Search Results

Search found 827 results on 34 pages for 'norton antivirus'.

Page 10/34 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • md5sum or sha1sum of legitmate microsoft system files

    - by martyvis
    Is there a database or repository of the legitimate checksums for Microsoft system files? We think we have a 0day on DNS for Windows 2003 SP2 using IRC for command and control. (Latest McAfee does not see an issue). I want to compare our customer's dns.exe and associated DLLs with the real ones. (I will grab a fresh SP2 and hotfixed system to do this, but wonder how to do this in future without needed to do this.)

    Read the article

  • What are the impacts of running VirusScan on a Linux server?

    - by alci
    I am asked in a bid for tender to assert that my software will cohabit without a problem with VirusScan (v6.0.3) under Linux. My software is a web application, running under tomcat. It can create additional JVMs (to run ETL jobs) and writes reporting files (mostly PDF and HTML) in an application directory. Are there any specific problem I should be aware of regarding VirusScan running on the server my app will run on ?

    Read the article

  • Strange ports on default install of W7

    - by Sabre
    I have a base new install of windows 7, and when I went to look for something else I saw the attached netstat output. What concerns me is that this is Windows + Truecrypt + drivers, nothing else installed. The sequential high ranged ports belonging to several different seemingly not out of place services seemed odd. So I torched the install, used Active@ to scrub the disk, re-downloaded the ISO from MSDN, and did a fresh reinstall, viola, they are there again. It just seems out of place, I have seen a many netstats over the years, this one just strikes me as odd, so I started thinking rootkit? (JUst FYI, when I reloaded I named the machine "Error" so that is why the task manager reads the computer name as such.) So I would like to know if anyone else could explain it, and therefore is may be normal, or would they be worried as well, and should I start considering I have some very strange thing occuring on my network?

    Read the article

  • What is the risk of introducing non standard image machines to a corporate environment

    - by Troy Hunt
    I’m after some feedback from those in the managed desktop or network security space on the risks of introducing machines that are not built on a standard desktop image into a large corporate environment. This particular context relates to the standard corporate image (32 bit Win XP) in a large multi-national not being suitable for a particular segment of users. In short, I’m looking at what hurdles we might come across by proposing the introduction of machines which are built and maintained by a handful of software developers and not based on the corporate desktop image (proposing 64 bit Win 7). I suspect the barriers are primarily around virus definition updates, the rollout of service packs and patches and the compatibility of existing applications with the newer OS. In terms of viruses and software updates, if machines were using common virus protection software with automated updates and using Windows Update for service packs and patches, is there still a viable risk to the corporate environment? For that matter, are large corporate environments normally vulnerable to the introduction of a machine not based on a standard image? I’m trying to get my head around how real the risk of infection and other adverse events are from machines being plugged into the network. There are multiple scenarios outside of just the example above where this might happen (i.e. a vendor plugging in a machine for internet access during a presentation). Would a large corporate network normally be sufficiently hardened against such innocuous activity? I appreciate the theory as to why policies such as standard desktop images exist, I’m just interested in the actual, practical risk and how much a network should be protected by means other than what is managed on individual PCs.

    Read the article

  • Avast not taking any action when opening a virus.

    - by ULTRA_POROV
    I just did a test with the EICAR test virus. I downloaded the file eicar.com Avast was on. If i scan the file it finds it. However if i open it no action is taken. Just nothing. nothing happens i can open it as many times as i want. This is very worrying. The new avast is starting to be a pain. I miss the old one.

    Read the article

  • How do I know if I managed to completely remove an undetected trojan?

