How do I detect and remove a rootkit installed on my router (and/or computer)?

Similar Messages

• How can I detect and eliminate duplicate photos in iphoto?

  I am looking for help. I have many duplicates in iphoto and would would like to detect and eliminate them. Any suggestions?

  For dealing with duplicates in iPhoto check out Duplicate Annihilator
  There are other options. Search on the App Store or on MacUpdate

• How to make detection and acquasition processes faster on 6602 board ?

  Hi to everybody,
  Currently I am using a NI 6602 board. And I am designing my project using VC++ in .NET framework(1.1) .
  In my application, I have to wait a digital signal(triggering signal) to go high level to start my acquasition.
  At first, I tried to check continuously that incoming digital signal in a seperate thread using ReadSingleSampleSingleLine() fxn (polling). In my application there aren't so much threads , just 3-4 threads, and this thread has the highest priority.
  But I recognised that I am missing some acquasition data after I detect the trigger signal.
  In more detail the case is: when the trigger signal arrives, I have to capture an incoming byte(which is available on another 8 digital input lines for just 5-6 microseconds).
  And the problem is : I can detect the trigger signal by polling but I am missing the incoming byte. I am trying to detect the incoming byte using ReadSingleSamplePortByte() function again by polling. The incoming byte disappears before I manage to read it.
  My fist question:
  1. Is there anything that you can suggest to make my detection and acquasition process faster?
  I tried to use digital edge triggering and change detection events hoping to faster my process. But I got an exception about my board does not support that kind of triggering.
  My second question:
  2. Is there any way to use digital edge triggering or change detection events in 6602 board?
  This is the first time I am using an NI board.
  I noticed that 6602 is specialized on timer counter concepts, not on digital I/O concepts. But I don't have a chance to use any other board right now and I have to manage my application using 6602.
  any help is welcomed.
  thanks in advance.
  koray.

  In a more readable form:
  Hi to everybody,
  Currently I am using a NI 6602 board. And I am designing my project using VC++ in .NET framework(1.1) .
  In my application, I have to wait a digital signal(triggering signal) to go high level to start my acquasition.
  At first, I tried to check continuously that incoming digital signal in a seperate thread using ReadSingleSampleSingleLine() fxn (polling). In my application there aren't so much threads , just 3-4 threads, and this thread has the highest priority. But I recognised that I am missing some acquasition data after I detect the trigger signal.
  In more detail the case is: when the trigger signal arrives, I have to capture an incoming byte(which is available on another 8 digital input lines for just 5-6 microseconds).
  And the problem is : I can detect the trigger signal by polling but I am missing the incoming byte. I am trying to detect the incoming byte using ReadSingleSamplePortByte() function again by polling. The incoming byte disappears before I manage to read it.
  My fist question:
  1. Is there anything that you can suggest to make my detection and acquasition process faster?
  I tried to use digital edge triggering and change detection events hoping to faster my process. But I got an exception about my board does not support that kind of triggering.
  My second question:
  2. Is there any way to use digital edge triggering or change detection events in 6602 board?
  This is the first time I am using an NI board. I noticed that 6602 is specialized on timer counter concepts, not on digital I/O concepts. But I don't have a chance to use any other board right now and I have to manage my application using 6602.
  any help is welcomed.
  thanks in advance.
  koray.

• How do I activate Acrobat XPro- I've installed CS6 Premium on my new computer and Acrobat does not work and says its not activated. How do I resolve this problem?????

  How do I activate Acrobat XPro- I've installed CS6 Premium on my computer and Acrobat does not work and says its not activated. It is listed on the programs on the computer but will not respond. How do I fix this?????? Help Adobe?????

  Hi t0m#2410,
  How did you install Acrobat, did you install it as a part of Suite installation.
  If it is a part of suite then deactivate suite uninstall Acrobat, Reinstall Acrobat using Suite media. Launch Photoshop first and Activate.
  Then try launch Acrobat.
  Regards,
  Ajlan Huda.

• How can I detect and remove keystroke logger software?

  I suspect that my soon to be ex-husband has surreptitiously installed keystroke logger software (or other "spyware") onto my MacMini.  Is there a way to detect it and remove it?   Any recommendations for protection software? Or, is it better to wipe the machine clean and reinstall software and files?  I cannot afford a new computer right now, so buying a new one is not an option.

