoft.Live.OneCare.2.0c3098.exe
http://stat.antivirusxp08.net/download/16/AntivirusXP2008Installer.exe
http://stat.antivirusxp08.net/download/AntivirusXP2008Installer.exe
http://www.registrycleanerxp.com/download/setup_rcxp.exe
http://216.12.204.2/softwareclub/sccdc.exe
http://216.12.204.2/softwareclub/scnb.exe
http://216.12.204.2/softwareclub/scdr.exe
http://216.12.204.2/softwareclub/scax.exe
http://216.12.204.2/softwareclub/scnl.exe
http://216.12.204.2/softwareclub/scmp.exe
http://216.12.204.2/softwareclub/sccs.exe
http://216.12.204.2/softwareclub/scsm.exe
http://216.12.204.2/softwareclub/scst.exe
http://216.12.204.2/softwareclub/scaex.exe
http://216.12.204.2/softwareclub/sccc.exe
http://viruslabs2009.com/distrib/1/virlab_install.exe
http://viruslabs2009.com/distrib/1012/virlab_install.exe
http://download.dailykeys.com/files/intellij%20idea%207.0.4.exe
http://download.dailykeys.com/files/animal%20seks%20video.com.exe
http://kpdef8.com/download/rhtools14e.zip
http://ntsecurity.nu/downloads/clearlogs.exe
http://soft.enet.org.cn/kejian/gongju/X-Scan-v3.3-cn.rar
http://downloads.zango.com/zangogames/library/setuplibrary2797.exe
http://downloads.zango.com/zangogames/dvg/setupdavid2365.exe
http://downloads.zango.com/zangogames/chamber/setupchamber2848.exe
http://upgrades.hotbar.com/installs/hotbar/programs/4.8.0.0/hbtstart.exe
http://installs.hotbar.com/installs/hbtools/programs/hbtools.cab
http://installs.hotbar.com/installs/hbtools/programs/hbtools.exe
http://downloads.zango.com/zangogames/zangotv/setupzangotv2593.exe
http://installs.hotbar.com/installs/hotbar/programs/10.0.368.0/hotbar.exe