此网站可使遨游瞬间崩溃！卡巴报溢出！大家分析下。

a256886572008

下載了18隻

kp2006

kv2008报15个

http://bbs.kafan.cn/attachment.php?aid=138643->conime17.exe                    trojan/agent.ukg             2007-10-12 下午 02:42:01 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime.exe                      trojan/psw.onlinegames.hkb   2007-10-12 下午 02:42:02 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime2.exe                     trojan/psw.qqpass.rvu        2007-10-12 下午 02:42:02 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime4.exe                     trojandropper.agent.dfz      2007-10-12 下午 02:42:04 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime5.exe                     trojandropper.agent.dkq      2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime7.exe                     trojan/psw.onlinegames.hkd   2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime6.exe                     trojandropper.agent.dko      2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime8.exe                     trojanproxy.pixoliz.ly       2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime9.exe                     trojandownloader.adload.lp   2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime11.exe                    trojandownloader.adload.lp   2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime12.exe                    trojan/psw.onlinegames.hkg   2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime13.exe                    trojandownloader.adload.lp   2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime14.exe                    trojan/psw.onlinegames.ggo   2007-10-12 下午 02:42:05 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime15.exe                    trojan/psw.gamepass.aamt     2007-10-12 下午 02:42:06 已删除        
http://bbs.kafan.cn/attachment.php?aid=138643->conime16.exe                    trojandownloader.adload.lp   2007-10-12 下午 02:42:06 已删除

mofunzone

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\ysyupdate.rar'
C:\Users\morgan\Documents\
  ysyupdate.rar
  ysyupdate.rar:Zone.Identifier
    [0] Archive type: RAR
    --> conime17.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.eat
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime1.exe
        [DETECTION] Is the Trojan horse TR/Dropper.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime2.exe
        [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime3.exe
        [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime4.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dbw
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime5.exe
        [DETECTION] Is the Trojan horse TR/Dropper.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime7.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dxy.2
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime6.exe
        [DETECTION] Is the Trojan horse TR/Dropper.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime8.exe
        [DETECTION] Is the Trojan horse TR/Dropper.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime9.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime10.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime11.exe
        [DETECTION] Is the Trojan horse TR/PSW.Wow.YM.2
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime12.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dxz.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime13.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dxq
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime14.exe
        [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime15.exe
        [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> conime16.exe
        [DETECTION] Is the Trojan horse TR/PSW.Wow.YM.2
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      The file was deleted!


End of the scan: 2007年10月11日  23:49
Used time: 00:05 min

The scan has been done completely.

      0 Scanning directories
     20 Files were scanned
     18 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
     18 Warnings
      0 Notes

The EQs

C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime17.exe - probably a variant of Win32/TrojanDownloader.Flux trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime.exe - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime1.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime2.exe - Win32/AutoRun.BH worm
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime4.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime5.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime7.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime6.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime8.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime9.exe - Win32/PSW.OnLineGames.DXP trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime12.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime13.exe - Win32/PSW.OnLineGames.DXQ trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime14.exe - Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime15.exe - probably unknown NewHeur_PE virus
C:\Documents and Settings\Don johnson\桌面\ysyupdate.rar » RAR » conime16.exe - Win32/PSW.OnLineGames.NFK trojan

红心王子

小a 14个

2007-10-12        14:53:10        1192171990        Administrator        3680        Sign of "Win32:Agent-LWQ [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime17.exe\[NsPack]\[Embedded#04010]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Delf-FZG [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime2.exe\[UPX]\[Embedded#060f8]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime4.exe\[UPX]\[Embedded#2060]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime5.exe\[UPX]\[Embedded#2060]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime7.exe\[UPX]\[Embedded#1e60]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime6.exe\[UPX]\[Embedded#2060]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Onlinegames-BBU [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime8.exe\[UPX]\[Embedded#1e60]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Onlinegames-AUT [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime9.exe\[Upack]\[Embedded#5090]\[Upack]" file.  
2007-10-12        14:53:13        1192171993        Administrator        3680        Sign of "Win32:Onlinegames-BBH [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime10.exe\[Upack]\[Embedded#5090]\[Upack]" file.  
2007-10-12        14:53:14        1192171994        Administrator        3680        Sign of "Win32:Onlinegames-BEG [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime11.exe\[Upack]\[Embedded#5090]\[Upack]" file.  
2007-10-12        14:53:14        1192171994        Administrator        3680        Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime12.exe\[UPX]\[Embedded#1e60]" file.  
2007-10-12        14:53:14        1192171994        Administrator        3680        Sign of "Win32:Onlinegames-BBH [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime13.exe\[Upack]\[Embedded#5090]\[Upack]" file.  
2007-10-12        14:53:14        1192171994        Administrator        3680        Sign of "Win32:Onlinegames-ALS [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime14.exe\[ASPack]\[Embedded#ABCDE]" file.  
2007-10-12        14:53:14        1192171994        Administrator        3680        Sign of "Win32:Onlinegames-AUU [Trj]" has been found in "D:\Downloads\ysyupdate.rar\conime16.exe\[Upack]\[Embedded#5090]\[Upack]" file.

wangjay1980

deleted: virus Worm.Win32.Downloader.b        File: C:\Documents and Settings\Owner\×ÀÃæ\ysydown.rar/ysydown.exe//PE_Patch//UPack

wangjay1980

17
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime17.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxx        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eyu        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime1.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.QQPass.agr        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime2.exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dbw        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime4.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dok        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime5.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxy        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime7.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.doj        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime6.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Proxy.Win32.Pixoliz.lk        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime8.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime9.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eqy        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime10.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime11.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxz        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime12.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime13.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.czg        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime14.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.Lmir.bnl        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime15.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\ysyupdate.rar/conime16.exe

yu88480

5楼的看不懂，你发的那是什么啊？是我发的那个网站的源码吗？解释下！

[ 本帖最后由 yu88480 于 2007-10-12 16:40 编辑 ]

a256886572008

就是source code

但，我只抓到1隻！

這隻就會下載18隻

29159011

用IE7进，没反应，弹出加载项提示，运行加载项，没反应