这个站又被挂了……

显示全部楼层 · 发表于 2008-2-14 02:07:03

hxxp://www.yychk.com

显示全部楼层 · 发表于 2008-2-14 02:10:22

MS这个站没有威力

用freshow按了几下

Log is generated by FreShow.
[wide]http://www.yychk.com
[frame]http://baidu1633.com/a1.htm
      [frame]http://baidu1633.com/001.htm
      [frame]http://baidu1633.com/002.htm
         [object]http://baidu1633.com/admin/xx.exe
      [frame]http://baidu1633.com/003.htm
         [object]http://baidu1633.com/admin/xx.exe
      [script]http://s134.cnzz.com/stat.php?id=755872&web_id=755872
[script]http://www.yychk.com/common/common.js
      [object]http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab

[ 本帖最后由冷_冷于 2008-2-14 02:23 编辑 ]

显示全部楼层 · 发表于 2008-2-14 02:13:11

报脚本
http://baidu1633.com/admin/xx.exe却挂掉

显示全部楼层 · 发表于 2008-2-14 02:22:01

无聊的网马
欺骗感情
不玩了

显示全部楼层 · 发表于 2008-2-14 03:57:06

Starting the file scan:

Begin scan in 'C:\TDDOWNLOAD\002.htm'
C:\TDDOWNLOAD\
  002.htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Agent.ES
   [INFO]    The file was deleted!

Starting the file scan:

Begin scan in 'C:\TDDOWNLOAD\003.htm'
C:\TDDOWNLOAD\
  003.htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Shellcode.Gen
   [WARNING] The file was ignored!

显示全部楼层 · 发表于 2008-2-14 09:41:19

原帖由 冷_冷 于 2008-2-14 02:10 发表
MS这个站没有威力

200274

用freshow按了几下

Log is generated by FreShow.
[wide]http://www.yychk.com
[frame]http://baidu1633.com/a1.htm
[frame]http://baidu1633.com/001.ht ...

cab下不下来，
xx.exe：
Hello,

Thank you for the sample that you sent to us.

The file you submitted is clean. It is not malicious. This is the calc.exe executable from Microsoft.

Should you have further concerns, please do not hesitate to e-mail us again.

Have a nice day!

--
F-Secure Security Labs http://www.f-secure.com/weblog/
F-Secure Corporation http://www.f-secure.com/
BE SURE.

显示全部楼层 · 发表于 2008-2-14 09:44:08

avast 飘

显示全部楼层 · 发表于 2008-2-14 10:00:35

http://baidu1633.com/admin/xx.exe
貌似有微软的数字签名..

显示全部楼层 · 发表于 2008-2-14 10:19:15

AVAST飘过
但是挡住了
avast! Web Shield Warning
Access denied
avast! Web Shield detected a blocked file or page
and will not allow you to access the object. Please see
the system administrator if you need to access it anyway.

Object information
URL: http://baidu1633.com/admin/xx.exe
Accessed: 2008-2-14 10:18:36 +0800

Please be careful of what you're downloading from the Internet.
Many sites contain viruses or hostile Java/ActiveX objects
that may severely damage your system.

avast! - copyright (c) 1988-2007 ALWIL Software.
Thank you for using avast!.

显示全部楼层 · 发表于 2008-2-14 10:34:06

不会用FreShow看不懂也。

[已鉴定] 这个站又被挂了……