瑞星卡卡安全论坛

访问地址：http://shguangcai.cn/tt/5.htm
访问网页的进程："D:\program files\Tencent\TT\bin\TTraveler.exe"
病毒名称：Suspicious.ShellCode.Exploit

和

访问地址：http://shguangcai.cn/tt/0.htm
访问网页的进程："D:\program files\Tencent\TT\bin\TTraveler.exe"
病毒名称：Suspicious.Trojan-Downloader.Unescape.ShellCode.b


请问怎么解决，谢谢！




用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; CIBA)

请问问题出在哪里，是本地机器，还是服务器？

http://www.kztechs.com/sreng/download.html下载sreng
运行它，智能扫描——保存日志——以附件形式上传

压缩D:\program files\Tencent\TT\bin\TTraveler.exe
发上来
没事这个网站被挂马
别的可以访问
就是别访问

http://shguangcai.cn/tt/XXXXXXX.htm
好像是USP10.DLL

据我测试
都带毒

这个被挂马的网站是我的网站，我怎样才能把这个网站恢复正常，谢谢！

是自己的服务器还是别人的？
http://shguangcai.cn/tt/
管理找到你网站的这个路径
然后没用的XXX.htm删除之

先谢谢你的回复！
请问以附件形式上传是什么意思，是上传到服务器上面吗？具体在哪个文件夹下？

回复，是租用EDONG的空间

上传到这论坛（中毒的机子的日志）

那进入管理把http://shguangcai.cn/tt/里没用的东西删了

我网站的域名是qpvv.com,我有最新版瑞星杀过本地机器，但没发现有毒，但访问qpvv.com瑞星就跳出以上两段提示

得找那网页代码

那网页代码后台下载其他地方的病毒文件

并不是病毒文件存在与你那网页内

所以杀毒是没用的

至于代码是什么，我不会:default3:

