来个挂了10只毒的网站

显示全部楼层 · 发表于 2007-11-30 12:43:50

信息 2007-11-30  12:43:05 您此次查毒共查出1个病毒以及危险代码
信息 2007-11-30  12:43:05 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件8个
信息 2007-11-30  12:43:05 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2007-11-30  12:43:05 C:\Documents and Settings\Norways Winter\桌面\yyyyyy.rar\新建文件夹 (2)\logo[1].jpg RISK.Exploit.Ani 跳过，未处理

显示全部楼层 · 发表于 2007-11-30 13:01:51

avast! 一个

显示全部楼层 · 发表于 2007-11-30 14:12:56

htp://user3.33391.net/down.exe
htp://user3.33391.net/Baidu.cab
htp://down.llsging.com/bb/rl.exe
htp://qqq.aishengho.com/bd.cab
htp://qqq.aishengho.com/down.exe
htp://qqq.aishengho.com/svcos.exe
htp://news.hook163.com/ps/logo.jpg
htp://news.hook163.com/soft.exe
htp://mm.987999.com/soft.exe

显示全部楼层 · 发表于 2007-11-30 16:12:30

我这儿还是那个a.exe
并且楼主的日志怎么父进程都是马桶？
病毒呢？

显示全部楼层 · 发表于 2007-11-30 16:52:31

原帖由 Graybird 于 2007-11-29 23:33 发表
Starting the file scan:

Begin scan in 'E:\yyyyyy.rar'
E:\yyyyyy.rar
  [0] Archive type: RAR
  --> ÐÂ½¨ÎÄ¼þ¼Ð (2)\3476[1].htm
   [DETECTIO ...

Filename	Result
3476[1].htm	MALWARE

The file '3476[1].htm' has been determined to be 'MALWARE'.
Our analysts named the threat HTML/Infected.WebPage.Gen. The term "HTML/" denotes a script-virus that is able to infect the system using a HTML script.This malware is detected by a special detection routine from the engine module.

Filename	Result
gm[2].htm	MALWARE

The file 'gm[2].htm' has been determined to be 'MALWARE'.
Our analysts discovered that the file contains malicious HTML script code. Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename	Result
gm[2].htm	MALWARE

The file 'gm[2].htm' has been determined to be 'MALWARE'.
Our analysts discovered that the file contains malicious HTML script code. Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename	Result
jh[2].htm	MALWARE

The file 'jh[2].htm' has been determined to be 'MALWARE'.
Our analysts discovered that the file contains malicious HTML script code. Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename	Result
jh[2].htm	MALWARE

The file 'jh[2].htm' has been determined to be 'MALWARE'.
Our analysts discovered that the file contains malicious HTML script code. Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename	Result
kill[1].htm	MALWARE

The file 'kill[1].htm' has been determined to be 'MALWARE'.
Our analysts discovered that the file contains malicious HTML script code. Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename	Result
logo[1].jpg	MALWARE

The file 'logo[1].jpg' has been determined to be 'MALWARE'.
Our analysts named the threat EXP/Ani.Gen. The term "EXP/" denotes malware that is able to detect and use certain security vulnerabilities whereby the attacker can get control of the system.This malware is detected by a special detection routine from the engine module.

显示全部楼层 · 发表于 2007-11-30 18:10:33

URL太长了本想用虚拟进去看看的算了

显示全部楼层 · 发表于 2007-11-30 20:19:30

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Hack.SuspiciousAni

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.20.42

显示全部楼层 · 发表于 2007-12-1 05:08:00

原帖由 sxingbai 于 2007-11-30 16:12 发表
我这儿还是那个a.exe
并且楼主的日志怎么父进程都是马桶？
病毒呢？

在附件阿

显示全部楼层 · 发表于 2007-12-1 13:05:52

卡巴进入，阻止打开网页。报毒。

显示全部楼层 · 发表于 2007-12-1 19:25:01

还是zonealarm好啊，原网站能打开，但该网站指定的链接就被阻止了。

[已鉴定] 来个挂了10只毒的网站

没人提出来？只好从隔壁高手借出来。。的分析结果。

Ani