30

挪威的冬天

贼多网页。。。貌似金山现在都不怎么管网页了

HC303

Please find a detailed report concerning each individual sample below:

Filename Result
Ajax[1].htm  MALWARE

The file 'Ajax[1].htm' has been determined to be 'MALWARE'. Our analysts named the threat TR/Click.HTML.IFrame.GC.1. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.01.82. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Exploit.HTML.

Filename Result
down1[1].txt  MALWARE

The file 'down1[1].txt' has been determined to be 'MALWARE'. Our analysts named the threat TR/Click.HTML.IFrame.GC. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.01.82. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Exploit.HTML.

HC303

Filename Result
kaka[1].htm  MALWARE

The file 'kaka[1].htm' has been determined to be 'MALWARE'. Our analysts named the threat TR/Click.HTML.IFrame.GC.2. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.01.82. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Exploit.HTML.

Filename Result
kong[1].htm  MALWARE

The file 'kong[1].htm' has been determined to be 'MALWARE'. Our analysts named the threat HTML/Dldr.Agent.bcd. The term "HTML/" denotes a script-virus that is able to infect the system using a HTML script.Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Exploit.HTML.

HC303

Filename Result
lz[1].htm  MALWARE

The file 'lz[1].htm' has been determined to be 'MALWARE'. Our analysts named the threat HTML/Shellcode.Gen. The term "HTML/" denotes a script-virus that is able to infect the system using a HTML script.This malware is detected by a special detection routine from the engine module.

Filename Result
Ms06014[1].htm  MALWARE

The file 'Ms06014[1].htm' has been determined to be 'MALWARE'. Our analysts named the threat TR/Click.HTML.IFrame.GC.3. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.01.82. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Exploit.HTML.

HC303

Filename Result
XunLei[1].htm  MALWARE

The file 'XunLei[1].htm' has been determined to be 'MALWARE'. Our analysts named the threat TR/Click.HTML.IFrame.GC.4. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.01.82. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Exploit.HTML.

Graybird

Starting the file scan:

Begin scan in 'E:\29.rar'
E:\29.rar
  [0] Archive type: RAR
  --> VMwareService.exe
      [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
  --> tmp7A.tmp
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> pcibus.sys
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.45056
  --> 8838283[1].htm
      [DETECTION] Is the Trojan horse TR/IFrame.AW
  --> XunLei[1].htm
      [DETECTION] Is the Trojan horse TR/Click.HTML.IFrame.GC.4
  --> noani[2].htm
      [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.ZY
  --> Ms06014[1].htm
      [DETECTION] Is the Trojan horse TR/Click.HTML.IFrame.GC.3
  --> haha[1].htm
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.ED
  --> jh[1].htm
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Agent.afm
  --> kong[1].htm
      [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> htm[1].htm
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Agent.AS
  --> gm[1].htm
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.ala.10
  --> 6671697[1].htm
      [DETECTION] Is the Trojan horse TR/IFrame.AW
  --> Ajax[1].htm
      [DETECTION] Is the Trojan horse TR/Click.HTML.IFrame.GC.1
  --> ani[1].htm
      [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.ZY
  --> 11[1].js
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.CN
  --> rl[2].js
      [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.E
  --> realplayer[1].htm
      [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.H
  --> kaka[1].htm
      [DETECTION] Is the Trojan horse TR/Click.HTML.IFrame.GC.2
  --> down1[1].txt
      [DETECTION] Is the Trojan horse TR/Click.HTML.IFrame.GC
  --> 2[1].htm
      [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.I
  --> 1[1].js
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.GG
  --> realplay_071122_exp[1].htm
      [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.H
  --> realplayer[2].htm
      [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.ZY
  --> lz[1].htm
      [DETECTION] Contains detection pattern of the HTML script virus HTML/Shellcode.Gen
  --> gege[1].htm
      [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.I
  --> ani[1].c
      [DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
  --> tmp7C.tmp
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> tmp77.tmp
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> tmp83.tmp
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [WARNING]   The file was ignored!


End of the scan: 2007年12月13日  17:10
Used time: 00:20 min

The scan has been done completely.

      0 Scanning directories
     31 Files were scanned
     28 viruses and/or unwanted programs were found
      2 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      3 Files not concerned
      1 Archives were scanned
      1 Warnings
      0 Notes

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Win32.Logogo.a           
病毒： Trojan.PSW.Win32.SO2Online.x
病毒： Trojan.Win32.Mnless.zkb 
病毒： Trojan.DL.Win32.Iframe.a
病毒： Trojan.Script.JS.Agent.ab
病毒： Hack.Exploit.Script.JS.RealPlayer.b
病毒： Trojan.DL.Script.JS.Agent.lve
病毒： Trojan.DL.Script.HTML.Agent.x
病毒： Hack.SuspiciousAni       

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.22.31

663219623

kill杀勒   蛤蛤

shaoruoyan

KIS7  还没下载就拦了~~~

jimmyleo

D:\Download\Scan\11[1].js - Signature 'Win32.SuspectCrc' found
D:\Download\Scan\1[1].js
D:\Download\Scan\2[1].htm
D:\Download\Scan\6671697[1].htm
D:\Download\Scan\8838283[1].htm
D:\Download\Scan\Ajax[1].htm
D:\Download\Scan\ani[1].c - Signature 'Exploit.Win32.IMG-ANI.i' found
D:\Download\Scan\ani[1].htm
D:\Download\Scan\down1[1].txt
D:\Download\Scan\gege[1].htm
D:\Download\Scan\gm[1].htm
D:\Download\Scan\haha[1].htm - Signature 'Trojan-Downloader.JS.Agent.alj' found
D:\Download\Scan\htm[1].htm
D:\Download\Scan\jh[1].htm
D:\Download\Scan\kaka[1].htm
D:\Download\Scan\kong[1].htm
D:\Download\Scan\lz[1].htm
D:\Download\Scan\Ms06014[1].htm
D:\Download\Scan\noani[2].htm
D:\Download\Scan\pcibus.sys - Signature 'Worm.Win32.Downloader.cb' found
D:\Download\Scan\realplayer[1].htm
D:\Download\Scan\realplayer[2].htm
D:\Download\Scan\realplay_071122_exp[1].htm
D:\Download\Scan\rl[2].js
D:\Download\Scan\tmp77.tmp
D:\Download\Scan\tmp7A.tmp
D:\Download\Scan\tmp7C.tmp
D:\Download\Scan\tmp83.tmp
D:\Download\Scan\VMwareService.exe - Signature 'Trojan-PWS.Win32.Agent.jp' found
D:\Download\Scan\XunLei[1].htm

        30 Files scanned
          (0 Archives with 0 files)
        5 Signatures found
        0 Suspect code-parts found
        Used time: 0:00.390

意料之中