  If you know or suspect that a hostile intruder has either had physical access to it, or has been able to log in remotely, then there are some steps you should take to make sure that the computer is safe to use.
  First, depending on the circumstances, computer tampering may be a crime, a civil wrong, or both. If there's any chance that the matter will be the subject of legal action, then you should do nothing at all without consulting a lawyer or the police. The computer would be the principal evidence in such a case, and you don't want to contaminate that evidence.
  Running any kind of "anti-virus" software is pointless. If I broke into a system and wanted to leave a back door, I could do it in a way that would be undetectable by those means—and I don't pretend to any special skill as a hacker. You have to assume that any intruder can do the same. Commercial keylogging software—which has legitimate as well as illegitimate uses—won't be recognized as malware, because it's not malware.
  The only way you can be sure that the computer is not compromised is to erase at least the startup volume and restore it to something like the status quo ante. The easiest approach is to recover the entire system from a backup that predates the attack. Obviously, that's only practical if you know when the attack took place, and it was recent, and you have such a backup. You will lose all changes to data, such as email, that were made after the time of the snapshot. Some of those changes can be restored from a later backup.
  If you don't know when the attack happened, or if it was too long ago for a complete rollback to be feasible, then you should erase and install OS X. If you don't already have at least two complete, independent backups of all data, then you must make them first. One backup is not enough to be safe.
  When you restart after the installation, you'll be prompted to go through the initial setup process for a new computer. That’s when you transfer the data from a backup in Setup Assistant.
  Select only users in the Setup Assistant dialog—not Applications, Other files and folders, or Computer & Network Settings. Don't transfer the Guest account, if it was enabled.
  Reinstall third-party software from original media or fresh downloads—not from a backup, which may be contaminated.
  Unless you were the target of an improbably sophisticated attack, this procedure will leave you with a clean system. If you have reason to think that you were the target of a sophisticated attack, then you need expert help.
  That being done, change all Internet passwords and check all financial accounts for unauthorized transactions. Do this  after the system has been secured, not before.

• How to to detect and prevent hidden objects in AD

  in a Delegated OU, if OU owner removes the permission of Domain Admins and sets a Deny permission for Domain Admins, he can create hidden sub-ous, which are not visible for Domain administrators. How to detect those and prevent ?

  If you can't trust someone, don't give them the permissions.  Part of the delegation of control of anything, not just Directory Services is the reliance on the ability to manage there work space responsibly.  You can't stop someone from setting
  the permissions as you state other than to not give them the ability to change the permissions on the root object itself, which can be easily done and is what we do.  Not because we don't trust them, but we try to prevent someone from hurting themselves
  accidentally.
  So just go to the OU in question and change the permissions on the parent only and take away full control.  As a matter of I would recommend that you remove all rights with the exception of read.  Just grant full control to all siblings of the
  OU.
  Paul Bergson
  MVP - Directory Services
  MCITP: Enterprise Administrator
  MCTS, MCT, MCSE, MCSA, Security+, BS CSci
  2008, Vista, 2003, 2000 (Early Achiever), NT4
  Twitter @pbbergs
  http://blogs.dirteam.com/blogs/paulbergson
  Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

• How do I detect (and better yet change) the mechanical action of a Boolean programmatically?

  I am trying to reference controls on a panel of another VI programmatically.  When I parse the VI it is not running, so I do not get errors if I encounter a Boolean in latch mode by reading the value.  Later, when it is running and I try to read or write to that Boolean it generates an error, but that is not when I want to handle the error.  Is there some way to read what the mechanical action of a Boolean is?  Is it possible to change it programmatically?  I can not change anything on the target VI except the mechanical action, no adding event blocks looking for mouse clicks, etc.
  Thanks,
  --Matt

  mviele wrote:
  II can not change anything on the target VI except the mechanical action, no adding event blocks looking for mouse clicks, etc.
  Changing the mechanical action is a significant edit change, so why are you arbitrarily disallowing anything else?
  Easiest would be to exclusively use "switch action" booleans and simulate the latch action in code, e.g. reset it to false elsewhere using a local variable.
  LabVIEW Champion . Do more with less code and in less time .

• HT5244 how to use Flashback malware removal tool

  how to use Flashback malware removal tool after installing it i cant find it>???

