查看: 4041|回复: 18
收起左侧

[已鉴定] 微客网被插入恶意代码

 关闭 [复制链接]
秋叶濛濛
发表于 2008-5-21 11:42:54 | 显示全部楼层 |阅读模式
消息来源:知道安全
Log is generated by FreShow.
[wide]http://www.webkey.cn/soft/soft_16/file_1412.html
    [frame]http://www.webkey.cn/soft/soft_16/../foot.htm
        [frame]http://www.cieccoo.com/css/js/mm.htm
            [frame]http://www.cieccoo.com/css/js/baidu.html
                [object]http://www.cieccoo.com/css/js/calc.cab
            [frame]http://www.cieccoo.com/css/js/test.htm
                [object]http://www.cieccoo.com/css/js/vip.exe
            [script]http://www.cieccoo.com/css/js/script.js
                [ani]http://www.cieccoo.com/css/js//body.jpg
                    [object]http://www.hitech-industries.com/case/js/vip.exe  
                [ani]http://www.cieccoo.com/css/js//title.jpg
                    [object]http://www.hitech-industries.com/case/js/vip.exe  

Avk

对象: vip.exe
病毒: Trojan-Spy.Win32.Agent.pi (AVP引擎)
对象: calc.cab vip.exe
病毒: Trojan-Downloader.Win32.Delf.bnj (AVP引擎)
对象: 桌面.rar
路径: C:\Documents and Settings\Administrator\桌面

病毒: Trojan-Spy.Win32.Agent.pi, Trojan-Downloader.Win32.Delf.bnj (AVP引擎)

Dr.web
2008-05-21_114546.jpg

桌面.rar

248.18 KB, 下载次数: 169

ranguangning
头像被屏蔽
发表于 2008-5-21 11:57:25 | 显示全部楼层
dns failed
hahacomcn
发表于 2008-5-21 12:07:50 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\haha\桌面\桌面.rar'
C:\Documents and Settings\haha\桌面\桌面.rar
  [0] Archive type: RAR
  --> vip.exe
      [DETECTION] Is the Trojan horse TR/Spy.Agent.PI.77
    --> calc.cab
      [1] Archive type: CAB (Microsoft)
      --> vip.exe
        --> Object
          [3] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/Dldr.Delf.bnj.13
      [NOTE]      A backup was created as '4862375d.qua'  ( QUARANTINE )


End of the scan: 2008年5月21日  12:07
Used time: 00:02 min

The scan has been done completely.

      0 Scanning directories
      4 Files were scanned
      2 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
Palkia
发表于 2008-5-21 12:30:12 | 显示全部楼层
kv 1
挪威的冬天
发表于 2008-5-21 12:49:32 | 显示全部楼层
信息        2008-05-21  12:49:00        您此次查毒共查出2个病毒以及危险代码                       
信息        2008-05-21  12:49:00        您此次查毒共查了内存模块0个,磁盘引导扇区0个,文件5个                       
信息        2008-05-21  12:49:00        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒                       
病毒        2008-05-21  12:49:00        D:\Desktop\×àÃæ.rar\calc.cab\vip.exe        Win32.PSWTroj.Delf.wt.99604        跳过,未处理       
病毒        2008-05-21  12:49:00        D:\Desktop\×àÃæ.rar\vip.exe        Win32.Troj.Agent.pi.291553        跳过,未处理
gaojun7206
发表于 2008-5-21 13:01:55 | 显示全部楼层
TR/Spy.Agent.PI.77
电影结束了
发表于 2008-5-21 14:08:04 | 显示全部楼层
对象: vip.exe
        路径: F:
        Status: 已发现病毒
        病毒: Trojan.Spy.Agent.PI (BD 引擎)
对象: vip.exe
        在压缩档案里: F:\calc.cab
        Status: 已发现病毒
        病毒: Trojan.Downloader.Delf.BNJ (BD 引擎)
star_xing
发表于 2008-5-21 15:30:13 | 显示全部楼层
ACCESS DENIED
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: http://bbs.kafan.cn/attachment.p ... 0a&t=1211354922

The folowing error was encountered:

The requested object is INFECTED. The following viruses Trojan-Spy.Win32.Agent.pi were found

Please contact your service provider if you feel this is incorrect.



--------------------------------------------------------------------------------

Generated Wed May 21 15:30:55 2008 by 卡巴斯基反病毒软件 7.0
jick117
发表于 2008-5-21 15:37:51 | 显示全部楼层
咖啡也能查杀的
palfan
发表于 2008-5-21 15:40:39 | 显示全部楼层
反病毒引擎版本最后更新扫描结果
AhnLab-V32008.5.20.02008.05.21-
AntiVir7.8.0.192008.05.21TR/Spy.Agent.PI.77
Authentium5.1.0.42008.05.21W32/Trojan.BPTR
Avast4.8.1195.02008.05.21Win32:Hupigon-BMV
AVG7.5.0.5162008.05.20PSW.Agent.MHV
BitDefender7.22008.05.21Trojan.Spy.Agent.PI
CAT-QuickHeal9.502008.05.19Win32.Trojan-Spy.Agent.pi
ClamAV0.92.12008.05.21-
DrWeb4.44.0.091702008.05.21Trojan.MulDrop.9334
eSafe7.0.15.02008.05.20Win32.Agent.pi
eTrust-Vet31.4.58082008.05.21-
Ewido4.02008.05.20Logger.Agent.pi
F-Prot4.4.2.542008.05.14W32/Trojan.BPTR
F-Secure6.70.13260.02008.05.21Trojan-Downloader.Win32.Delf.bnj
Fortinet3.14.0.02008.05.21Spy/Agent
GData2.0.7306.10232008.05.21Trojan-Spy.Win32.Agent.pi
IkarusT3.1.1.26.02008.05.21Trojan-Spy.Win32.Agent.vz
Kaspersky7.0.0.1252008.05.21Trojan-Spy.Win32.Agent.pi
McAfee52992008.05.20Generic.dx
Microsoft1.35202008.05.21TrojanSpy:Win32/Agent.PI
NOD32v231152008.05.20a variant of Win32/Regil
Norman5.80.022008.05.20-
Panda9.0.0.42008.05.21Trj/QQPass.AKL
Prevx1V22008.05.21Malicious Software
Rising20.45.12.002008.05.20Trojan.Spy.Win32.Agent.pi
Sophos4.29.02008.05.21Troj/AgenPi-Gen
Sunbelt3.0.1123.12008.05.17Trojan-Spy.Agent.PI
Symantec102008.05.21Trojan Horse
TheHacker6.2.92.3142008.05.20Trojan/Spy.Agent.pi
VBA323.12.6.62008.05.20Trojan-Spy.Win32.Agent.pi
VirusBuster4.3.26:92008.05.20Trojan.OnlineGames.Gen.47
Webwasher-Gateway6.6.22008.05.21Trojan.Spy.Agent.PI.77
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-16 23:25 , Processed in 0.162364 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表