已经弄明白了，请版主删贴

颜正强

往事不諫 发表于 29.5.2013 15:09
等图 windows误报的概率很高 自己也是个筛子

知识浅薄，见笑了

燕雀鸿鹄

现在网页挂马，太难了。

颜正强

这是这个病毒说明：
http://www.microsoft.com/securit ... %3AJS%2FIframeRef.K

Malware Protection Center

Home > Learn more about malware > Research Trojan:JS/IframeRef.K   
  
Trojan:JS/IframeRef.K (?)

Encyclopedia entry
Updated: Mar 27, 2013  |  Published: Mar 15, 2013

Aliases


Mal/Iframe-AL (Sophos)
Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.145.1905.0
Released: Mar 15, 2013  


--------------------------------------------------------------------------------

On this page
Summary|Symptoms|Technical Information|Prevention|Recovery




--------------------------------------------------------------------------------


Summary
Trojan:JS/IframeRef.K is a specially formed IFrame that links out to another website that contains other malware.

An IFrame is an HTML document that is embedded in another HTML document.


Top

--------------------------------------------------------------------------------


Symptoms
There are no common symptoms associated with this threat - links are activated within IFrames while viewing web content on maliciously modified pages. Alert notifications from installed antivirus software may be the only symptoms.


Top

--------------------------------------------------------------------------------


Technical Information (Analysis)
Trojan:JS/IframeRef.K is a specially formed IFrame tag that points to websites containing malicious content, for example malicious JavaScript that exploits a specific vulnerability.

In the wild , Trojant:JS/IframeRef.K redirects browsers to certain URLs in the following servers:

•129.121.133.150
•149.47.243.178
•157.14.29.12
•173.233.134.145
•178.73.226.20
•193.235.141.4
•199.204.209.178
•209.126.248.211
•64.247.184.248
•65.39.246.9
•65.75.175.62
•69.89.4.114
•69.90.113.92
•80.248.238.222
These servers cannot be reached as of this writing.

Analysis by Horea Coroiu


Top

--------------------------------------------------------------------------------


Prevention
Take these steps to help prevent infection on your computer.


Top

--------------------------------------------------------------------------------


Recovery
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

•Microsoft Security Essentials or, for Windows 8, Windows Defender
•Microsoft Safety Scanner

Top  
   

   
Provide feedback

往事不諫

刚刚看了说明 其实不是病毒 只是风险程序而已 而且我觉得和视频flash什么的完全无关 估计你点到广告了

颜正强

往事不諫 发表于 29.5.2013 15:37
刚刚看了说明 其实不是病毒 只是风险程序而已 而且我觉得和视频flash什么的完全无关 估计你点到广告了 ...

谢谢
这次是没看到flash，我还整页翻了下，没有flash
也没有点广告

微软病毒说明说病毒警告等级是严重

往事不諫

颜正强 发表于 29.5.2013 14:42
谢谢
这次是没看到flash，我还整页翻了下，没有flash
也没有点广告

js腳本 位置是IE緩存 沒多大的事 因為緩存會定期刪 而且也是常見木馬 也沒激活
關於嚴重等級 這個是利用微軟漏洞的 所以等級是嚴重 沒辦法漏洞太多 除了殺毒 lz每天讓windows打補丁就好了

颜正强

往事不諫 发表于 29.5.2013 15:49
js腳本 位置是IE緩存 沒多大的事 因為緩存會定期刪 而且也是常見木馬 也沒激活
關於嚴重等級 這個是利用 ...

多谢解释和建议
我会去试试的
真贴心，谢谢mm

往事不諫

颜正强 发表于 29.5.2013 14:52
多谢解释和建议
我会去试试的
真贴心，谢谢mm

開著自動更新就好了 或者覺得有風險的網頁就用ios系統的終端看

颜正强

往事不諫 发表于 29.5.2013 15:56
開著自動更新就好了 或者覺得有風險的網頁就用ios系統的終端看

我电脑只有windows的，木有ios的
嗯，自动更新看来是必须的

往事不諫

颜正强 发表于 29.5.2013 15:00
我电脑只有windows的，木有ios的
嗯，自动更新看来是必须的

難得你平時不更新？