Jump to content

Search the Community

Showing results for tags 'antivirus'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 20 results

  1. As you may have noticed, it has been quite still here for a while. This was related to the preparations for this release: A post disclosing a new type of vulnerability, affecting multiple Anti-Virus solutions. To summaries: Today, I’m disclosing an issue, that can be exploited by any local user to gain full control over the endpoint by abusing the restore from quarantine Anti-Virus feature. And because every new vulnerability needs its own name and logo, I want to introduce you to #AVGater: The Basics But let’s get back on track, by discussing a few Anti-Virus basics. The following diagram shows the inner workings of a typical AV from an unprivileged user’s point of view. There are three different access domains: The kernel mode, the privileged user mode (SYSTEM) and the unprivileged user mode. As shown in the following image, the different components have widely different duties: Within the context of the unprivileged user there is only the AV user interface. By itself, it has no real power, because its executing within a limited user session. However, by talking to the AV Windows service it can do many things a normal user would not be able too. For example it may be allowed to restore files from the virus quarantine (This could be a hint – Couldn’t it?). Additionally there is kernel component. Most likely it’s doing the real work of checking objects for known threat identifiers. The Idea So what’s the real point here? Well, if a non-privileged user would be able to manipulate any of the communication channels that cross security boundaries (unprivileged user mode to privileged user mode or privileged user mode to kernel mode) he could escalate his privileges. But how to do that? In the case of #AVGater, the answer to this question is: By manipulating the restore process from the virus quarantine: As shown in the above video, #AVGater can be used to restore a previously quarantined file to any arbitrary filesystem location. This is possible because the restore process is most often carried out by the privileged AV Windows user mode service. Hence, file system ACLs can be circumvented (as they don’t really count for the SYSTEM user). This type of issue is called a privileged file write vulnerability and can be used to place a malicious DLL anywhere on the system. The goal is to side load this library for a legitimate Windows servers by abusing the DLL Search Order: If this succeeds, arbitrary code can be executed with the help of the DLLMain entry point. But there is still one very important question still unanswered: How is it possible to tamper with the restore process? The solution are NTFS directory junctions. They are basically symbolic links for directories that can be created by anyone with the help of mklink. #AVGater in plain english: By abusing NTFS directory junctions, the AV quarantine restore process can be manipulated, so that previously quarantined files can be written to arbitrary file system locations. Puttin it all together With all this knowledge, we can now paint a complete attack scenario: First a malicious library is moved to the AV quarantine. Then, by abusing directory junctions the original source path is redirected to another destination. Most likely a folder within C:\Program Files or C:\Windows. By restoring the previously quarantined file, the SYSTEM permissions of the AV Windows user mode service are misused, and the malicious library is placed in a folder where the currently signed in user is unable to write to under normal conditions. Because of how the DLL search order works, it is finally loaded by another privileged Windows process. Thereby the code within the DLLMain of the malicious library is executed. Hence, a local non-admin attacker gained full control over the affected endpoint. Here’s a diagram illustrating the whole process: During the preparation for this public disclosure, several different product have been checked for #AVGater. The following vendors have already released their fix. However, there are a few more to come! Who is/was affected? If anyone finds additional vulnerable products, please contact me. I will report them and update this list as soon as they fixed the issue. Getting our hands dirty If you want to know more about how to exploit #AVGator in a real life scenario, I have a good news for you: I already fully documented two exploit vectors: Local Privilege Escalation in Emsisoft Anti-Malware by abusing NTFS Directory Junctions #AVGater Local Privilege Escalation in Malwarebytes 3 by abusing NTFS Directory Junctions #AVGater Additionally, here are the slides of my talk “When your anti virus turns against you” from the IT SECX conference. How to protect myself? Generally, it’s pretty simple: Always install updates in a timely manner. However, as some vendors still need a few more days to release their fix, it may take a little till everyone is protected. Furthermore, as #AVGator can only be exploited if the user is allowed to restore previously quarantined file, I recommend everyone within a corporate environment to block normal users from restoring identified threats. This is wise in any way. Source
  2. Kaspersky has been in the news quite a lot recently, primarily because of US concerns over links to the Russian government. The security company also hit the headlines when it filed an antitrust case against Microsoft because Windows 10 disabled Kaspersky antivirus software. But now there's a new reason to be in the news -- and this time it's a good one. The Russian company is launching Kaspersky Free, a free antivirus tool available globally. Company founder Eugene Kaspersky announced that the US, Canada and numerous Asia Pacific countries have access to the software immediately, and the global rollout will continue over the coming months (although it already seems to be downloadable in the UK). The launch coincides with Kaspersky Labs' 20th birthday, and the company says that the increased user-base that will almost certainly come about will help to increase security for everyone thanks to the information that can be gathered for machine learning. Announcing the launch of Kaspersky Free, the company founder couldn't resist making a little dig at Microsoft: This is not -- of course -- going to compete with Kaspersky's paid-for security tools, and it only covers the "bare essentials": email and web antivirus, automatic updates, self-defense, quarantine, and so on, as Kaspersky explains. The software is built on the same technology as its paid-for predecessors, and the company promises that it is lighter on resources. There's also the promise that there will be no advertising, or tracking of user behavior and activity. The release schedule for the software is as follows: You can download Kaspersky Free direct from the company website. Via betanews.com
  3. https://www.facebook.com/bitdefender/app/118554158281905/
  4. Salut, Vand coduri de activare pentru 2 dintre cele mai cunoscute produse de securitate, suita: mobile protection + antivirus pc 10$ paypal sau doar antivirus 5$. Cine este interesat ma poate contacta prin pm.
