查看: 3962|回复: 11
收起左侧

[已鉴定] ========================3个可疑网站===========================

 关闭 [复制链接]
lanvin
发表于 2008-7-27 18:51:24 | 显示全部楼层 |阅读模式
hxxp://www.jsahvc.edu.cn/xsk/index.asp
hxxp://v.freefl.info/f/ilink.html
hxxp://games.enet.com.cn/download/D1020031119002.html

感谢百战百胜友情提供
kkgh
发表于 2008-7-27 19:03:17 | 显示全部楼层
费尔全部拦截
huai168an
发表于 2008-7-27 19:12:14 | 显示全部楼层
第一个
22.jpg

第二个无法打开

第三个
23.jpg

第一和第三就是UUSE和微软的access的漏洞溢出攻击

[ 本帖最后由 huai168an 于 2008-7-27 19:14 编辑 ]
ck893210
发表于 2008-7-27 19:42:01 | 显示全部楼层
[oo]
t1=20080723
e1=http://www.intaroo.net/sa01.exe
t2=20080723
e2=http://www.intaroo.net/sa02.exe
t3=20080723
e3=http://www.intaroo.net/sa03.exe
t4=20080723
e4=http://www.intaroo.net/sa04.exe
t5=20080723
e5=http://www.intaroo.net/sa05.exe
t6=20080723
e6=http://www.intaroo.net/sa06.exe
t7=20080723
e7=http://www.intaroo.net/sa07.exe
t8=20080723
e8=http://www.intaroo.net/sa08.exe
t9=20080723
e9=http://www.intaroo.net/sa09.exe
t10=20080723
e10=http://www.intaroo.net/sa10.exe
t11=20080723
e11=http://www.intaroo.net/sa11.exe
t12=20080723
e12=http://www.intaroo.net/sa12.exe
t13=20080723
e13=http://www.intaroo.net/sa13.exe
t14=20080723
e14=http://www.intaroo.net/sa14.exe
t15=20080723
e15=http://www.intaroo.net/sa15.exe
t16=20080723
e16=http://www.intaroo.net/sa16.exe
t17=20080723
e17=http://www.intaroo.net/sa17.exe
t18=20080723
e18=http://www.intaroo.net/sa18.exe
t19=20080723
e19=http://www.intaroo.net/sa19.exe
t20=20080723
e20=http://www.intaroo.net/sa20.exe
t21=20080723
e21=http://www.intaroo.net/sa21.exe
t22=20080723
e22=http://www.intaroo.net/sa22.exe
t23=20080723
e23=http://www.intaroo.net/sa23.exe
t24=20080723
e24=http://www.intaroo.net/sa24.exe
t25=20080723
e25=http://www.intaroo.net/sa25.exe
t26=20080723
e26=http://www.intaroo.net/sa26.exe
t27=20080723
e27=http://www.intaroo.net/sa27.exe
t28=20080723
e28=http://www.intaroo.net/sa28.exe
t29=20080723
e29=http://www.intaroo.net/sa29.exe
t30=20080723
e30=http://www.intaroo.net/sa30.exe
t31=20080723
e31=http://www.intaroo.net/mz.exe
BING126
头像被屏蔽
发表于 2008-7-27 20:00:58 | 显示全部楼层
McAfee监控报了第二个地址  JS/Exploit-BO
lsyer
发表于 2008-7-27 20:01:07 | 显示全部楼层

回复 6楼 ck893210 的帖子

C:\Documents and Settings\Administrator\桌面\jss02.exe
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/Agent.vro Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss03.exe'
C:\Documents and Settings\Administrator\桌面\jss03.exe
      [DETECTION] Is the TR/PSW.Online.Osh.2 Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss04.exe'
C:\Documents and Settings\Administrator\桌面\jss04.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss05.exe'
C:\Documents and Settings\Administrator\桌面\jss05.exe
      [DETECTION] Is the TR/PSW.Online.bin Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss06.exe'
C:\Documents and Settings\Administrator\桌面\jss06.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss09.exe'
C:\Documents and Settings\Administrator\桌面\jss09.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss08.exe'
C:\Documents and Settings\Administrator\桌面\jss08.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss01.exe'
C:\Documents and Settings\Administrator\桌面\jss01.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss07.exe'
C:\Documents and Settings\Administrator\桌面\jss07.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss10.exe'
C:\Documents and Settings\Administrator\桌面\jss10.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss11.exe'
C:\Documents and Settings\Administrator\桌面\jss11.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss12.exe'
C:\Documents and Settings\Administrator\桌面\jss12.exe
      [DETECTION] Is the TR/PSW.OnLineGa.aqq Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss13.exe'
C:\Documents and Settings\Administrator\桌面\jss13.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss14.exe'
C:\Documents and Settings\Administrator\桌面\jss14.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss15.exe'
C:\Documents and Settings\Administrator\桌面\jss15.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss16.exe'
C:\Documents and Settings\Administrator\桌面\jss16.exe
      [DETECTION] Is the TR/PSW.OnLin.aklo.2 Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss17.exe'
C:\Documents and Settings\Administrator\桌面\jss17.exe
      [DETECTION] Is the TR/Spy.Agent.dhh Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss18.exe'
C:\Documents and Settings\Administrator\桌面\jss18.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss19.exe'
C:\Documents and Settings\Administrator\桌面\jss19.exe
      [DETECTION] Is the TR/PSW.OnL.BJ.24576 Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss20.exe'
C:\Documents and Settings\Administrator\桌面\jss20.exe
    [DETECTION] Is the TR/PSW.OnlineGames.YYE.8 Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss21.exe'
C:\Documents and Settings\Administrator\桌面\jss21.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss22.exe'
C:\Documents and Settings\Administrator\桌面\jss22.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss23.exe'
C:\Documents and Settings\Administrator\桌面\jss23.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss24.exe'
C:\Documents and Settings\Administrator\桌面\jss24.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss25.exe'
C:\Documents and Settings\Administrator\桌面\jss25.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss26.exe'
C:\Documents and Settings\Administrator\桌面\jss26.exe
      [DETECTION] Is the TR/PSW.OnL.BJ.24576 Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss27.exe'
C:\Documents and Settings\Administrator\桌面\jss27.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss28.exe'
C:\Documents and Settings\Administrator\桌面\jss28.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss29.exe'
C:\Documents and Settings\Administrator\桌面\jss29.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss30.exe'
C:\Documents and Settings\Administrator\桌面\jss30.exe
      [DETECTION] Is the TR/PSW.Online.tdy Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss31.exe'
C:\Documents and Settings\Administrator\桌面\jss31.exe
    [DETECTION] Is the TR/ATRAPS.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss32.exe'
C:\Documents and Settings\Administrator\桌面\jss32.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss33.exe'
C:\Documents and Settings\Administrator\桌面\jss33.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss34.exe'
C:\Documents and Settings\Administrator\桌面\jss34.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\jss35.exe'
C:\Documents and Settings\Administrator\桌面\jss35.exe
      [DETECTION] Is the TR/Undef.I Trojan
    [NOTE]      The file was deleted!
wangjay1980
发表于 2008-7-27 21:42:46 | 显示全部楼层
老东西
woai_jolin
发表于 2008-7-28 01:11:12 | 显示全部楼层
2008-7-28 1:10:59        Kernel        File  'G:\v\sw.exe' was sent to ESET for analysis.
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-15 10:35 , Processed in 0.149081 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表