自动跳出来







2009-01-31 11:01:06 http://shguangcai.cn/tt/5.htm Internet Explorer 拒绝: HEUR:Exploit.Script.Generic 
2009-01-31 11:01:06 http://shguangcai.cn/tt/5.htm Internet Explorer 检测到威胁: HEUR:Exploit.Script.Generic 
2009-01-31 11:00:43 http://qpvv.com/images/upfile/2006112613053137562.gif Internet Explorer 良好 
2009-01-31 11:00:43 http://qpvv.com/images/upfile/2006112610515166896.gif Internet Explorer 良好 
2009-01-31 11:00:43 http://qpvv.com/ Internet Explorer 良好 
2009-01-31 11:00:42 http://qpvv.com/images/upfile/2006120112343144149.gif Internet Explorer 良好 
2009-01-31 11:00:42 http://qpvv.com/images/upfile/2006112910145345280.gif Internet Explorer 良好 
2009-01-31 11:00:42 http://qpvv.com/images/upfile/2006112612353158421.gif Internet Explorer 良好 
2009-01-31 11:00:42 http://qpvv.com/images/upfile/2006120113021413715.gif Internet Explorer 良好 
2009-01-31 11:00:42 http://qpvv.com/images/upfile/2006120112080831281.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112616121259913.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112611531429382.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112611473068913.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112612005841820.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112612085817076.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112612230139515.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112612510294065.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112612155626972.gif Internet Explorer 良好 
2009-01-31 11:00:41 http://qpvv.com/images/upfile/2006112612280933919.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112612400354759.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112612555887392.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112616042616268.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006120517015747086.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112615491781966.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112615435483009.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112614360459674.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613115830846.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613294144084.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613345854216.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613453217486.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613420561661.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613594156085.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112613533950552.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112614160244764.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112616232665932.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112614314420600.gif Internet Explorer 良好 
2009-01-31 11:00:40 http://qpvv.com/images/upfile/2006112818483521440.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616184779350.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112814202530868.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616395439378.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616345672775.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616532139404.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616450294998.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006123010044883679.jpg Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616502762628.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112616564683169.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112617215288133.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112617251172620.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2007010914412342932.jpg Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112617285613498.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006120612253359466.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006120612295336666.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112814365933340.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2007012411120549759.jpg Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006112816320648818.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2007011709591812939.jpg Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2006120112195673621.gif Internet Explorer 良好 
2009-01-31 11:00:38 http://qpvv.com/images/upfile/2007020715024977253.jpg Internet Explorer 良好 
2009-01-31 11:00:38 http://activex.microsoft.com/objects/ocget.dll Internet Explorer 良好 
2009-01-31 11:00:37 [url=http://qpvv.com/[5]http://qpvv.com/[5[/url]] Internet Explorer 良好 
2009-01-31 11:00:37 [url=http://qpvv.com/[4]http://qpvv.com/[4[/url]] Internet Explorer 良好 
2009-01-31 11:00:37 [url=http://qpvv.com/[3]http://qpvv.com/[3[/url]] Internet Explorer 良好 
2009-01-31 11:00:37 [url=http://qpvv.com/[2]http://qpvv.com/[2[/url]] Internet Explorer 良好 
2009-01-31 11:00:37 [url=http://qpvv.com/[1]http://qpvv.com/[1[/url]] Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2006120612295336666.gif Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2006123010044883679.jpg Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2007010914412342932.jpg Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2007011709591812939.jpg Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2007012411120549759.jpg Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2007020715024977253.jpg Internet Explorer 良好 
2009-01-31 11:00:37 http://shguangcai.cn/tt/5.htm Internet Explorer 良好 
2009-01-31 11:00:37 http://qpvv.com/images/upfile/2006121811043561473.jpg Internet Explorer 良好 
2009-01-31 11:00:36 [url=http://qpvv.com/[4]http://qpvv.com/[4[/url]] Internet Explorer 良好 
2009-01-31 11:00:36 [url=http://qpvv.com/[3]http://qpvv.com/[3[/url]] Internet Explorer 良好 
2009-01-31 11:00:36 [url=http://qpvv.com/[2]http://qpvv.com/[2[/url]] Internet Explorer 良好 
2009-01-31 11:00:36 [url=http://qpvv.com/[1]http://qpvv.com/[1[/url]] Internet Explorer 良好 
2009-01-31 11:00:36 http://qpvv.com/images/upfile/2006121811043561473.jpg Internet Explorer 良好 
2009-01-31 11:00:36 http://shguangcai.cn/tt/office.htm Internet Explorer 良好 
2009-01-31 11:00:35 http://shguangcai.cn/tt/WIN%2010,0,12,36i.swf Internet Explorer 良好 
2009-01-31 11:00:35 [url=http://qpvv.com/[1]http://qpvv.com/[1[/url]] Internet Explorer 良好 
2009-01-31 11:00:35 [url=http://qpvv.com/[1]http://qpvv.com/[1[/url]] Internet Explorer 良好 
2009-01-31 11:00:35 [url=http://qpvv.com/[1]http://qpvv.com/[1[/url]] Internet Explorer 良好 
2009-01-31 11:00:35 http://qpvv.com/ Internet Explorer 良好 
2009-01-31 11:00:34 http://qpvv.com/images/upfile/2006122515021158257.gif Internet Explorer 良好 
2009-01-31 11:00:34 [url=http://qpvv.com/[2]http://qpvv.com/[2[/url]] Internet Explorer 良好 
2009-01-31 11:00:34 http://qpvv.com/images/upfile/2006121311253490758.gif Internet Explorer 良好 
2009-01-31 11:00:34 http://qpvv.com/images/upfile/2007011510411329828.gif Internet Explorer 良好 
2009-01-31 11:00:34 http://qpvv.com/images/upfile/2006122514555828009.gif Internet Explorer 良好 
2009-01-31 11:00:34 http://qpvv.com/images/upfile/2007030620433084231.jpg Internet Explorer 良好 
2009-01-31 11:00:34 [url=http://qpvv.com/[7]http://qpvv.com/[7[/url]] Internet Explorer 良好 
2009-01-31 11:00:34 http://js.tongji.cn.yahoo.com/806392/ystat.js Internet Explorer 良好 
2009-01-31 11:00:34 http://qpvv.com/images/bj.gif Internet Explorer 良好 
2009-01-31 11:00:33 [url=http://qpvv.com/[6]http://qpvv.com/[6[/url]] Internet Explorer 良好 
2009-01-31 11:00:33 [url=http://qpvv.com/[5]http://qpvv.com/[5[/url]] Internet Explorer 良好 
2009-01-31 11:00:33 [url=http://qpvv.com/[4]http://qpvv.com/[4[/url]] Internet Explorer 良好 
2009-01-31 11:00:33 [url=http://qpvv.com/[3]http://qpvv.com/[3[/url]] Internet Explorer 良好 
2009-01-31 11:00:33 http://qpvv.com/popmenu.js Internet Explorer 良好 
2009-01-31 11:00:33 http://qpvv.com/images/upfile/2006112004043390289.gif Internet Explorer 良好 
2009-01-31 11:00:33 [url=http://qpvv.com/[2]http://qpvv.com/[2[/url]] Internet Explorer 良好 
2009-01-31 11:00:33 http://qpvv.com/images/index.css Internet Explorer 良好 
2009-01-31 11:00:31 http://activex.microsoft.com/objects/ocget.dll Internet Explorer 良好 
2009-01-31 11:00:31 http://shguangcai.cn/tt/WIN%2010,0,12,36i.swf Internet Explorer 良好

网站是你的那 应该有管理员了
不用扫sreng日志

我们的管理员就是EDONG，一般的技术问题问他们，但他们这次说服务器正常，好象也没什么办法，所以来这儿请教了

我现在想知道的是我应该怎么办，具体怎么做？谢谢各位高手！！！

你让管理访问下 http://shguangcai.cn/tt/5.htm

我刚才看了那个源代码
MS也正常
这里的懂代码的很少:kaka6:
建议到一个网站维护的论坛:default8:

咋办啊？？

防问下：http://shguangcai.cn/tt/5.htm ？？

这个不是病毒网站吗？访问会不会有危险

让你的管理用杀毒软件或防火墙访问下
如果报毒他应该知道怎么办

哦，谢谢你了！！

可以试试附件清除
http://shguangcai.cn/tt/5.htm
http://shguangcai.cn/tt/5.htm

附件: 网页感染清除精灵1.1.rar

那个清除精灵怎么用，需要上传吗