  Kappy wrote:
  How he became a Lion user wouldn't be relevant because if he installed Lion, then any previous version of Java would be removed. Unless the OP purposely installed Java there would not be any Java software on the computer. I am pretty sure this is correct given the number of users who have seen fit to point that out to me.
  Yes of course, but Java is only needed as the initial step (installation of the dropper) in the infection process and is not required by the malware after that. Once infected neither the removal of Java nor the installation of a new OS will do anything to disable Flashback. The majority of the components are installed in the users home folder and if he gives up his password, the rest goes into Safari. I'm not certain whether Safari is replaced during Lion installation or not. So there is a good chance that at least some of the malware components are still in operation after an upgrade or migration. That's the only point I'm trying to make. Do you not agree with that?
  I feel that way because of the recent frequency of your remarks in various topics to which I've contributed.
  I only pick on you because you get around to many more people than I can ever hope to, so I want you to have the latest and best info possible. I wish I could do more, but my two other jobs take up almost more time than I have. Besides, I do the same with Linc and Carolyn and probably a few others who's advise I value and I envy that you have all have time to do what you do. But right now I need to get back to work on my taxes or I'll be in a lot of trouble come Monday.
  I would much prefer to do all this in a sidebar, but my level doesn't allow such things, so I do what I can when I can.
  I have Java installed on my systems and do so purposefully. Others may install it because they are prompted to do so. That's why the tools are available both to detect the malware as well as remove it.
  Which brings up a good point. I wonder if those Lion users who are now discovering they need Java get the MRT in the same way as those who install the current updates?

• HT5246 How I start Flashback malware removal tool ?

  Hi plz How I start Flashback malware removal tool ?

  Install whatever security update is available in Software Update.  The update itself removes the malware, and locks down Java to prevent future infection.  If you installed the update and didn't get a message about being infected, you were clean.

• How to detect which Anti Virus is installed?

  I want to know how can I detect which anti virus is installed on the system using C#?
  Jassim Rahma

  You can use WMI to query this information.  The code to do so would work like this:
  ManagementObjectSearcher searcher = new ManagementObjectSearcher(@"root\SecurityCenter2", "SELECT * FROM AntiVirusProduct");
  ManagementObjectCollection result = searcher.Get();
  if (result.Count > 0)
      foreach (ManagementObject item in result)
          Console.WriteLine("Your computer is protected by: {0}", item["displayName"]);
  else
      Console.WriteLine("Your computer is not protected!");
  Note that the location on that first line might be "root\SecurityCenter" on some systems.  It might be best to run this portion of code for both "root\SecurityCenter" and "root\SecurityCenter2".
  Coding Light - Illuminated Ideas and Algorithms in Software
  Coding Light Wiki • LinkedIn • ForumsBrowser

• How can detect and remove scanned white pages in an OCRd pdf file?

  How can detect and remove scanned white pages in an OCRd pdf file?

  Acrobat does not support an automated way of doing this directly. You can
  remove completely blank pages (pages that don't have any "marking
  objects"), but a scanned page does contain an image, so Acrobat won't help
  you here. There are a number of 3rd party applications and plug-ins
  available. Try a Google search for
  remove blank pages from scanned
  pdf<http://www.google.com/search?client=safari&rls=en&q=removeblankpagesfromscanned+pdf&ie=UTF-8&oe=UTF-8>
  This will bring up a few different solutions.
  Another way is to use JavaScript to find text. You say that these documents
  are OCRed, so if you have a blank page, it should not have any text on it.
  With some JavaScript, you can identify pages that don't contain text. This
  may however fail if you have a page that contains just e.g. a photographic
  image. There won't be any text, but the page is certainly not blank.
  Karl Heinz Kremer
  [signature removed by host]

• Adobe_flashplayer_e2c7b_Setup.dmg Is this malware? If so, how to detect and remove it?

  adobe_flashplayer_e2c7b_Setup.dmg 
  Is this malware? If so, what is the easiest way to detect and remove it?

  There is no need to download anything to solve this problem.
  You may have installed one or more of the common types of ad-injection malware. Follow the instructions on this Apple Support page to remove it. It's been reported that some variants of the "VSearch" malware block access to the page. If that happens, start in safe mode by holding down the shift key at the startup chime, then try again.
  Back up all data before making any changes.
  One of the steps in the article is to remove malicious Safari extensions. Do the equivalent in the Chrome and Firefox browsers, if you use either of those. If Safari crashes on launch, skip that step and come back to it after you've done everything else.
  If you don't find any of the files or extensions listed, or if removing them doesn't stop the ad injection, ask for further instructions.
  Make sure you don't repeat the mistake that led you to install the malware. It may have come from an Internet cesspit such as "Softonic" or "CNET Download." Never visit either of those sites again. You might also have downloaded it from an ad in a page on some other site. The ad would probably have included a large green button labeled "Download" or "Download Now" in white letters. The button is designed to confuse people who intend to download something else on the same page. If you ever download a file that isn't obviously what you expected, delete it immediately.
  Malware is also found on websites that traffic in pirated content such as video. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.
  In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere  should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.
  Still in System Preferences, open the App Store or Software Update pane and check the box marked
            Install system data files and security updates (OS X 10.10 or later)
  or
            Download updates automatically (OS X 10.9 or earlier)
  if it's not already checked.

• I was told by apple support that I have malware on my iMac that is trying to convince me to buy their cleanup software.  I was told it was a scam and my computer is not infected, but they want my credit card info.  How do I remove the malware?

  How do I remove malware from my iMac?

  you can do a Google search for "anti-virus" and "mac" and see what you come up with. I think Norton now makes a program for mac with anti-trogan and anti-rootkit detection, and hopefully it'll get better with more time and more complaints
  As laverne's mom said, Norton's should never be installed on any Mac - period. I would not let it within 10 feet of my machines. It creates so many problems, it should be considered malware.  If you must install AV software, try ClamXAV; it is free. However, there are no viruses for Mac; the current problem is a trojan and if due diligence is observed, there is no problem.

• Need to detect and remove malicious software on MacBook Pro

  MacBook Pro 10.6.8 infected with Koobface Virus contracted @ facebook via Tag Friends App + Adobe Flash Player. Lost access to hacked fb page now shows as phishing site. How can I safely detect and remove malicious software?
  Thanks

  Welcome to Apple Support Communities
  OS X has got its own security systems, so you don't need any antivirus. Furthermore, they will only slow down your computer. If you want more information, read > http://www.thesafemac.com/mmg
  If you want an antivirus, install ClamXav, but you don't need an antivirus

• PDFExport fonts. How they are detected, difference between bold and italic.

  Hi,
  i am experiencing issues with PDFExport mainly because i don't understand how the engine detects fonts in the original document.
  First i will explain my issue:
  PDFExport is used on linux machine environment.
  Copyright reasons prevents me from using windows fonts for PDFExport. I downloaded some open source fonts, most of time they are working fine. the issues that i have are with the variations the fonts. italicized and bold.
  Lets take an example of a .doc file. the file contains Hebrew characters some of them are bolded some italicized and some are regular. the font that .doc used is a windows font called David.
  When i use PDFExport with the original David fonts everything works fine and converted correctly to PDF. Since i cannot use windows fonts i resorted to using the Open Source fonts, they too have similar in style to David. they have bold version, italicized version and regular version.
  When i use the open source fonts the detection of the font is incorrect. the entire document becomes italic. when i remove the italic version of the font everything is bold. and when i remove the bold version everything becomes regular. -- i am missing the bold and italic styles when they are used in the document.
  (note that the original document can use any font it wants not restricted to the Copyright issue)
  if i understood how the detection worked, i could modified the open source fonts that i have so that it will detect correctly all the different style (bold and italicized ) correctly.
  my first question:
  How can i use the Open source fonts and also not lose the bold and italicized styles?
  my second question:
  2. Is there a way to recieve via the API which fonts the engine looked for and didn't find? it can help me to better understand which fonts i need. and may be look for them and bring them manually.
  sometimes even when i used the entire windows fonts folder still the fonts where missing or incorrect. (in the resulted converted PDF 'squares' instead of characters). an API like this may help me look for the missing fonts.
  my third question:
  is there a general guide or Standard which fonts to use. i wish to use the minimum number of fonts which will get the job done. i.e characters will be visible and not squares, styles (bold and italicized) should not be lost.
  my forth question:
  How do the engine choose which font to use?

  These are very deep technical questions and I assume it will be difficult to find anyone who knows answers on this forum.
  You will need to speak with Outside In people (you could also try other conversion component such as OpenOfficeConversion - see http://docs.oracle.com/cd/E23943_01/doc.1111/e10800/c03_pdfi_all.htm#IBRAG238). Contacts to OIT are available at Oracle Outside In Technology, or try to create a SR via Metalink.