Search Results

Search found 1725 results on 69 pages for 'virus removal'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 8/69 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Should EICAR be updated to test the revision of Antivirus system?

    - by makerofthings7
    I'm posting this here since programmers write viruses, and AV software. They also have the best knowledge of heuristics and how AV systems work (cloaking etc). The EICAR test file was used to functionally test an antivirus system. As it stands today almost every AV system will flag EICAR as being a "test" virus. For more information on this historic test virus please click here. Currently the EICAR test file is only good for testing the presence of an AV solution, but it doesn't check for engine file or DAT file up-to-dateness. In other words, why do a functional test of a system that could have definition files that are more than 10 years old. With the increase of zero day threats it doesn't make much sense to functionally test your system using EICAR. That being said, I think EICAR needs to be updated/modified to be effective test that works in conjunction with an AV management solution. This question is about real world testing, without using live viruses... which is the intent of the original EICAR. That being said I'm proposing a new EICAR file format with the appendage of an XML blob that will conditionally cause the Antivirus engine to respond. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-EXTENDED-ANTIVIRUS-TEST-FILE!$H+H* <?xml version="1.0"?> <engine-valid-from>2010-1-1Z</engine-valid-from> <signature-valid-from>2010-1-1Z</signature-valid-from> <authkey>MyTestKeyHere</authkey> In this sample, the antivirus engine would only alert on the EICAR file if both the signature or engine file is equal to or newer than the valid-from date. Also there is a passcode that will protect the usage of EICAR to the system administrator. If you have a backgound in "Test Driven Design" TDD for software you may get that all I'm doing is applying the principals of TDD to my infrastructure. Based on your experience and contacts how can I make this idea happen?

    Read the article

  • Audit file removal (auditctl)

    - by user1513039
    For some reason, some script or program is removing a pid file for the service on the linux server (centos5.4 / 2.6.18-308.4.1.el5xen). I suspect a faulty cron script, but manual investigation did not lead me to it. And i still want to track it down. Have been using auditctl rule: auditctl -w /var/run/some_service.pid -p w Which helped me to see something, but not quite exactly what i wanted: type=PATH msg=audit(11/12/2013 09:07:43.199:432577) : item=1 name=/var/run/some_service.pid inode=12419227 dev=fd:00 mode=file,644 ouid=root ogid=root rdev=00:00 type=SYSCALL msg=audit(11/12/2013 09:07:43.199:432577) : arch=x86_64 syscall=unlink success=yes exit=0 a0=7fff7dd46dd0 a1=1 a2=2 a3=127feb90 items=2 ppid=3454 pid=6227 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=pts0 ses=38138 comm=rm exe=/bin/rm key=(null) Problem here is that i see ppid of the script that removed the file, but at the analysis time the (p)pids are already invalid as probably scripts/programs have been shutdown. Imagine a cron script deleting the file. So i need some way to expand/add audit rule(s) to be able to trace the parents of the /bin/rm at the time of removal. I have been thinking to add some rule to monitor all process creation, something like: auditctl -a task,always But this happen to be very resource intensive. So i need help or advice how to combine these rules, or how to expand any of the rules to help track the script/program. Thanks.

    Read the article

  • How to fix Windows 7 device removal notification loop

    - by Barry Kelly
    Bit of an odd one this. One of our PCs is getting caught in a loop some time after being turned on, usually after a USB storage device has been attached - sometimes an iPod, sometimes a GPS. Specifically, Windows Explorer starts showing a drive icon and letter (E:, as of right now) for the System partition (the small hidden one at the start of the boot drive). Then, the icon disappears. Then it reappears again. And disappears. It does this very quickly, at what looks like maybe 50 times a second. CPU usage in this loop is also very high; averages about 66%. This machine has an i7 920 CPU, which is quad core with hyperthreading; so this usage rate works out to about 5 100% busy threads, along with whatever normal idle load is (particularly Task Manager itself). Inspecting with Process Explorer shows that the device removal notification infrastructure has gone berserk. The threads in system service processes (i.e. apart from Windows Explorer) which are using all the CPU power relate to device notification. The Disk Management MMC snap-in also fails to run when the loop starts. The only way to break the loop, it seems, is to reboot the machine. Anyone seen anything similar to this, and know of a way to fix it? Machine details: Windows 7 x64, fully patched i7 920, 12GB RAM Intel SSD 80GB (X25-M, I believe; not G2) 2TB 5.2K disk for bulk storage AMD HD 5870 Further hardware details await. I'm going to go through and update all drivers I can find.