    - by ubuntuisbetter
    I catched a trojan that uses explorer.exe to reproduce itself in case of deletion of its autostart entry or main exe file in Programs/x. It had already tried to contact a suspicious server over explorer.exe, blocked that via my firewall. I: Removed the autostart entries from the registry Looked through my services if there was anything suspicious Deleted the trojan from Programs/ Went through System Volume Information to find a 2 month old explorer.exe and replaced the possibly infected one. There are no suspicious processes running now anymore (no duplicate explorer.exe) and nothing wants to connect this trojan owners sever either. I checked my system with several anti-malware programs too. What the trojan did: Started a second explorer.exe Always when I deleted the main trojan exe file it was reproduced (by the second explorer.exe) Always when I deleted the autostart entry it was reproduced by the explorer.exe too. When I terminated the suspicious explorer.exe, which used only half as much memory as the less suspicious one from Windows, a strange thing that I know from the computers in my Informatics class happened: A window popped up in the top left of my explorer-less desktop, titled "Personal settings for ... are ..." that obviously copied some files. Then both explorer.exes started again and the trojan was everywhere again. What did the trojan actually do to get explorer to rescue it? Is my PC clean of this newish trojan now? What are the other locations I should check for the trojan? The trjoan doesn't seem very high-level, could it have changed other system files or is the autostart entry vital for it? Thanks in advance, Your trojan paranoid friend (Getting linux in a week)

    Read the article

  • Is testing every Anti-Virus definition before deployment feasible?

    - by Sim
    With the recent problems that McAfee customers have had over the last week there has been lots of opinion that not only should the AV vendors have better testing but customers should test AV signatures before deploying. Is this feasible? If you are doing this already do you take other measures to minimise exposure to malware while you are testing?

    Read the article

  • Conficker keeps coming back

    - by PHLiGHT
    I hadn't run into anyone who actually got this virus until recently when dealing with a new client that didn't believe in patching their systems and consquently have been hit with this pest. I was under the impression that if you have KB958644 installed and ran the latest malicious software removal tool that conficker would be squashed. I have several systems that are fully patched, MSRT has removed the virus yet the bugger keeps coming back. This has even happened to a file server and a Domain Controller. What am I missing here? They are running AVG which I used to recommend but I have been doubting it's effectiveness over the past year or so.

    Read the article

  • Which anti virus software for SBS 2003

    - by user24331
    Looking for Anti virus for windows SBS 2003. Read in related threads that NOD34 is a good option generally. http://serverfault.com/questions/7/what-is-the-best-enterprise-virus-scanning-system What is the best option considering we are running SBS 2003? Also interested in decent free options which support SBS 2003.

    Read the article

  • Sending email with Windows 8 Mail (Modern UI) being blocked by AVG Firewall

    - by Riaan
    I've setup my Outlook.com email address in Windows 8 Mail (Modern UI) but is unable to send and receive emails when my AVG Internet Security 2012 Business Edition's Firewall is enable. When I disable the firewall, the emails are coming through and are being send. I know that I can most probably open the ports for IMAP on the firewall, but instead I would like to permit the application. Where/how do I find the application path for Windows 8 Mail (Modern UI) to allow all network traffic? (AVG did not show its normal Allow/Disallow notification for 1st time communications) Any advice would be appreciated.

    Read the article

  • Is it safe to disable clamd?

    - by mk1000
    Clamd is taking up about 5% of my memory (2GB) on my dedicated server and I'm wondering if I can disable it without any security risks. The server just hosts a few of my own websites. For the most part, email received and sent is done through gmail (which connects to my pop3 accounts). The only other email use case is where one of my websites parses all emails and grabs attached images and the subject line. Would there be any security / risks of virus infection if I disable clamd?

    Read the article

  • What is the Your Favorite Managed Anti-Virus for a Small Workgroup (under 25 Machines)? [closed]

    - by arrocharJames
    I am a solo IT employee for a small company that has a couple of servers and 10 workstations (Windows and Mac, Macs do not run AV software). I want to centrally manage Anti-Virus for all the computers with some sort of control panel. I have been using Symantec Corporate versions for years, but the latest version (Symantec Endpoint Protection 11.x) is totally over-complicated, and aimed at enterprises with 1000s of computers. Can anyone recommend something reliable, centrally managed, and simple?

    Read the article

  • USB-based AV application that restores compromised Windows files from CD/DVD?

    - by overtherainbow
    Hello I just tried a couple of rescue disks (AVG and Kaspersky), and I was wondering if someone knew of a solution that would work like this: The AV solution boots from a USB key, and works entirely from RAM (where the latest virus DB is downloaded) The user inserts his Windows CD/DVD in the drive If any Windows file is compromised, the AV application fetches a clean version from the CD/DVD and restores it on the hard drive optionally, any compromised drive/user-land application is quarantied, and it is up to the user to reinstall those after he successfully rebooted into a restored Windows setup Have you heard of a solution like this? It seems silly to reinstall a whole Windows computer just because one or a few system files were compromised. Thank you.

