浙江卫视在线直播----TV007 网络电视 (not infected by illusionWing)

显示全部楼层 · 发表于 2009-10-25 09:29:51

挂马链接：hxxp://www.tv007.com/tv/111.html
Log generated by 天使的愤怒 use mdecoder 0.28
[root]http://www.tv007.com/tv/111.html
[script]http://www.tv007.com/plus/count.php?aid=111&mid=
[script]http://www.tv007.com/ggs/play950.js
      [iframe]http://www.tv007.com/ggs/950/ball_index.html
         [iframe]http://www.tv007.com/ggs/bet365/bet365_960x60.htm
         [iframe]http://www.tv007.com/ggs/tv007/tv007.htm
         [iframe]http://www.tv007.com/ggs/cc898/cc898.htm
[iframe]http://www.tv007.com/plus/99itv_play.php?aid=111&msid=1
[script]http://www.tv007.com/ggs/playright.js
      [iframe]http://www.tv007.com/ggs/950/play_468.html
         [iframe]http://www.tv007.com/ggs/uusee/uusee468x60.htm
            [exe]http://download.uusee.com/union/union1/uuvod/uuseeunion_uuvod_setup_10445.exe
         [iframe]http://www.tv007.com/ggs/178game/178game2.htm
         [iframe]http://www.tv007.com/ggs/28royal/28royal2.htm
         [iframe]http://www.tv007.com/ggs/8dice/8dice2.htm
         [iframe]http://www.tv007.com/ggs/uusee/uusee120x60.htm
            [exe]http://download.uusee.com/union/union1/uuvod/uuseeunion_uuvod_setup_10445.exe
         [iframe]http://www.tv007.com/ggs/uusee/uusee234x60.htm
            [exe]http://download.uusee.com/union/union1/uuvod/uuseeunion_uuvod_setup_10445.exe
      [iframe]http://www.tv007.com/ggs/zeitie/zeitie2.html
         [script]http://jsunion.boodvd.cn/script/show_souvv_ads.js
            [script]http://jsunion.boodvd.cn/union/uniongetad.php?p=&uid=&sid=&oe=
      [iframe]http://www.tv007.com/ggs/129555/129555.htm
[script]http://www.tv007.com/ggs/play1.js
      [iframe]http://www.tv007.com/ggs/777ex/777ex2.htm
[script]http://www.tv007.com/wangzhai/wangzhai.js
      [script]http://www.tv007.com/images/dz.js
[iframe]http://www.tv007.com/ggs/cr/cr2.htm
[iframe]http://say-on.com/webchat/?roomid=www.tv007.com
[script]http://www.tv007.com/ggs/playright_gg.js
[iframe]http://www.tvsou.com/union/unichday_ifr.asp?tvid=21&channelid=43
      [iframe]http://www.tvsou.com/epg/gougou.asp?key=深夜罪域&cl=0
         [script]http://un.so.gougou.com/js/searchview.js
      [iframe]http://www.tvsou.com/epg/gougou.asp?key=假日喜羊羊与灰太狼&cl=0
         [script]http://un.so.gougou.com/js/searchview.js
      [iframe]http://www.tvsou.com/epg/gougou.asp?key=黄金敌营十八年ⅱ——虎胆雄心&cl=1
         [script]http://un.so.gougou.com/js/searchview.js
      [iframe]http://www.tvsou.com/epg/gougou.asp?key=星空珠光宝气&cl=1
         [script]http://un.so.gougou.com/js/searchview.js
      [script]http://www.tvsou.com/union/search.js
[script]http://www.tv007.com/ggs/pf_play.js
      [script]http://www.netgy.com/js/handwork/tv007.js
         [script]http://new.netgy.com/cpm/turn?s=10645
      [script]http://v.naqigs.com/position/javas/cpm_3916_26448.js
         [script]http://v.naqigs.com/position/applit/na7popclass.js
      [script]http://u.1133.cc/showpage.php?pid=131159&show_t=2
[script]http://www.tv007.com/images/tj.js
      [script]http://www.tv007.com/images/gb.js
      [script]http://v.naqigs.com/position/javas/cpm_3916_26448.js
      [script]http://cj.8le8le.com/cj/ad_show?id=113655-801332-617603-0-0
         [script]http://cj.8le8le.com/cj/uc.js
[exe]http://www.tv007.com/images/play.css

小羽：下次请不要滥用恶意网址标签

[ 本帖最后由 IllusionWing 于 2009-10-25 23:47 编辑 ]

显示全部楼层 · 发表于 2009-10-25 10:17:18

好像不是病毒吧

显示全部楼层 · 发表于 2009-10-25 10:21:20

VirSCAN.org Scanned Report :
Scanned time : 2009/10/25 10:06:45 (CST)
Scanner results: 全部的杀毒软件报告没有发现病毒!
File Name    : play.rar
File Size    : 3186 byte
File Type    : RAR archive data, v1d, os
MD5          : 4d63197d2922ba4e2611c6e85249e4d6
SHA1          : 2594ab283082f310e8143e7d4ddd2e5a51b82ff3
Online report  : http://virscan.org/report/50156a65fce5e765f25ebaac2ec86bdc.html

Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    4.5.0.8       20091024060116 2009-10-24  5.00 -
安博士V3    2009.10.24.00 2009.10.24       2009-10-24  1.65 -
AntiVir       8.2.1.44       7.1.6.145       2009-10-23  0.23 -
安天          2.0.18       20091023.3055910  2009-10-23  0.02 -
Arcavir       2009          200910240042    2009-10-24  0.04 -
Authentium    5.1.1          200910241421    2009-10-24  1.21 -
AVAST!       4.7.4          091024-0       2009-10-24  0.00 -
AVG          8.5.288       270.14.31/2457 2009-10-24  0.31 -
BitDefender 7.81008.4456262 7.28538          2009-10-25  3.91 -
CA (VET)    35.1.0       7082             2009-10-23  22.49  -
ClamAV       0.95.2       9920             2009-10-21  0.00 -
Comodo       3.12          2721             2009-10-25  0.89 -
CP Secure    1.3.0.5       2009.10.25       2009-10-25  0.01 -
Dr.Web       4.44.0.9170    2009.10.24       2009-10-24  6.46 -
F-Prot       4.4.4.56       20091024       2009-10-24  2.42 -
F-Secure    7.02.73807    2009.10.24.02    2009-10-24  8.14 -
飞塔          2.81-3.120    10.982          2009-10-24  0.26 -
GData       19.8569/19.520  20091024       2009-10-24  12.11  -
ViRobot       20091023       2009.10.23       2009-10-23  0.98 -
Ikarus       T3.1.01.72    2009.10.24.74251  2009-10-24  4.20 -
江民杀毒    11.0.800       2009.10.24       2009-10-24  12.23  -
卡巴斯基    5.5.10       2009.10.25       2009-10-25  0.03 -
金山毒霸    2009.2.5.15    2009.10.24.15    2009-10-24  1.29 -
迈克菲       5.3.00       5781             2009-10-24  3.33 -
Microsoft    1.5202       2009.10.24       2009-10-24  13.08  -
Norman       6.01.09       6.01.00          2009-10-23  4.01 -
熊猫卫士    9.05.01       2009.10.24       2009-10-24  4.01 -
趋势科技    8.700-1004    6.574.06       2009-10-24  0.03 -
Quick Heal    10.00          2009.10.24       2009-10-24  1.58 -
瑞星          20.0          21.52.52.00    2009-10-24  0.79 -
Sophos       3.00.1       4.46             2009-10-25  2.69 -
Sunbelt       5466          5466             2009-10-23  2.21 -
赛门铁克    1.3.0.24       20091024.005    2009-10-24  0.05 -
nProtect    20091025.01    6006373          2009-10-25  18.61  -
The Hacker    6.5.0.2       v00053          2009-10-24  1.54 -
VBA32       3.12.10.11    20091023.1519    2009-10-23  1.95 -
VirusBuster 4.5.11.10    10.112.78/2012799 2009-10-24  2.41 -

显示全部楼层 · 发表于 2009-10-25 10:38:11

杀不出来，并不代表它不是一个新病毒！

显示全部楼层 · 发表于 2009-10-25 11:20:13

数字签名正常，不是挂马~

显示全部楼层 · 发表于 2009-10-25 21:39:37

这些不是病毒啦。嗨。

028，不是加红的一定是病毒。

显示全部楼层 · 发表于 2009-10-25 21:52:06

http://www.tv007.com/images/play.css
这个要是PE文件我就去撞墙……

显示全部楼层 · 发表于 2009-10-25 23:48:25

mdecoder和redoce碰css直接exe

还是astox比较好

显示全部楼层 · 发表于 2009-10-26 12:37:29

原帖由 是昔流芳 于 2009-10-25 21:52 发表
 http://www.tv007.com/images/play.css
这个要是PE文件我就去撞墙……

淡定，淡定呵呵、

[已鉴定] 浙江卫视在线直播----TV007 网络电视 (not infected by illusionWing)

回复 7楼是昔流芳的帖子

[已鉴定] 浙江卫视在线直播----TV007 网络电视 (not infected by illusionWing)

回复 7楼 是昔流芳 的帖子

回复 7楼是昔流芳的帖子