    Read the article

  • Some process does ICMP port scan on my OSX box and I am afraid my Mac got a virus

    - by Jamgold
    I noticed that my 10.6.6 box has some process send out ICMP messages to "random" hosts, which concerns me a lot. when doing a tcpdump icmp I see a lot of the following 15:41:14.738328 IP macpro bzq-109-66-184-49.red.bezeqint.net: ICMP macpro udp port websm unreachable, length 36 15:41:15.110381 IP macpro 99-110-211-191.lightspeed.sntcca.sbcglobal.net: ICMP macpro udp port 54045 unreachable, length 36 15:41:23.458831 IP macpro 188.122.242.115: ICMP macpro udp port websm unreachable, length 36 15:41:23.638731 IP macpro 61.85-200-21.bkkb.no: ICMP macpro udp port websm unreachable, length 36 15:41:27.329981 IP macpro c-98-234-88-192.hsd1.ca.comcast.net: ICMP macpro udp port 54045 unreachable, length 36 15:41:29.349586 IP macpro c-98-234-88-192.hsd1.ca.comcast.net: ICMP macpro udp port 54045 unreachable, length 36 I got suspicious when my router notified me about a lot of ICMP messages that don't get a response Does anyone know how to trace which process (or worse kernel module) might be responsible for this? I rebooted and logged in with a virgin user account and tcpdump showed the same results. Any dtrace magic welcome. Thanks in advance

    Read the article

  • AVTest.org Results for March – April 2014 now Available

    - by Akemi Iwaya
    Do you like to keep up with how well the various anti-virus programs are doing, or just want to see how well your favorite one did? Then you will definitely want to have a look at the latest batch of test results from AVTest.org. The results for testing during March and April are now available for viewing at your leisure. One thing to keep in mind when viewing the latest set of results: the testing was performed on Windows 8.1 during this round. Current security products for Windows 8.1 put to the test [AVTest.org] Note: When you visit the page, you may need to scroll down just a tiny bit in order to see the results listing. [via ZDNet News]

    Read the article

  • Mail server not sending or receiving after removal from barracuda blacklist to white list