    Read the article

  • Export policy configuration from eTrust ITM 8.1

    - by grub
    Currently we are using the Enterprise AV Solution eTrust ITM 8.1. The licenses are running out in october and we are going to replace eTrust with another AV solution. The eTrust Server is running on Windows Server 2003 SP2 with an MS SQL 2000 Standard Edition. The problem is that we've got many different policy - sets which we have to redefine in the new AV solution. Is there any way with eTrust ITM 8.1 to export the different policies as csv, pdf ... whatever? I really dont want to do that manually (that would mean one print screen after the other ;-) ) Thank you very much. grub

    Read the article

  • Une mise à jour de l'antivirus McAffe crée un faux positif et cause le blocage de milliers de PC sou

    Une mise à jour de l'antivirus de McAffe provoque un faux positif, Et cause le blocage de milliers de PC sous Windows XP McAffe a annoncé que la mise à jour publiée hier pour la solution VirusScan Enterprise 8.7i SP3 contenait une erreur, et recommande à ces clients de ne pas l'installer. [IMG]http://djug.developpez.com/rsc/McAfeeVirusScanEnterprise.jpg[/IMG] La mise à jour en question a provoqué un faux positif qui a causé des graves problèmes sur des milliers de machines qui tournent sous Windows XP SP3 dans les entreprises. L'un des fichiers .DAT de cette mise à jour a identifié le fichier svchost.exe comme un virus (w32/wecorl.a) et l'a mis en quarantaine. Résultat : une sér...

    Read the article

  • Malware - Technical anlaysis

    - by nullptr
    Note: Please do not mod down or close. Im not a stupid PC user asking to fix my pc problem. I am intrigued and am having a deep technical look at whats going on. I have come across a Windows XP machine that is sending unwanted p2p traffic. I have done a 'netstat -b' command and explorer.exe is sending out the traffic. When I kill this process the traffic stops and obviously Windows Explorer dies. Here is the header of the stream from the Wireshark dump (x.x.x.x) is the machines IP. GNUTELLA CONNECT/0.6 Listen-IP: x.x.x.x:8059 Remote-IP: 76.164.224.103 User-Agent: LimeWire/5.3.6 X-Requeries: false X-Ultrapeer: True X-Degree: 32 X-Query-Routing: 0.1 X-Ultrapeer-Query-Routing: 0.1 X-Max-TTL: 3 X-Dynamic-Querying: 0.1 X-Locale-Pref: en GGEP: 0.5 Bye-Packet: 0.1 GNUTELLA/0.6 200 OK Pong-Caching: 0.1 X-Ultrapeer-Needed: false Accept-Encoding: deflate X-Requeries: false X-Locale-Pref: en X-Guess: 0.1 X-Max-TTL: 3 Vendor-Message: 0.2 X-Ultrapeer-Query-Routing: 0.1 X-Query-Routing: 0.1 Listen-IP: 76.164.224.103:15649 X-Ext-Probes: 0.1 Remote-IP: x.x.x.x GGEP: 0.5 X-Dynamic-Querying: 0.1 X-Degree: 32 User-Agent: LimeWire/4.18.7 X-Ultrapeer: True X-Try-Ultrapeers: 121.54.32.36:3279,173.19.233.80:3714,65.182.97.15:5807,115.147.231.81:9751,72.134.30.181:15810,71.59.97.180:24295,74.76.84.250:25497,96.234.62.221:32344,69.44.246.38:42254,98.199.75.23:51230 GNUTELLA/0.6 200 OK So it seems that the malware has hooked into explorer.exe and hidden its self quite well as a Norton Scan doesn't pick anything up. I have looked in Windows firewall and it shouldn't be letting this traffic through. I have had a look into the messages explorer.exe is sending in Spy++ and the only related ones I can see are socket connections etc... My question is what can I do to look into this deeper? What does malware achieve by sending p2p traffic? I know to fix the problem the easiest way is to reinstall Windows but I want to get to the bottom of it first, just out of interest.

