老毒网

显示全部楼层 · 发表于 2008-5-19 19:38:13

http://www.webkey.cn/soft/soft_16/file_1412.html

显示全部楼层 · 发表于 2008-5-19 19:42:38

Log is generated by FreShow.
[wide]http://www.webkey.cn/soft/soft_16/file_1412.html
[frame]http://download.pchome.net/utility/encrpt/21569.html
[frame]http://www.webkey.cn/soft/soft_16/../foot.htm
      [script]http://s114.cnzz.com/stat.php?id=440389&web_id=440389&show=pic
      [frame]http://www.cieccoo.com/css/js/mm.htm
         [frame]http://www.cieccoo.com/css/js/baidu.html
            [object]http://www.cieccoo.com/css/js/calc.cab
            [script]http://www.cieccoo.com/css/js/javascript:DowndloadCalcAndRun();
         [frame]http://www.cieccoo.com/css/js/test.htm
            [object]http://www.cieccoo.com/css/js/vip.exe
         [script]http://www.cieccoo.com/css/js/script.js
            [ani]http://www.cieccoo.com/css/js//body.jpg
                  [object]http://www.hitech-industries.com/case/js/vip.exe
            [ani]http://www.cieccoo.com/css/js//title.jpg
                  [object]http://www.hitech-industries.com/case/js/vip.exe
      [frame]http://www.88ou.cn/ip/1.htm
      [frame]http://www.88ou.cn/ip/1.htm

点击下载：

http://www.cieccoo.com/css/js/vip.exe
http://www.cieccoo.com/css/js/calc.cab
http://www.hitech-industries.com/case/js/vip.exe

显示全部楼层 · 发表于 2008-5-19 19:52:39

<html>
<head>
<title>热金加解密免费版 2.0-加密解密-系统程序-软件下载-微客网-[WebKey.Cn]</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="keywords" content="系统程序,加密解密,热金加解密免费版 2.0">
</head>
<FRAMESET rows="*,56" name="topcontent" framespacing="0" frameborder="NO" border="0">
<FRAME NAME="linkurl" SRC="http://download.pchome.net/utility/encrpt/21569.html">
<frameset cols="*" frameborder="NO" border="0" framespacing="0" SCROLLING="NO" noresize>
<frame src="../foot.htm" name="footbar" scrolling="no" noresize>
</frameset>
</FRAMESET>
<noframes>
<body>
系统程序-加密解密-热金加解密免费版 2.0
http://download.pchome.net/utility/encrpt/21569.html
微客网-WebKey.Cn
</body>
</noframes>
</html>

显示全部楼层 · 发表于 2008-5-21 18:04:47

2008-5-21 18:03 Script.HttpDownloader.i 病毒 Administrator D:\Personal\Temporary Internet Files\Content.IE5\STYVOPAN\test[1].htm Realtime scan

显示全部楼层 · 发表于 2008-5-21 18:09:36

显示全部楼层 · 发表于 2008-5-21 18:10:04

确实，大蜘蛛报毒了

显示全部楼层 · 发表于 2008-5-27 07:03:11

Starting the file scan:

Begin scan in 'E:\AV\calc.cab'
E:\AV\calc.cab
  [0] Archive type: CAB (Microsoft)
--> vip.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Dldr.Delf.bnj.13
   [NOTE]    The file was deleted!
Begin scan in 'E:\AV\vip.exe'
E:\AV\vip.exe
   [DETECTION] Is the Trojan horse TR/Spy.Agent.PI.77
   [NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-5-27 13:47:38

Time Module Object Name Threat Action User Information
2008/5/27 13:47:21 IMON archive http://www.cieccoo.com/css/js/calc.cab Win32/PSW.OnLineGames.NEC trojan Connection terminated Jason-PC\Jason
2008/5/27 13:47:12 IMON file http://www.cieccoo.com/css/js/vip.exe a variant of Win32/Regil trojan Jason-PC\Jason
还有一个不能下载

显示全部楼层 · 发表于 2008-5-29 18:04:52

BD报了。

显示全部楼层 · 发表于 2008-5-29 21:40:43

原帖由 yusup 于 2008-5-29 18:04 发表
BD报了。

跟老帖，晕死。

[已鉴定] 老毒网