    - by user137765
    Mail server not sending or receiving after removal from barracuda blacklist to white list. I've checked against black lists and the ip and domain are clean. 1and1 are saying its Barracuda black list and barracuda are saying its not blacklisted and that its somethign with 1and1 server. section from log file... Sep 20 04:29:25 vegaserve postfix/smtpd[16906]: connect from mta860.chtah.net[63.236.31.146] Sep 20 04:29:25 vegaserve postfix/smtpd[16070]: connect from host81-136-144-117.in-addr.btopenworld.com[81.136.144.117] Sep 20 04:29:27 vegaserve pop3d: IMAP connect from @ [201.80.253.153]checkmailpasswd: FAILED: raidon - short names not allowed from @ [201.80.253.153]ERR: 1348111767.185119 LOGOUT, [email protected], ip=[86.143.136.249], top=0, retr=0, time=151, rcvd=18, sent=283, maildir=/var/qmail/mailnames/mbelectrics.net/mb/Maildir Sep 20 04:29:28 vegaserve pop3d: LOGIN FAILED, ip=[201.80.253.153] Sep 20 04:29:28 vegaserve postfix/smtpd[15388]: connect from mta965.emails.itv.com[8.30.201.55] Sep 20 04:29:29 vegaserve postfix/smtpd[18194]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:29 vegaserve postfix/cleanup[24879]: 95CB31E87556C: message-id=<[email protected] Sep 20 04:29:29 vegaserve postfix/qmgr[14378]: 95CB31E87556C: from=, size=975, nrcpt=1 (queue active) Sep 20 04:29:29 vegaserve postfix/smtpd[18194]: disconnect from uspmta172097.emarsys.net[195.54.172.97] Sep 20 04:29:29 vegaserve postfix/smtp[25748]: 95CB31E87556C: to=, orig_to=, relay=none, delay=0.05, delays=0.05/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:29 vegaserve postfix/bounce[25897]: warning: 95CB31E87556C: undeliverable postmaster notification discarded Sep 20 04:29:29 vegaserve postfix/qmgr[14378]: 95CB31E87556C: removed Sep 20 04:29:32 vegaserve pop3d: Connection, ip=[201.80.253.153] Sep 20 04:29:37 vegaserve pop3d: IMAP connect from @ [201.80.253.153]checkmailpasswd: FAILED: rei - short names not allowed from @ [201.80.253.153]ERR: LOGIN FAILED, ip=[201.80.253.153] Sep 20 04:29:38 vegaserve pop3d: Connection, ip=[201.80.253.153] Sep 20 04:29:38 vegaserve postfix/smtpd[19328]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:40 vegaserve postfix/smtpd[18331]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:40 vegaserve postfix/smtpd[24464]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:40 vegaserve postfix/cleanup[24825]: BD1A71E87556C: message-id=<[email protected] Sep 20 04:29:40 vegaserve postfix/qmgr[14378]: BD1A71E87556C: from=, size=673, nrcpt=1 (queue active) Sep 20 04:29:40 vegaserve postfix/smtpd[24464]: disconnect from unknown[118.97.212.190] Sep 20 04:29:40 vegaserve postfix/smtp[25748]: BD1A71E87556C: to=, orig_to=, relay=none, delay=0.04, delays=0.04/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:40 vegaserve postfix/bounce[25995]: warning: BD1A71E87556C: undeliverable postmaster notification discarded Sep 20 04:29:40 vegaserve postfix/qmgr[14378]: BD1A71E87556C: removed Sep 20 04:29:41 vegaserve postfix/cleanup[24879]: 0A42B1E87556C: message-id=<[email protected] Sep 20 04:29:41 vegaserve postfix/qmgr[14378]: 0A42B1E87556C: from=, size=961, nrcpt=1 (queue active) Sep 20 04:29:41 vegaserve postfix/smtpd[18331]: disconnect from bay0-omc4-s10.bay0.hotmail.com[65.54.190.212] Sep 20 04:29:41 vegaserve postfix/smtp[25748]: 0A42B1E87556C: to=, orig_to=, relay=none, delay=0.03, delays=0.03/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:41 vegaserve postfix/bounce[25897]: warning: 0A42B1E87556C: undeliverable postmaster notification discarded Sep 20 04:29:41 vegaserve postfix/qmgr[14378]: 0A42B1E87556C: removed Sep 20 04:29:43 vegaserve postfix/smtpd[17511]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:43 vegaserve postfix/cleanup[24825]: 8F8991E87556C: message-id=<[email protected] Sep 20 04:29:43 vegaserve postfix/qmgr[14378]: 8F8991E87556C: from=, size=946, nrcpt=1 (queue active) Sep 20 04:29:43 vegaserve postfix/smtpd[17511]: disconnect from blu0-omc4-s22.blu0.hotmail.com[65.55.111.161] Sep 20 04:29:43 vegaserve postfix/smtp[25748]: 8F8991E87556C: to=, orig_to=, relay=none, delay=0.05, delays=0.02/0/0.02/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:43 vegaserve postfix/bounce[25995]: warning: 8F8991E87556C: undeliverable postmaster notification discarded Sep 20 04:29:43 vegaserve postfix/qmgr[14378]: 8F8991E87556C: removed Sep 20 04:29:44 vegaserve postfix/cleanup[24879]: 088641E87556C: message-id=<[email protected] Sep 20 04:29:44 vegaserve postfix/qmgr[14378]: 088641E87556C: from=, size=1078, nrcpt=1 (queue active) Sep 20 04:29:44 vegaserve postfix/smtpd[19328]: disconnect from