毒网?

asdff

http://www.joinmap.com/

22680506

SEP11没报

真.菲戈

红伞＋firefox没报

Starting the file scan:

Begin scan in 'E:\AV\n.htm'
E:\AV\n.htm
      [DETECTION] Contains suspicious code HEUR/HTML.Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '489520a1.qua'!
Begin scan in 'E:\AV\new17.htm'


End of the scan: 2008年5月16日  13:49
Used time: 00:20 min

The scan has been done completely.

      0 Scanning directories
      2 Files were scanned
      0 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      0 Archives were scanned
      0 Warnings
      1 Notes

The file 'new17.htm' has been determined to be 'MALWARE'.
Our analysts named the threat HTML/Iframe.175. The term "HTML/" denotes a script-virus that is able to infect the system using a HTML script.Detection will be added to our virus definition file (VDF) with one of the next updates.

The file 'n.htm' has been determined to be 'MALWARE'.
Our analysts named the threat EXP/RealPlayer.Dload. The term "EXP/" denotes malware that is able to detect and use certain security vulnerabilities whereby the attacker can get control of the system.Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/HTML.Malware.

[ 本帖最后由 Exia 于 2008-5-16 21:06 编辑 ]

aribeth199

卡巴没发现。

冷冷

1. 
   
2. http://js.users.51.la/1872314.js
   
3. http://cc.tom999.com/wangma/n.htm
   
4. http://cc.tom999.com/wangma/014.js
   
5. http://dd.baoma999.com/xiazai/014.exe
   

复制代码

秋叶濛濛

Log is generated by FreShow.
[wide]http://www.joinmap.com/
    [frame]http://cc.tom999.com/rx/ing01/new17.htm
        [frame]http://cc.tom999.com/wangma/n.htm
            [object]http://dd.baoma999.com/xiazai/abd.cab
            [object]http://dd.baoma999.com/xiazai/bf.exe
            [object]http://dd.baoma999.com/xiazai/rl.exe
            [object]http://dd.baoma999.com/xiazai/014.exe

sam.to

卡巴:

Scanned file:   4.rar  - Infected
4.rar/bf.exe2 - infected by Trojan-Downloader.Win32.Small.ixw
4.rar/rl.exe2 - infected by Trojan-Downloader.Win32.Small.ixw
4.rar/014.exe2 - infected by Trojan-Downloader.Win32.Small.ixw
4.rar/abd.exe3 - infected by Trojan-Downloader.Win32.Small.ixw

[ 本帖最后由 kato9096 于 2008-5-16 14:25 编辑 ]

秋叶濛濛

Avk

扫描系统区域...
扫描所选择的目录和文件...
对象: bf.exe
  在压缩档案里: C:\Documents and Settings\Administrator\桌面\桌面.rar
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Small.ixw (AVP引擎)
对象: 014.exe
  在压缩档案里: C:\Documents and Settings\Administrator\桌面\桌面.rar
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Small.ixw (AVP引擎)
对象: rl.exe
  在压缩档案里: C:\Documents and Settings\Administrator\桌面\桌面.rar
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Small.ixw (AVP引擎)
对象: abd.cab abd.exe
  在压缩档案里: C:\Documents and Settings\Administrator\桌面\桌面.rar
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Small.ixw (AVP引擎)
对象: 桌面.rar
路径: C:\Documents and Settings\Administrator\桌面
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Small.ixw (4x) (AVP引擎)
分析完成: 2008-5-16 14:22
    已扫描 1 个文件
    已发现 1 个感染文件
    发现 0 个可疑文件

Dr.Web

Avira

Begin scan in 'C:\Documents and Settings\Administrator\桌面\桌面.rar'
C:\Documents and Settings\Administrator\桌面\桌面.rar
  [0] Archive type: RAR
    --> bf.exe
          [DETECTION] Is the Trojan horse TR/Downloader.Gen
    --> 014.exe
          [DETECTION] Is the Trojan horse TR/Downloader.Gen
    --> rl.exe
          [DETECTION] Is the Trojan horse TR/Downloader.Gen
    --> abd.cab
      [1] Archive type: CAB (Microsoft)
      --> abd.exe
            [DETECTION] Is the Trojan horse TR/Downloader.Gen
      [WARNING]   The file was ignored!

[ 本帖最后由 秋叶濛濛 于 2008-5-16 14:21 编辑 ]

冷冷

ACEFB4A25907A7168083EF0A6278D162  abd.exe
ACEFB4A25907A7168083EF0A6278D162  bf.exe
ACEFB4A25907A7168083EF0A6278D162  rl.exe
ACEFB4A25907A7168083EF0A6278D162  014.exe