    Read the article

  • Doing a virus check on a file from a build script

    - by the_mandrill
    I would like to be be able to invoke a virus check as the final stage of the build process (please don't question why a dev machine would get a virus, it's just a belt-and-braces approach to avoid the risk of getting sued by customers...). Also I'd like the option of having AV on a machine but switching the auto file system protection off (at least for the build directories). What I would like is a generic way of scanning a file using whatever AV system is in place. I'm assuming that there's an Windows API to do this, given that Windows detects the presence of an AV system, and browsers such as Firefox invoke a virus scan whenever a file is downloaded. So what's the API that they're using? There's the Microsoft AntiVirus API but that seems to be specific to Office documents. Does the approach involve using WMI? (and if you can detect the AV provider from there, how do you then invoke it to scan a file?) I know that I could write the script to manually call the AV scanner that I know to be installed, but as an intellectual exercise I'm more interested to know how apps like Firefox are doing this.

    Read the article

  • C Language - \n - creating virus

    - by sagar
    #include<stdio.h> #include<conio.h> union abc { int a; int x; float g; }; struct pqr { int a; int x; float g; } ; void main() { union abc b; struct pqr c; clrscr(); b.a=10; textbackground(2); textcolor(6); cprintf(" A = %d",b.a); printf("\nUnion = %d",sizeof(b)); printf("\nStructure = %d",sizeof(c)); getch(); } Now, Save this program as virus.cpp ( or any name that you like ) I am using Turbo C comiler to complie this program & run from trubo c. ( Ctrl + F9 ) I don't know weather to ask this question at stack over flow or at super user. I am using Windows 7 & I have installed Avira AntiVir virus system. I am not here for any kind of advertisement of microsoft or antivirus system. I am just here for solution of my query. When I tried to run above program - It creates a worm (DOS/Candy). I believe there is nothing wrong in program. Oke.. Now here is something special. Execute the same program with following difference. Here the only difference is space between \n #include<stdio.h> #include<conio.h> union abc { int a; int x; float g; }; struct pqr { int a; int x; float g; } ; void main() { union abc b; struct pqr c; clrscr(); b.a=10; textbackground(2); textcolor(6); cprintf(" A = %d",b.a); printf("\n Union = %d",sizeof(b)); printf("\n Structure = %d",sizeof(c)); getch(); } The difference is only \n and space. Question is "Why my simple program is detected as virus?? " Thanks in advance for sharing your knowledge. Sagar.

    Read the article

  • Beginner Geek: Scan Files for Viruses Before Using Them

    - by Mysticgeek
    To help avoid getting your computer infected by malicious software, it’s a good idea to scan files before executing them. Today we take a look at a couple of options that will let you scan files easily from your desktop. Scan File with Your Antivirus Software Most Antivirus software will put an option in the context menu so you can scan individual files. After downloading a file or email attachment, simply right-click the file and select the option to scan with your Antivirus software. If you want to scan more than one at a time, hold down the Ctrl key while you clicking each file you want to scan. Then right-click and select to scan with your Antivirus software. Here is our favorite Antivirus app, Microsoft Security Essentials scanning a couple of files. If a virus is found, your Antivirus app will delete it or put it in Quarantine so it cannot infect your system. Using VirusTotal Uploader To be very thorough and want a second opinion (actually 41), then you might want to check out the VirusTotal Uploader. This handy app will scan your files with 41 different Antivirus apps online. After installing VirusTotal Uploader, right-click the file, go to Send To, then VirusTotal. Alternately you can launch VirusTotal Uploader and Get and upload the file. It will send the file to VirusTotal.com and scan it with 41 different Antivirus apps and show you the results.   If you don’t want to install the Uploader, you can go to the VirusTotal site and upload a file from there to scan. We’ve noticed that occasionally there will be a false positive detected on files we know are clean. Sometimes the definition database of an Anti-malware app isn’t current, or an obscure Antivirus App will find something questionable. If that is the case, use your best judgment when viewing the results. Conclusion Most Antivirus apps today have real-time scanning and should be able to detect possible infections before you’re able to execute them. However, if they don’t or when in doubt, following these tips can save you a lot of headaches in the long run. If you use a lot of different flash drives throughout the day, check out our article on how to scan a thumb drive for viruses from the AutoPlay Dialog. Download Microsoft Security Essentials Download VirusTotal Uploader VirusTotal Website Similar Articles Productive Geek Tips Scan Files for Viruses Before You Download With Dr.WebMake Microsoft Security Essentials Scan Faster by Excluding Certain File TypesBeginner Geek: Delete User Accounts in Windows 7Scan Your Thumb Drive for Viruses from the AutoPlay DialogSecure Computing: Free Anti-Virus Protection With AVG Free Edition TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Xobni Plus for Outlook All My Movies 5.9 CloudBerry Online Backup 1.5 for Windows Home Server Snagit 10 Video preview of new Windows Live Essentials 21 Cursor Packs for XP, Vista & 7 Map the Stars with Stellarium Use ILovePDF To Split and Merge PDF Files TimeToMeet is a Simple Online Meeting Planning Tool Easily Create More Bookmark Toolbars in Firefox