smtp10.bis7.eu.blackberry.com[178.239.85.15] Sep 20 04:29:44 vegaserve postfix/smtp[25748]: 088641E87556C: to=, orig_to=, relay=none, delay=0.05, delays=0.03/0/0.01/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:44 vegaserve postfix/bounce[25995]: warning: 088641E87556C: undeliverable postmaster notification discarded Sep 20 04:29:44 vegaserve postfix/qmgr[14378]: 088641E87556C: removed Sep 20 04:29:44 vegaserve pop3d: IMAP connect from @ [201.80.253.153]checkmailpasswd: FAILED: rin - short names not allowed from @ [201.80.253.153]ERR: LOGIN FAILED, ip=[201.80.253.153] Sep 20 04:29:44 vegaserve pop3d: Connection, ip=[201.80.253.153] Sep 20 04:29:44 vegaserve postfix/smtpd[18965]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:44 vegaserve postfix/cleanup[24825]: 946F51E87556C: message-id=<[email protected] Sep 20 04:29:44 vegaserve postfix/qmgr[14378]: 946F51E87556C: from=, size=1173, nrcpt=1 (queue active) Sep 20 04:29:44 vegaserve postfix/smtpd[18965]: disconnect from hubrelay-rd.bt.com[62.239.224.99] Sep 20 04:29:44 vegaserve postfix/smtp[25748]: 946F51E87556C: to=, orig_to=, relay=none, delay=0.04, delays=0.04/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:44 vegaserve postfix/bounce[25897]: warning: 946F51E87556C: undeliverable postmaster notification discarded Sep 20 04:29:44 vegaserve postfix/qmgr[14378]: 946F51E87556C: removed Sep 20 04:29:45 vegaserve postfix/smtpd[14816]: connect from col0-omc2-s12.col0.hotmail.com[65.55.34.86] Sep 20 04:29:47 vegaserve postfix/smtpd[16900]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:29:47 vegaserve postfix/cleanup[24879]: 961721E87556C: message-id=<[email protected] Sep 20 04:29:47 vegaserve postfix/qmgr[14378]: 961721E87556C: from=, size=1082, nrcpt=1 (queue active) Sep 20 04:29:47 vegaserve postfix/smtpd[16900]: disconnect from mta-35d2.livingsocial.com[199.91.53.210] Sep 20 04:29:47 vegaserve postfix/smtp[25748]: 961721E87556C: to=, orig_to=, relay=none, delay=0.04, delays=0.04/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:29:47 vegaserve postfix/bounce[25995]: warning: 961721E87556C: undeliverable postmaster notification discarded Sep 20 04:29:47 vegaserve postfix/qmgr[14378]: 961721E87556C: removed Sep 20 04:29:50 vegaserve pop3d: IMAP connect from @ [201.80.253.153]checkmailpasswd: FAILED: rini - short names not allowed from @ [201.80.253.153]ERR: LOGIN FAILED, ip=[201.80.253.153] Sep 20 04:29:50 vegaserve pop3d: Connection, ip=[201.80.253.153] Sep 20 04:29:52 vegaserve postfix/smtpd[24478]: connect from col0-omc2-s13.col0.hotmail.com[65.55.34.87] Sep 20 04:29:52 vegaserve postfix/smtpd[18923]: connect from www.idbwplan.com[193.181.254.21] Sep 20 04:29:55 vegaserve postfix/smtpd[15968]: connect from 105-48.mta.dotmailer.com[94.143.105.48] Sep 20 04:29:56 vegaserve pop3d: IMAP connect from @ [201.80.253.153]checkmailpasswd: FAILED: ringo - short names not allowed from @ [201.80.253.153]ERR: LOGIN FAILED, ip=[201.80.253.153] Sep 20 04:29:56 vegaserve pop3d: Connection, ip=[201.80.253.153] Sep 20 04:30:00 vegaserve postfix/smtpd[18772]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:30:01 vegaserve postfix/cleanup[24825]: 1DAD71E87556C: message-id=<[email protected] Sep 20 04:30:01 vegaserve postfix/qmgr[14378]: 1DAD71E87556C: from=, size=1022, nrcpt=1 (queue active) Sep 20 04:30:01 vegaserve postfix/smtpd[18772]: disconnect from mail95.us2.mcsv.net[173.231.139.95] Sep 20 04:30:01 vegaserve postfix/smtp[25748]: 1DAD71E87556C: to=, orig_to=, relay=none, delay=0.06, delays=0.05/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself) Sep 20 04:30:01 vegaserve postfix/bounce[25897]: warning: 1DAD71E87556C: undeliverable postmaster notification discarded Sep 20 04:30:01 vegaserve postfix/qmgr[14378]: 1DAD71E87556C: removed Sep 20 04:30:02 vegaserve pop3d: IMAP connect from @ [201.80.253.153]checkmailpasswd: FAILED: ritsuko - short names not allowed from @ [201.80.253.153]ERR: LOGIN FAILED, ip=[201.80.253.153] Sep 20 04:30:02 vegaserve postfix/smtpd[16911]: warning: connect to proxy service 127.0.0.1:10025: Connection timed out Sep 20 04:30:02 vegaserve pop3d: Connection, ip=[201.80.253.153] Sep 20 04:30:02 vegaserve postfix/cleanup[24879]: 8AADD1E87556C: message-id=<[email protected] Sep 20 04:30:02 vegaserve postfix/qmgr[14378]: 8AADD1E87556C: from=, size=1003, nrcpt=1 (queue active) Sep 20 04:30:02 vegaserve postfix/smtpd[16911]: disconnect from mr133.createsend.com[184.106.86.133] Sep 20 04:30:02 vegaserve postfix/smtp[25748]: 8AADD1E87556C: to=, orig_to=, relay=none, delay=0.02, delays=0.02/0/0/0, dsn=5.4.6, status=bounced (mail for vegaserve.com loops back to myself)

