http://www.11xs.com/(灵罗戒最新章节)[Malicious][Detected by 是昔流芳]

显示全部楼层 · 发表于 2011-8-15 11:56:37

Log generated by 是昔流芳 use mdecoder 0.67
[root]http://www.11xs.com/xs/222/129173.htm
[iframe]http://0w6e0ew6fhu.3322.org:8832/Zr03/index.html
      [exp]http://0w6e0ew6fhu.3322.org:8832/Zr03/ff.htm(Exploit.Ie0dayCVE0806.a)
         [script]http://0w6e0ew6fhu.3322.org:8832/Zr03/ap.js
         [virus]http://58.221.36.199:8832/xx/zr03.css
      [iframe]http://0w6e0ew6fhu.3322.org:8832/Zr03/fl.htm
         [flash]http://0w6e0ew6fhu.3322.org:8832/Zr03/nb.swf
[script]http://www.11xs.com/js/htm/BookMenu.js
[script]http://www.11xs.com/js/htm/TextSet.js
[script]http://www.11xs.com/js/BookText_TitleTop.js
      [script]http://cpro.baidu.com/cpro/ui/f.js
         [iframe]http://cpro.baidu.com/cpro/ui/uijs.php?{paramString}
         [script]http://wm.baidu.com/preview/floatPreview.js
[script]http://www.11xs.com/js/BookText_TitleBottom.js
[script]http://www.11xs.com/js/BookText_ContentTop.js
      [script]http://cpro.baidu.com/cpro/ui/c.js
         [script]http://wm.baidu.com/preview/preview.js
         [iframe]http://cpro.baidu.com/cpro/ui/{cproServiceUrl}?{paramString}
      [script]http://cpro.baidu.com/cpro/ui/c.js
      [script]http://cpro.baidu.com/cpro/ui/c.js
[script]http://www.11xs.com/js/BookText_ContentBottom.js
      [script]http://u.1133.cc/showpage.php?pid=142647&show_t=2
[script]http://www.11xs.com/js/BookText_EndMenuTop.js
      [script]http://u.1133.cc/showpage.php?pid=104976&show_t=2
[script]http://www.11xs.com/js/BookText_EndMenuBottom.js
[script]http://www.11xs.com/js/mycount.js
      [script]http://js.users.51.la/3518268.js
[script]http://www.11xs.com/js/htm/BookText.js

显示全部楼层 · 发表于 2011-8-15 13:24:28

2011-08-15 13:21:00 C:\Documents and Settings\Roger\桌面\virus\zr03\zr03.exe Sandboxed As Partially Limited

2011-08-15 13:21:06 C:\Documents and Settings\Roger\Local Settings\Temp\24448984.dll Sandboxed As Partially Limited

2011-08-15 13:21:12 C:\Documents and Settings\Roger\Local Settings\Temp\24448984.dll Modify File C:\WINDOWS\fonts\pci.sys

2011-08-15 13:21:12 C:\Documents and Settings\Roger\Local Settings\Temp\24448984.dll Modify Key HKLM\SYSTEM\ControlSet001\Services\acde

2011-08-15 13:21:12 C:\Documents and Settings\Roger\桌面\virus\zr03\zr03.exe Modify File C:\WINDOWS\system32\24454328.exe

2011-08-15 13:21:12 C:\Documents and Settings\Roger\桌面\virus\zr03\zr03.exe Modify Key HKLM\SYSTEM\ControlSet001\Services\pcidump

2011-08-15 13:21:20 C:\Documents and Settings\Roger\桌面\virus\zr03\zr03.exe Modify File C:\WINDOWS\system32\scvhost.exe

2011-08-15 13:21:20 C:\Documents and Settings\Roger\桌面\virus\zr03\kl78a.bat Sandboxed As Partially Limited

2011-08-15 13:21:21 C:\WINDOWS\system32\conime.exe Sandboxed As Partially Limited

2011-08-15 13:21:28 C:\Documents and Settings\Roger\桌面\virus\zr03\kl78a.bat Modify File C:\Documents and Settings\Roger\桌面\virus\zr03\zr03.exe

显示全部楼层 · 发表于 2011-8-15 17:06:18

AVG KILL那2个红的

显示全部楼层 · 发表于 2011-8-15 17:31:43

搜狗MISS

显示全部楼层 · 发表于 2011-8-15 22:56:33

avast!文件系统防护拦截

显示全部楼层 · 发表于 2011-8-15 23:46:31

McAfee 8.8没反应。。。

显示全部楼层 · 发表于 2011-8-16 15:48:40

诺顿入侵检测
Web Attack：Exploit Variant Activity 7
捕获.PNG

显示全部楼层 · 发表于 2011-8-16 16:33:58

趋势科技封锁

[其它] http://www.11xs.com/(灵罗戒最新章节)[Malicious][Detected by 是昔流芳]

评分