  5. https://www.avast.com/registration-free-antivirus.php
  6. Scan: Filename: 1.apk Type: File Filesize: 262850 bytes Date: 14/05/2015 - 22:40 GMT+2 MD5: bf7b83bb02c4cfb714f176d68458b9a8 SHA1: 2fae38f3901003e2e14179f15fd35c3906a654b1 Status: Infected Result: 10/35 MaJyx Scanner | Results AVG Free - OK Avast - OK AntiVir (Avira) - OK BitDefender - Android.Trojan.AndroRAT.E Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - Android.Spy.178.origin eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - Android.Trojan.AndroRAT.E G Data - Android.Trojan.AndroRAT.E IKARUS Security - OK Kaspersky Antivirus - HEUR:Trojan-Spy.AndroidOS.Sandr.a McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - Android.Trojan.AndroRAT.E ( Quick Heal Antivirus - Android.Sandr.A Solo Antivirus - OK Sophos - Andr/SandRat-B Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - Android.Trojan.AndroRAT.E BullGuard - Gen:Variant.Kazy.609906 FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - OK Functi: Change logs v4.0: ----------------- * APK Encryption (AES, DES, TripleDES, Blowfish). * Assign custom package name for DJ server. * Remove certain features from the server. * Remove permissions from the server. * Call conversation recording. * Live update of currently running app on main panel. * User idle time on main panel. * Adjust volume on remote device (Alarm, Music, Notification, Ringer, System, Voice). * Check latency between DJ control panel and DJ server. * Make DJ server persistent even upon factory reset (Requires Root access). * Crash Reporter implemented to track DJ server bugs. * View Draft SMS messages. * Disconnect Me Forever now disables the DJ server instantly. * File Voyager supports UTF-8 encoding to support various languages. * Fixed several bugs. Dw: https://yadi.sk/d/pyksqqyGhDkrd Pas: fuckeTheDroid
  7. CYBERGATE ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:32:48 +0000 Archivo: CyberFUD.exe Tamaño: 2052237 bytes MD5: d530a87aa19d75b6b15015028eacf004 Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean SPYNET 2.6 ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:34:02 +0000 Archivo: SpyNetFUD.exe Tamaño: 2046093 bytes MD5: 5b9c84424a48942821b0f63c5af9d2fc Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean DARKCOMET ENCRIPTADO AHORA: [info] Fecha del reporte: Tue, 16 Jun 2015 19:34:55 +0000 Archivo: DarkCometFUD.exe Tamaño: 2422413 bytes MD5: 7dc0186a7c18402b60b322356da976f3 Estado: Limpio Detecciones: 0 de 35 (0%) [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean Dw: Download DH Crypter [MOD MAGGICIANCOR] [100% FUD].rar Password: Indetectables.net - MaggicianCOr
  8. Filename: Gerador Crypt By ~ Zeed.exe Type: File Filesize: 3747840 bytes Date: 08/06/2015 - 22:46 GMT+2 MD5: db22e83efba333f778b2a585e591fcc9 SHA1: 2e5082f993e22c8081694e9b7d80a4763c1f9a86 Status: Infected Result: 1/35 AVG Free - OK Avast - OK AntiVir (Avira) - OK BitDefender - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - Trojan.Win32.Generic.pak=21cobra Download https://www.sendspace.com/file/egto0z
  9. Stub: Filename: PT.exe Type: File Filesize: 76288 bytes Date: 06/05/2015 - 03:37 GMT+2 MD5: b147db0e17e6bae978bb309be1daefd8 SHA1: 61e75e18761f9eeacc2a430578b1ea49e424e4a0 Status: Infected Result: 1/35 AVG Free - OK Avast - OK AntiVir (Avira) - TR/Dropper.MSIL.Gen8 BitDefender - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - OK Scan Result: MaJyx Scanner | Results Scan by MaJyx Scanner Encriptado: Filename: server.exe Type: File Filesize: 107318 bytes Date: 06/05/2015 - 03:41 GMT+2 MD5: 152a6a33274143add9e2154b4bb4ce0f SHA1: 3a97654140b6faf5987366cc2d0edfa390ebbbd0 Status: Infected Result: 1/35 AVG Free - OK Avast - OK AntiVir (Avira) - TR/Dropper.Gen BitDefender - OK Clam Antivirus - OK COMODO Internet Security - OK Dr.Web - OK eTrust-Vet - OK F-PROT Antivirus - OK F-Secure Internet Security - OK G Data - OK IKARUS Security - OK Kaspersky Antivirus - OK McAfee - OK MS Security Essentials - OK ESET NOD32 - OK Norman - OK Norton Antivirus - OK Panda Security - OK A-Squared - OK Quick Heal Antivirus - OK Solo Antivirus - OK Sophos - OK Trend Micro Internet Security - OK VBA32 Antivirus - OK Zoner AntiVirus - OK Ad-Aware - OK BullGuard - OK FortiClient - OK K7 Ultimate - OK NANO Antivirus - OK Panda CommandLine - OK SUPERAntiSpyware - OK Twister Antivirus - OK VIPRE - OK https://www.sendspace.com/file/ubgdlc Arhiva este cryptata in rar DES.