    Read the article

  • Anti-virus for Ubuntu Hardy 8.04

    - by April
    I am using Ubuntu hardy with Scalr and AWS, the Ubuntu instance does not come with any antivirus software. Can anyone recommend a good ant-virus software for Ubuntu? I would also need installation and config steps. Thanks.

    Read the article

  • Anti-virus for Ubuntu Hardy 8.04

    - by April
    I am using Ubuntu hardy with Scalr and AWS, the Ubuntu instance does not come with any antivirus software. Can anyone recommend a good ant-virus software for Ubuntu? I would also need installation and config steps. Thanks.

    Read the article

  • Linux based Anti-virus for windows

    - by Manish Mathai
    Hi. I am currently running Windows XP along with Ubuntu 9.10. Is there any anti-virus which can scan for windows viruses , from ubuntu ? I had tried ClamAV sometime back. It didn't work very well. Is there any other alternative ? Preferably a free one :)

    Read the article

  • Long held AJAX connections being blocked by Anti-Virus

    - by jeffreyveon
    Ok, this is downright bizarre. I am building a web application that relies on long held HTTP connection using COMET, and using this to stream data from the server to the application. Now, the problem is that this does not seem to go well with some anti-virus programs. We are now on beta, and some users are facing problems with the application when the anti-virus is enabled. It's not just one specific anti-virus either.. I found this work around for Avast when I looked online: http://avricot.com/blog/index.php?post/2009/05/20/Comet-and-ajax-with-Avast-s-shield-web-:-The-salvation-or-not However, anyone here has any suggestions on how to handled this? Should I send any specific header to please these security programs?

    Read the article

  • Why won't Windows Installer use the UI in the .msi file during removal?

    - by billmcc
    Has anyone been able to get Windows Installer to use the InstallUISequence table during removal? I started with an MSI file produced by the Visual Studio msi builder, decompiled it into WiX source code and handcrafted it, but I cannot get the installer to use my UI during removal. It insists on using a default UI provided by Windows Installer. I have also analyzed several MSI files, and I have been unable to find one where Windows Installer will use the provided UI during removal. I captured the msiexec logs during removal, and sure enough, Windows Installer appears to be ignoring the InstallUISequence table. It seems that msiexec runs with minimal UI during removal. If I specify the /qf switch (use full UI) during removal, then Windows Installer does take the UI from the .msi file. However, this doesn't help the regular user, because she won't do the removal from msiexec. Does anyone know of a way to convince Windows Installer to use the UI in the MSI file by default?

    Read the article

  • How do I find information about a particular trojan? "W32/Smalltroj.XVGT", as reported by Norman

    - by Lasse V. Karlsen
    I tried checking the Norman antivirus page, Virus-descriptions, but sadly it seems Norman has intentionally obfuscated their search results (I tried clicking on W, and it seems they just list viruses with a W somewhere in the description, instead of more typical, all viruses with a name starting with a W.) Is there a common virus-list somewhere, or is it as I suspect, every antivirus manufacturer is free to come up with their own identification tags for each virus? Several "vshost32.exe" files, related to Microsoft Visual Studio 2008, has been quarantined on our server today, probably related to a test-deployment of some internal software. Some developer machines that have grabbed that latest version of our program has also had the same files quarantined. Now, these files should not have been deployed in the first case, so I'll be looking into that, but whenever any developer now builds a program locally and attempts to debug, the same file is placed in the build output directory, and promptly quarantined. Does anyone have any clues as to how I can go about verifying this before I pointedly ask the antivirus software to go take a hike on this particular virus? Edit: I've copied one of the quarantined files manually to a machine over the network that doesn't have antivirus installed, and compared the file on that machine with a local copy (on that machine) of the vshost32.exe template file, and they're bit-for-bit identical. I guess this is a false positive. I still would like to know if it would be possible for me to verify this in any other way though, since next time such a trojan might be reported in a compiled file that we won't have a pristine copy of.

    Read the article

  • Virus disturbing my audio

    - by Mike M
    i had a desktop.ini virus on my computer. I managed to get rid of it (i think) but now my Mcafee firewall will not stay on for more than 3 secs before it turns off again. Also something is freezing my computer for a few secs when a window is open, also my audio goes in and out when watching videos and listening to music. I figured out that it only happens when i connect to the internet. I have to restart my PC and quickly disconnect the internet if i want to listen to music. also i have vista

    Read the article

  • clam anti-virus is slowing down my server performance

    - by Scarface
    Hey guys, I just installed clam av http://sourceforge.net/projects/php-clamav/ for scanning file uploads on my linux VPN running php. The problem is that for some reason just initiating the extension in the php ini file slows down my entire network. Regular requests such as changing pages that should take less than 1 second take 5. Has anyone ever experienced this before or have a good virus scanning alternative for scanning file uploads? extension=clamav.so [clamav] clamav.dbpath="/usr/share/clamav" clamav.keeptmp=20 clamav.maxreclevel=16 clamav.maxfiles=10000 clamav.maxfilesize=26214400 clamav.maxscansize=104857600 clamav.keeptmp=0

    Read the article

  • Is pdf virus proof? [closed]

    - by Jonathan
    I am creating a secure document portal for a client. One of the things that they are worried about is having someone upload a document with a virus. One solution that might work is to enforce that they only upload pdf files. My question is two fold: Most importantly, is a pdf document virus proof? How can you determine in a *nix environment that a file is a pdf, besides just looking at the extension. Thanks! Jonathan

    Read the article

  • clam anti-virus is slowing down my server performance significantly

    - by Scarface
    Hey guys, I just installed clam av http://sourceforge.net/projects/php-clamav/ for scanning file uploads on my linux VPN running php. The problem is that for some reason just initiating the extension in the php ini file slows down my entire network. Regular requests such as changing pages that should take less than 1 second take 5. Has anyone ever experienced this before or have a good virus scanning alternative for scanning file uploads? extension=clamav.so [clamav] clamav.dbpath="/usr/share/clamav" clamav.keeptmp=20 clamav.maxreclevel=16 clamav.maxfiles=10000 clamav.maxfilesize=26214400 clamav.maxscansize=104857600 clamav.keeptmp=0

    Read the article

  • HOw to secure whm/cpanel centos server from javascript malacious code virus

    - by Master
    Recently my sites index.php code was replaced some malacious javascript virus code. I really don't know how did that entered into that page. Today when i tried to download that file via ftp then antivirus gave me the warning. So it means it was not entered from my computer. Is there any way to install some antivirus on VPS server with centos 5 , cpanel/whm so that those code should not be allowed to add. also what is mod_security . will it be helpful.

    Read the article

  • After installing Windows what should I do first? update or install antivirus?

    - by EApubs
    Normally, after reformating and installing Windows 7, I used to go online and install all the updates, install all the driver updates and then install the anti virus. Because long ago, when I installed the anti virus first, applying windows updates crashed the AV! So, I install it last. Specially 7 sp1 is critical right? But now im having doubts... Going online without an antivirus means I'm vulnerable! (I have a home router which have a small firewall but I'm not sure about it) So, whats the best thing to do? Install the anti virus first or install the updates first?

    Read the article

  • How do I safely use a virus infected USB drive in Ubuntu?

    - by suhridk
    I have an USB drive which I know is virus infected (an anti-virus on my friend's machine detected it). Unfortunately neither of us know the virus name and I don't want to take the risk of plugging it to my Windows box again. Of course, in all probability the virus affects only Windows. (But I'm not sure) I want to know if I can safely plug the USB into my Ubuntu Lucid laptop and copy the stuff I need from the drive. If there are some precautions I need to follow what would they be?

    Read the article

  • Possible causes for Domain server being unavailable?

    - by serversurfer
    One of our servers was compromised after a user with administrative privileges accidentally loaded a virus from a USB drive on a desktop connected to the domain. The two most obvious symptoms of this were: The server is no longer responding to login attempts The root directory of the drive containing user data has been filled with randomly named empty folders. (Initially it was around a million folders, I've been slowly deleting them.) I've run several virus scans from different vendors and am fairly confident the virus has been removed but the damage is done. I'm hoping the two symptoms are related and that once the directories are gone the server will start responding again. The drive is very slow to respond. I'm deleting about 20k folders at a time. Anymore than that and windows explorer becomes unresponsive. In the event that I finish cleaning up the HD and things don't return to normal what other things can I check?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >