此网站可使遨游瞬间崩溃！卡巴报溢出！大家分析下。

kuririn

抓到一隻 svchost.exe

29159011

那个样本
程序:
D:\客户端\YSYDOWN\YSYDOWN.EXE
木马程序生成以下文件:
1) C:\WINDOWS\SVCHOST.EXE
是否删除木马程序及其衍生物?

micetai

NIS2008 进网站就有报警
样本分别扫出1个和13个
Unresolved Threats:
W32.Dasher.G
Virus ID: 39726
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[ysydown.exe] inside of [c:\users\m\desktop\ysydown.rar] - Infected

Unresolved Threats:
Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


W32.Gammima.AG
Virus ID: 40928
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime2.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Trojan Horse
Virus ID: 25464
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime4.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime5.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime7.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime6.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime8.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime9.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime10.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime12.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime14.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime15.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected


Infostealer.Gampass
Virus ID: 40673
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
  Categories: Virus
State: Remove Failed
-----------
1 File
[conime16.exe] inside of [c:\users\m\desktop\ysyupdate.rar] - Infected

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Backdoor.Win32.Agent.yjy

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.44.42

qigang

原帖由 <i>a256886572008</i> 于 2007-10-12 14:41 发表 <a href="http://bbs.kafan.cn/redirect.php?goto=findpost&pid=1879889&ptid=142459" target="_blank"><img src="http://bbs.kafan.cn/images/common/back.gif" border="0" onclick="zoom(this)" onload="attachimg(this, 'load')" alt="" /></a><br />
下載了18隻<img src="images/smilies/default/8.gif" smilieid="8" border="0" alt="" />

<br />



瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.OnlineGames.zpn
病毒： Trojan.PSW.Win32.QQPass.ysy
病毒： Trojan.PSW.Win32.OnlineGames.ysv
病毒： Trojan.PSW.Win32.Shanda.aa
病毒： Trojan.PSW.Win32.XYOnline.lk
病毒： Trojan.PSW.Win32.Shanda.ab
病毒： Trojan.PSW.Win32.OnlineGames.zro
病毒： Trojan.PSW.Win32.OnlineGames.dxp
病毒： Trojan.PSW.Win32.LMir.ywz
病毒： Trojan.PSW.Win32.DJOnline.i
病毒： Trojan.PSW.Win32.OnlineGames.dxz
病毒： Trojan.PSW.Win32.OnlineGames.dxq
病毒： Trojan.PSW.Win32.Shanda.w
病毒： Trojan.PSW.Win32.OnlineGames.zof

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.44.42

Redevil

看图

xiaohf

偶用遨游，杀毒用微点
进去了没事
也没报毒


不用光驱从硬盘装系统详解

yu88480

26楼斑竹用遨游2难道没有崩溃退出？那我的遨游怎么1.62在网站还没完全打开就瞬间关闭了！～

xqiafl

怪事了，希望用遨游的朋友能帮我证实下，谢谢！

使用遨游, 可以拦截IFRAME.框架的.  不过,就是要自定义下子!

yu88480

原帖由 xqiafl 于 2007-10-12 21:58 发表


使用遨游, 可以拦截IFRAME.框架的.  不过,就是要自定义下子!

哦，讲详细点。