Forum Tibia.pl - Zobacz pojedynczy post - Uwaga na wirusy na forum! (Poradnik idiot-friendly)

Cashis · 21-01-2007, 20:59

Bloodhound.Exploit.56
Risk Level 1: Very Low
Discovered: December 27, 2005
Updated: February 10, 2006 02:47:15 PM ZW3
Type: Trojan Horse, Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows Server 2003, Windows XP

Note: Bloodhound.Exploit.56 is designed to identify behavior that would occur if the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability (as described in Microsoft Security Bulletin MS06-001) is exploited. As Symantec becomes aware of changes to the exploit code, or if files are identified that trigger this detection but are not malicious, the detection is refined. It is important to keep your definitions up to date to ensure the most complete protection.

Tutaj mamy strony na ktorych wykryto naszego robaczka:
[http://]h0nest.org/[REMOVED]/12***** (IP address 195.0.210.192)
[http://]kube.isa-geek.com/[REMOVED]/wen/up***** (IP address not found)
[http://]charmedmadgic.free.fr/[REMOVED]/sdbot05b.jpg (IP address 212.27.63.117)
[http://]69.50.171.122/[REMOVED]/test1.php
[http://]www.jerrynews.com/[REMOVED]/calc***** (IP address 211.100.26.169)
[http://]apperception.biz/[REMOVED]/main***** (IP address 66.226.64.19)
[http://]apperception.biz/[REMOVED]/calc***** (IP address 66.226.64.19)
[http://]sploso.com/[REMOVED]/starter2***** (IP address 72.5.54.36)
[ftp://]x.www2.ninoa.com/[REMOVED]/pub/ied***** (IP address 205.177.28.180)
[ftp://]x.www2.ninoa.com/[REMOVED]/pub/epl***** (IP address 205.177.28.180)
[http://]www.freecat.biz/[REMOVED]/tr/pawn005***** (IP address not found)
[http://]www.freecat.biz/[REMOVED]/tr/pawn002***** (IP address not found)
[http://]fullchain.net/[REMOVED]/apa/dex***** (IP address 192.225.177.21)
[http://]235.regvista.com/[REMOVED]/liveupdate***** (IP address 85.255.115.197)
[http://]fiv.bestswf.com/[REMOVED]/zob***** (IP address 62.214.98.56)
[http://]imkportedoor.com/[REMOVED]/images/ny.wmf
[http://]www.studiolacase.com/[REMOVED]/images/msits*****
[http://]123greetings.2mydns.com/[REMOVED]/up*****
hunggar.info/[REMOVED]/e*****
card.twbbs.biz/[REMOVED]/up*****
tftp â€“i 86.135.149.130 GET h1*****
[http://]luckyboy2000.go2.icpcn.com/[REMOVED]/1230*****
[http://]expl.us/[REMOVED]/web*****
[http://]expl.us/[REMOVED]/bin/file1*****
[http://]regtop.info/[REMOVED]/tur*****
[ftp://]66.235.203.27/[REMOVED]/chezz*****
[http://]bluefade.net/[REMOVED]/c*****
196.regvista.com/[REMOVED]/liveupdate*****
[http://]n.s.x.northclicks.net/[REMOVED]/ctr.jpg
[http://]www.11511.com/imgs/ad/[REMOVED]/3721/a*****
[http://]1800-search.com/[REMOVED]/as*****
[http://]warehouse.deptos.com.mx/[REMOVED]/m*****
Tutaj link, gdzie wylaczasz [IMG] na wszelki wypadek jakby ktos niewiedzial =)
http://forum.tibia.pl/profile.php?do=editoptions

Tyle o naszym exploicie =)
@topic
Dobry pomysl z tym poradnikiem, Gz. Ale czy ktos w XXI w. nie uzywa firewalli/antywirusow?

Pzdr. Ca$his.

21-01-2007, 20:59	#28
Cashis Użytkownik forum Data dołączenia: 07 01 2007 Lokacja: Katowice Posty: 7 Stan: Na Emeryturze Imię: Karderoc Ryuthidar Profesja: Sorcerer Gildia: -=brak=- Świat: Celesta Poziom: 37	Bloodhound.Exploit.56 Risk Level 1: Very Low Discovered: December 27, 2005 Updated: February 10, 2006 02:47:15 PM ZW3 Type: Trojan Horse, Worm Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows Server 2003, Windows XP Note: Bloodhound.Exploit.56 is designed to identify behavior that would occur if the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability (as described in Microsoft Security Bulletin MS06-001) is exploited. As Symantec becomes aware of changes to the exploit code, or if files are identified that trigger this detection but are not malicious, the detection is refined. It is important to keep your definitions up to date to ensure the most complete protection. Tutaj mamy strony na ktorych wykryto naszego robaczka: [http://]h0nest.org/[REMOVED]/12*** (IP address 195.0.210.192) [http://]kube.isa-geek.com/[REMOVED]/wen/up* (IP address not found) [http://]charmedmadgic.free.fr/[REMOVED]/sdbot05b.jpg (IP address 212.27.63.117) [http://]69.50.171.122/[REMOVED]/test1.php [http://]www.jerrynews.com/[REMOVED]/calc* (IP address 211.100.26.169) [http://]apperception.biz/[REMOVED]/main* (IP address 66.226.64.19) [http://]apperception.biz/[REMOVED]/calc* (IP address 66.226.64.19) [http://]sploso.com/[REMOVED]/starter2* (IP address 72.5.54.36) [ftp://]x.www2.ninoa.com/[REMOVED]/pub/ied* (IP address 205.177.28.180) [ftp://]x.www2.ninoa.com/[REMOVED]/pub/epl* (IP address 205.177.28.180) [http://]www.freecat.biz/[REMOVED]/tr/pawn005* (IP address not found) [http://]www.freecat.biz/[REMOVED]/tr/pawn002* (IP address not found) [http://]fullchain.net/[REMOVED]/apa/dex* (IP address 192.225.177.21) [http://]235.regvista.com/[REMOVED]/liveupdate* (IP address 85.255.115.197) [http://]fiv.bestswf.com/[REMOVED]/zob* (IP address 62.214.98.56) [http://]imkportedoor.com/[REMOVED]/images/ny.wmf [http://]www.studiolacase.com/[REMOVED]/images/msits* [http://]123greetings.2mydns.com/[REMOVED]/up* hunggar.info/[REMOVED]/e* card.twbbs.biz/[REMOVED]/up* tftp â€“i 86.135.149.130 GET h1* [http://]luckyboy2000.go2.icpcn.com/[REMOVED]/1230* [http://]expl.us/[REMOVED]/web* [http://]expl.us/[REMOVED]/bin/file1* [http://]regtop.info/[REMOVED]/tur* [ftp://]66.235.203.27/[REMOVED]/chezz* [http://]bluefade.net/[REMOVED]/c* 196.regvista.com/[REMOVED]/liveupdate* [http://]n.s.x.northclicks.net/[REMOVED]/ctr.jpg [http://]www.11511.com/imgs/ad/[REMOVED]/3721/a* [http://]1800-search.com/[REMOVED]/as* [http://]warehouse.deptos.com.mx/[REMOVED]/m*** Tutaj link, gdzie wylaczasz [IMG] na wszelki wypadek jakby ktos niewiedzial =) http://forum.tibia.pl/profile.php?do=editoptions Tyle o naszym exploicie =) @topic Dobry pomysl z tym poradnikiem, Gz. Ale czy ktos w XXI w. nie uzywa firewalli/antywirusow? Pzdr. Ca$his. Ostatnio edytowany przez Cashis - 21-01-2007 o 21:05.