    Read the article

  • Ask the Readers: Share Your Tips for Defeating Viruses and Malware

    - by Mysticgeek
    We’ve shared some of our best tips for dealing with malware over the years, and now it’s your turn! Share your favorite tips for protecting against, or getting rid of viruses and other types of malicious software. Unfortunately, if you’re a PC user it’s a given that you have to play defense against various forms of Malware. We’ve written several articles showing how to get rid of viruses and other forms of malware over the years using various strategies. We have some excellent articles explaining how to get rid of Advanced Virus Remover, Antivirus Live, Internet Security 2010, and Security Tool – all of which disguise themselves as legit antivirus apps. Now we turn it over to you to share your favorite tips and tricks for defending against malicious infections. If your computer has been infected, what steps did you take to get rid of it and clean up your machine? Leave a comment below and join in the discussion! Similar Articles Productive Geek Tips How To Remove Security Tool and other Rogue/Fake Antivirus MalwareNorton Antivirus 2010 [Review]How To Remove Internet Security 2010 and other Rogue/Fake Antivirus MalwareHow To Remove Antivirus Live and Other Rogue/Fake Antivirus MalwareHow-To Geek Comment Policy TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional Make your Joomla & Drupal Sites Mobile with OSMOBI Integrate Twitter and Delicious and Make Life Easier Design Your Web Pages Using the Golden Ratio Worldwide Growth of the Internet How to Find Your Mac Address Use My TextTools to Edit and Organize Text

    Read the article

  • Long held AJAX connections being blocked by Anti-Virus

    - by jeffreyveon
    Ok, this is downright bizarre. I am building a web application that relies on long held HTTP connection using COMET, and using this to stream data from the server to the application. Now, the problem is that this does not seem to go well with some anti-virus programs. We are now on beta, and some users are facing problems with the application when the anti-virus is enabled. It's not just one specific anti-virus either.. I found this work around for Avast when I looked online: http://avricot.com/blog/index.php?post/2009/05/20/Comet-and-ajax-with-Avast-s-shield-web-:-The-salvation-or-not However, anyone here has any suggestions on how to handled this? Should I send any specific header to please these security programs?

    Read the article

  • Verifying regular expression for malware removal

    - by Legend
    Unfortunately, one of my web servers was compromised recently. I have two questions. Is there a way I can scan the downloaded directory for backdoors? Is there anything I can do to ensure that at least known vulnerabilities do not exist anymore? Secondly, the malware put up the following in all index.* files on my webserver: <script>/*GNU GPL*/ try{window.onload = function(){var Hva23p3hnyirlpv7 = document.createElement('script');Hva23p3hnyirlpv7.setAttribute('type', 'text/javascript');Hva23p3hnyirlpv7.setAttribute('id', 'myscript1');Hva23p3hnyirlpv7.setAttribute('src',.... CODE DELETED FOR SAFETY.... );}} catch(e) {}</script> Obviously, this snippet seems to download some rogue file onto the user's machine. I downloaded an entire backup of the web server and am currently trying to remove this snippet from all file. For this I am doing: find ./ -name "index.*" -exec sed -i 's/<script>\/\*GNU GPL\*.*Hva23p3hnyirlpv7.*<\/script>//g' {} \; Just wanted to verify if this does the trick. I verified it with a few files but I want to be sure that this doesn't delete some valid code. Anyone suggests any other modifications?

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >