一个S.B黑客,云南的,叫张鹏.以下信息中有他挂马网站的信息, 其中有他的手机号,我打过2次电话了,他还抵赖,说被别人挂马.通过分析,此人会挂马,他的邮箱地址就显示出来了 hackzp@126.com

他的手机是用的联通130卡:13116292866

经过技术分析,该网站既是一个挂马网,又是一个钓鱼网站,它利用后台数据库记录登陆的QQ空间的QQ密码,然后窃取QQ币.

这个S.B小黑客用的木马挺先进,瑞星查不出来,因为他的病毒程序是被加了壳的.点击伪装成RAR压缩包的图样,骗取别人直接点击,其实是一个EXE压缩文件. 我是因为要挂我的QQ宠物猪才找到这个网站,我这次大意了,我上网这么多年只被黑过3次,这次是太大意了...

我现在已经通过本地的警方向昆明警方报案,请问各位大虾,如果把他抓住,能判他多少年? (现在那款下载病毒已经被下了6千多次,我已经备份好详细充分的证据来指正他.)

我的联系电邮是
nanne@vip.qq.com



以下是我的杀毒报告
-------------------------------------------------------

  瑞星病毒查杀结果报告
清除病毒种类列表：
病毒： Backdoor.Win32.RWX.lr   
MAC 地址：00:1F:C6:AC:EF:0C
用户来源：局域网
软件版本：20.57.52


------------------------------------------------------------------------------------------------------------

大家小心打开附件,里面有个1.exe的文件千万不要点击,好奇的人可以用正版瑞星杀杀看

其他图片是资料,大家看看他干的好事.如果有人想和我联系,其中也有我的联系QQ号

瑞星公司快倒闭了,不是我讲你们的....实在是看不下去了

--------------------------------------------





以下是张鹏挂病毒的网站信息.
-------------------------------------------------------------------------------
Whois Server Version 2.0Domain names in the .com and .net domains can now be registeredwith many different competing registrars. Go to http://www.internic.netfor detailed information.  Domain Name: QQONLI.COM  Registrar: BIZCN.COM, INC.  Whois Server: whois.bizcn.com  Referral URL: http://www.bizcn.com  Name Server: NS1.4EVERDNS.COM  Name Server: NS2.4EVERDNS.COM  Status: clientDeleteProhibited  Status: clientTransferProhibited  Updated Date: 29-feb-2008  Creation Date: 29-feb-2008  Expiration Date: 28-feb-2009>>> Last update of whois database: Fri, 15 Aug 2008 21:19:20 EDT <<<NOTICE: The expiration date displayed in this record is the date the registrar's sponsorship of the domain name registration in the registry is currently set to expire. This date does not necessarily reflect the expiration date of the domain name registrant's agreement with the sponsoring registrar.  Users may consult the sponsoring registrar's Whois database to view the registrar's reported date of expiration for this registration.TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations; the Data in VeriSign Global Registry Services' ("VeriSign") Whois database is provided by VeriSign for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. VeriSign does not guarantee its accuracy. By submitting a Whois query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to VeriSign (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of VeriSign. You agree not to use electronic processes that are automated and high-volume to access or query the Whois database except as reasonably necessary to register domain names or modify existing registrations. VeriSign reserves the right to restrict your access to the Whois database in its sole discretion to ensure operational stability.  VeriSign may restrict or terminate your access to the Whois database for failure to abide by these terms of use. VeriSign reserves the right to modify these terms at any time. The Registry database contains ONLY .COM, .NET, .EDU domains andRegistrars.[whois.bizcn.com]The data in this whois database is provided to you for informationpurposes only, that is, to assist you in obtaining information about orrelated to a domain name registration record. We make this informationavailable "as is," and do not guarantee its accuracy. By submitting awhois query, you agree that you will use this data only for lawfulpurposes and that, under no circumstances will you use this data to: (1)enable high volume, automated, electronic processes that stress or loadthis whois database system providing you this information; or (2) allow,enable, or otherwise support the transmission of mass unsolicited,commercial advertising or solicitations via direct mail, electronicmail, or by telephone.  The compilation, repackaging, dissemination orother use of this data is expressly prohibited without prior writtenconsent from us.  We reserve the right to modify these terms at any time.By submitting this query, you agree to abide by these terms.Domain name: qqonli.comRegistrant Contact:  Zhang Peng  Peng Zhang hackzp@126.com  +86.13116292866 fax: +86.2112345678  Yunnan,kunming  Yunnan Yunnan 650200  cnAdministrative Contact:  Peng Zhang hackzp@126.com  +86.13116292866 fax: +86.2112345678  Yunnan,kunming  Yunnan Yunnan 650200  cnTechnical Contact:  Peng Zhang hackzp@126.com  +86.13116292866 fax: +86.2112345678  Yunnan,kunming  Yunnan Yunnan 650200  cnBilling Contact:  Zhang Peng hackzp@126.com  +86.13116292866 fax: +86.2112345678  Yunnan,kunming  Yunnan Yunnan 650200  cnDNS:ns1.4everdns.comns2.4everdns.comCreated: 2008-02-29Expires: 2009-02-28

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; QQDownload 1.7)

沙发```

说明一下,刚才附件上传失败,如果那个网友要技术切磋的,需要这些原始文件,可以问我要,记得给我电邮.

每个造毒的人都应该枪毙！

刚才我自己用我发明的手段把病毒杀掉了，我是手动杀的。

我以后再不用瑞星了，连一个病毒都查不出来，明明那就是病毒文件，我用正版的瑞星查了无数遍，病毒库也是最新的，用了最高级别。。。但是就是杀不出来。。。最后我手动删除，系统恢复正常。

报案吧 大网站上都有网警的
或者直接登陆
http://www.cyberpolice.cn/infoCategoryListAction.do?act=init