  10. File Name: aty.exe = DarkComet MD5: f766539495d37106b4e090ef0e6a5a86 Date/Time: 1-04-15,07:53:51 File Size: 280134 Bytes Reported by Most-Security.com Status: infected Detection: 2/35 AVG Free File Clean! Avast File Clean! AntiVir (Avira)TR\/Dropper.Gen BitDefender File Clean! Clam Antivirus File Clean! COMODO Internet Security File Clean! Dr.Web File Clean! eTrust-Vet File Clean! F-PROT Antivirus File Clean! F-Secure Internet Security File Clean! G Data File Clean! IKARUS Security File Clean! Kaspersky Antivirus File Clean! McAfee File Clean! MS Security Essentials File Clean! ESET NOD32 File Clean! Norman File Clean! Norton Antivirus File Clean! Panda Security File Clean! A-Squared File Clean! Quick Heal Antivirus File Clean! Solo Antivirus File Clean! SophosMal\/VBDrop-G Trend Micro Internet Security File Clean! VBA32 Antivirus File Clean! Zoner AntiVirus File Clean! Ad-Aware File Clean! BullGuard File Clean! FortiClient File Clean! K7 Ultimate File Clean! NANO Antivirus File Clean! Panda CommandLine File Clean! SUPERAntiSpyware File Clean! Twister Antivirus File Clean! VIPRE File Clean! Download: sters - virus Password rar: eazye
  11. DOWNLOAD: Zippyshare.com - Narcis_Crypter_v2 Mod By MCN.rar RAR PASSWORD: MCN CRYPTER FUNCIONA S.O XP sp1 OK XP sp2 OK XP sp3 OK Vista x86 OK Vista x64 OK Windows 7 X86 OK Windows 7 x64 OK Windows 8 X86 OK Windows 8 x64 OK Windows 10 X86 OK Windows 10 x64 OK Test Con bola de Metal y CyberGate v1.07.5 SCAN ANTES [info] Fecha del reporte: Wed, 01 Apr 2015 19:48:03 +0000 Archivo: ShadeSTB Antes.exe Tamaño: 45056 bytes MD5: a6e5a28d605c92fcdf0bcb3d04142acf Estado: Infectado Detecciones: 28 de 35 (80%) Reporte: Just a moment... Reporte generado por Indetectables.net [Detecciones] A-Squared - Gen:Trojan.Heur.ZGY.5 ( AVG Free - Trojan horse Dropper.Generic2.CUS Ad-Aware - Gen:Trojan.Heur.ZGY.5 AntiVir (Avira) - TR/Dropper.Gen Avast - Win32:Evo-gen [susp] BitDefender - Gen:Trojan.Heur.ZGY.5 BullGuard - Gen:Variant.Mikey.10413 COMODO Internet Security - Malware@#16lzzwutry3tf Clam Antivirus - Trojan.VB-21773 Dr.Web - Trojan.MulDrop1.57374 ESET NOD32 - Trojan.Win32/Injector.BLB F-PROT Antivirus - W32/MalwareF.MJEX (exact) F-Secure Internet Security - Gen:Trojan.Heur.ZGY.5 FortiClient - W32/Refroso.BLC!tr G Data - Gen:Trojan.Heur.ZGY.5 IKARUS Security - Trojan.Win32.VBInject K7 Ultimate - Backdoor ( 04c4c3d81 ) Kaspersky Antivirus - Worm.Win32.VBNA.b MS Security Essentials - Trojan:Win32/VBInject.E McAfee - Artemis!A6E5A28D605C NANO Antivirus - Trojan.Win32.VBNA.bsfwy Norman - