| View previous topic :: View next topic |
| Author |
Message |
malwaremanmal
Cadet
Joined: Mar 15, 2007
Posts: 8
|
 Posted: Sat Mar 31, 2007 7:00 pm Post subject: Malwaremanmal Links 03-31-2007 |
|
|
"...Wow wasn't that bad..."
| Quote: | h-ttp://www.any-video-converter.com/any-video-converter.exe
h-ttp://www.bigorangecouch.com/modules/news/images/mensagem.scr
h-ttp://dvdsvideos.net/download/dvdsvideos1186.exe
h-ttp://www.playmore.biz/SUpdate.exe
h-ttp://www.playmore.biz/pop/tialla.exe
h-ttp://www.preferiti-windows.com/engine/Epson-Stylus.exe
h-ttp://www.preferiti-windows.com/engine/FotoPorno.exe
h-ttp://www.preferiti-windows.com/LinkShare.exe
h-ttp://www.preferiti-windows.com/engine/PrefWin.exe
h-ttp://www.sfonditalia.biz/dialers/1684/AUTO_1684_N.exe
h-ttp://www.sgrunt.biz/dialere.exe
h-ttp://www.sgrunt.biz/uninstall/uninstall.exe
h-ttp://www.jtreeproperties.com/loader/loader.exe
h-ttp://www.jtreeproperties.com/loader/zar.exe
h-ttp://55880.cn/template/basic/gg.exe
h-ttp://55880.cn/template/basic/gm.exe
h-ttp://55880.cn/template/basic/sj.exe
h-ttp://www.f0.com.cn/kaili.exe
h-ttp://sky.cn3721.org/skydown.exe
h-ttp://a001.cn3721.org/a001.exe
h-ttp://a003.cn3721.org/a001.exe
h-ttp://a001.cn3721.org/a002.exe
h-ttp://a002.cn3721.org/a002.exe
h-ttp://a003.cn3721.org/a002.exe
h-ttp://a001.cn3721.org/a003.exe
h-ttp://a003.cn3721.org/a003.exe
h-ttp://a001.cn3721.org/kill.exe
h-ttp://a003.cn3721.org/kill.exe
h-ttp://www.6828teacup.com/bbs/ro.exe
h-ttp://www.6828teacup.com/randvr/ro.exe
h-ttp://www.aaa-livedoor.net/ro-navi/yan.exe
h-ttp://www.acyberhome.com/link/server.exe
h-ttp://www.chinacainiao.org/test.exe
h-ttp://www.cityhokkai.com/games/look.exe
h-ttp://www.cityhokkai.com/games/server.exe
h-ttp://www.cityhokkai.com/links/look.exe
h-ttp://www.cityhokkai.com/links/server.exe
h-ttp://www.conecojp.net/online/jpt1.exe
h-ttp://www.geocitylinks.com/links/server.exe
h-ttp://www.grandchasse.com/caink/laot1.exe
h-ttp://www.cityhokkai.com/links/look.exe
h-ttp://www.fanavier.net/games/server.exe
h-ttp://www.ffxiforums.net/1.exe
h-ttp://www.game-fc2blog.com/bink/t1.exe
h-ttp://www.game-fc2blog.com/bink/t2.exe
h-ttp://www.game-fc2blog.com/nairmt/ro.exe
h-ttp://www.game-fc2blog.com/guiink/xiaro.exe
h-ttp://www.gameurdr.com/bink/t1.exe
h-ttp://www.gameurdr.com/bink/t2.exe
h-ttp://www.gameurdr.com/caink/t1.exe
h-ttp://www.gameurdr.com/caink/laot1.exe
h-ttp://www.gameurdr.com/nairmt/ro.exe
h-ttp://www.geocitylinks.com/links/server.exe
h-ttp://www.getamped-garm.com/guiink/xiaro.exe
h-ttp://www.goodclup.com/41516-1/tt.exe
h-ttp://www.goodclup.com/caiink/laot1.exe
h-ttp://www.goodclup.com/caiink/t1.exe
h-ttp://www.goodclup.com/canlink/canro.exe
h-ttp://www.goodclup.com/guilink/xiaro.exe
h-ttp://www.goodclup.com/hei/ro.exe
h-ttp://www.goodclup.com/juanlink/ro.exe
h-ttp://www.jprmthome.com/yan.exe
h-ttp://www.k5dionne.com/randvr/ro.exe
h-ttp://www.k5dionne.com/sanbbs/ro.exe
h-ttp://www.kaukoo.com/dvd/104.scr
h-ttp://www.kingbaba.cc/ma/up.exe
h-ttp://www.korunowish.com/livedoor/svch.exe
h-ttp://www.kuronowish.net/links/server.exe
h-ttp://www.lineagecojp.com/ro/ro.exe
h-ttp://www.lineagecojp.com/t1/t1.exe
h-ttp://www.lineagecojp.com/tt2/tt2.exe
h-ttp://www.lineinfo-jp.com/imgz/bing.exe
h-ttp://www.lingage.com/asp100.exe
h-ttp://www.livedoor1.com/blogk2/naizi.exe
h-ttp://www.livedoor1.com/blogk2/t2.exe
h-ttp://www.livedoor1.com/Grav/ro.exe
h-ttp://www.macauca.org.mo/images/msn.exe
h-ttp://www.maplestorfy.com/guselok/a21.exe
h-ttp://www.mbspro6uic.com/hutoubbs/msn.exe
h-ttp://www.mbspro6uic.com/hutoubbs/ro.exe
h-ttp://www.mbspro6uic.com/shuibbs/msn.exe
h-ttp://www.mbspro6uic.com/shuibbs/ro.exe
h-ttp://www.playsese.com/bbs/ro.exe
h-ttp://www.playsese.com/fang/riben.exe
h-ttp://www.potohihi.com/lina/jp.ex
h-ttp://www.ptxk.com/goldpig/jp/baby.exe
h-ttp://www.ragnarok-bbs.com/links/server.exe
h-ttp://www.ragnarok-sara.com/bbs/dsgdfhr.exe
h-ttp://www.ragnaroklink.com/game/server.exe
h-ttp://www.ragnarokonline1.com/rb.exe
h-ttp://www.ragnarox.mobi/bbs/svch.exe
h-ttp://www.ro-bot.net/10657/yan.exe
h-ttp://www.ro-bot.net/ro-navi/yan.exe
h-ttp://www.rogamesline.com/lineage/lin.exe
h-ttp://www.rokonline-jp.com/blog/svch.exe
h-ttp://www.shoopivdoor.com/fczdun/ro.exe
h-ttp://www.toyshop.com.tw/images/t1.exe
h-ttp://www.watcheimpress.com/links/server.exe
h-ttp://www.lovetw.webnow.biz/can/ro.exe
h-ttp://www.lovetw.webnow.biz/Grav/t1.exe
h-ttp://www.lovetw.webnow.biz/heirun/ro.exe
h-ttp://www.lovetw.webnow.biz/jpcetou/ro.exe
h-ttp://www.lovetw.webnow.biz/jpcetou/t1.exe
h-ttp://www.lovetw.webnow.biz/jpcetou/t2.exe
h-ttp://www.lovetw.webnow.biz/liang/ro.exe
h-ttp://www.lovetw.webnow.biz/liang/xia.exe
h-ttp://www.lovetw.webnow.biz/liyou/ro.exe
h-ttp://www.lovetw.webnow.biz/lizhi/jpt1.exe
h-ttp://www.lovetw.webnow.biz/lizhi/jpt2.exe
h-ttp://www.lovetw.webnow.biz/lizhi/ro.exe
h-ttp://www.lovetw.webnow.biz/lizhi/msn.exe
h-ttp://www.lovetw.webnow.biz/psm-h00x/jpt1.exe
h-ttp://www.lovetw.webnow.biz/psm-h00x/xia.exe
h-ttp://www.lovetw.webnow.biz/rmt/t1.exe
h-ttp://www.lovetw.webnow.biz/ro/ro.exe
h-ttp://www.lovetw.webnow.biz/sigui/t2.exe
h-ttp://www.yahoo-gamebbs.com/8784541/link.exe
h-ttp://www.yahoo-gamebbs.com/livedoor/svch.exe
h-ttp://www.youshini.com/jp/photo1.exe
h-ttp://www.zhangweijp.com/tmsn/tmsn.exe
h-ttp://www.zhangweijp.com/tro/tro.exe
h-ttp://www.zhangweijp.com/t1/t1.exe
h-ttp://www.zhangweijp.com/tt2/tt2.exe |
|
|
| Back to top |
|
 |
SpannerITWks
Sergeant
Joined: Dec 15, 2006
Posts: 91
Location: Uk
|
| Posted: Sat Mar 31, 2007 10:11 pm Post subject: |
|
|
Hi, appreciate the links, you are busy lol. There are a lot of repeat files included though ! Any chance you could narrow it down in future ?
Thanx,
Spanner
_________________
Stay Safe - BOClean AntiMalware -
|
|
| Back to top |
|
|
loritz
Cadet
Joined: Apr 05, 2007
Posts: 2
Location: USA
|
| Posted: Thu Apr 05, 2007 4:41 am Post subject: |
|
|
Can anyone tell me what "h-ttp://www.ffxiforums.net/1.exe" does?
I accidentally clicked this link from another forum and it redirected me to a YTDM site. I do not believe I downloaded anything and my McAfee virus scanner does not pick up anything. However, I am feeling rather paranoid.
Any responses would be greatly appreciated! Thanks.
|
|
| Back to top |
|
|
dah145
MIRT Hunter
Premium Member
Joined: Feb 22, 2007
Posts: 24
Location: Costarica
|
| Posted: Thu Apr 05, 2007 5:18 am Post subject: |
|
|
| loritz wrote: | Can anyone tell me what "h-ttp://www.ffxiforums.net/1.exe" does?
I accidentally clicked this link from another forum and it redirected me to a YTDM site. I do not believe I downloaded anything and my McAfee virus scanner does not pick up anything. However, I am feeling rather paranoid.
Any responses would be greatly appreciated! Thanks. |
Kaspersky detected: Trojan-PSW.Win32.WOW.qk as you can see it is trojan, don't execute it!
|
|
| Back to top |
|
|
loritz
Cadet
Joined: Apr 05, 2007
Posts: 2
Location: USA
|
| Posted: Thu Apr 05, 2007 5:43 am Post subject: |
|
|
| dah145 wrote: | | loritz wrote: | Can anyone tell me what "h-ttp://www.ffxiforums.net/1.exe" does?
I accidentally clicked this link from another forum and it redirected me to a YTDM site. I do not believe I downloaded anything and my McAfee virus scanner does not pick up anything. However, I am feeling rather paranoid.
Any responses would be greatly appreciated! Thanks. |
Kaspersky detected: Trojan-PSW.Win32.WOW.qk as you can see it is trojan, don't execute it! |
Thank you for your quick response.
I have not executed anything. I visited the link and I was redirected to another site. I closed the window immediately after that. I use firefox and I believe my pop up blocker blocked something. I do not believe I downloaded any executable file.
I've ran McAfee twice now and it has not picked up any threats. Could it be possible that I wasn't infected? Or is it possible that McAfee cannot detect it?
|
|
| Back to top |
|
|
nosirrah
Security Expert
Special Response Team
Joined: Apr 19, 2006
Posts: 6301
Location: USA
|
| Posted: Thu Apr 05, 2007 1:24 pm Post subject: |
|
|
Let me test this thing and both get a list of files to look for and check to see how bad the infection is .
|
|
| Back to top |
|
|
nosirrah
Security Expert
Special Response Team
Joined: Apr 19, 2006
Posts: 6301
Location: USA
|
| Posted: Thu Apr 05, 2007 2:59 pm Post subject: |
|
|
That link is down now but the site did try to infect my test box with some kind of .pif file .
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
