这个网太毒了！

baba

装卡巴的和没开网页监控的红伞的试一下这个网，（注意最好在虚拟机下试一试）h**p：//www.08bbb.com.

tanlimo

http://user1.33212.net/Baidu.cab
http://user1.33212.net/bak.css
http://user4.33227.net/bak.css

更新啦？ESS不报

[ 本帖最后由 tanlimo 于 2008-4-24 18:24 编辑 ]

Starting the file scan:

Begin scan in 'E:\新建文件夹 (2)\Baidu.cab'
E:\新建文件夹 (2)\Baidu.cab
  [0] Archive type: CAB (Microsoft)
    --> Baidu.exe
          [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The file was deleted!

Starting the file scan:

Begin scan in 'E:\新建文件夹 (2)\bak.css'
E:\新建文件夹 (2)\bak.css
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The file was deleted!

The file 'Baidu.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Agent.wta. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Malware.

The file 'bak.css' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Agent.wtb. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Malware.

[ 本帖最后由 Exia 于 2008-4-24 20:58 编辑 ]

hanxiao1027

2008-4-24        19:06:06        已由访问保护规则禁止         N-A9B7C81180934\hanxiao        C:\Program Files\Internet Explorer\iexplore.exe        C:\Program Files\Common Files\System\msadc\msadco.dll        用户定义的规则:A11 管制浏览器（禁止调用MDAC，防范MS06014网马）        已阻止的操作: 执行
过ZA+hs！最后咖啡成功阻止

[ 本帖最后由 hanxiao1027 于 2008-4-24 19:10 编辑 ]

挪威的冬天

金山 0

qigang

5/2


rising20.41.32未杀！

wangjay1980

File:  Baidu.cab  
Status:  INFECTED/MALWARE  
MD5:  08af0b6771b3ec6e70ccb645d7a8556b  
Packers detected:  PE_PATCH, UPACK
Bit9 reports:  File not found  

Scanner results  
Scan taken on 24 Apr 2008 12:51:54 (GMT)  
A-Squared  Found nothing
AntiVir  Found HEUR/Malware  
ArcaVir  Found Heur.Win32.I  
Avast  Found nothing
AVG Antivirus  Found Generic10.ONZ  
BitDefender  Found nothing
ClamAV  Found PUA.Packed.UPack-2  
CPsecure  Found Generic.W32  
Dr.Web  Found nothing
F-Prot Antivirus  Found nothing
F-Secure Anti-Virus  Found nothing
Fortinet  Found nothing
Ikarus  Found Trojan-Downloader.Win32.Zlob.and  
Kaspersky Anti-Virus  Found Trojan-Downloader.Win32.Murlo.lv  
NOD32  Found nothing
Norman Virus Control  Found W32/Suspicious_U.gen  
Panda Antivirus  Found nothing
Sophos Antivirus  Found Mal/Packer  
VirusBuster  Found nothing
VBA32  Found nothing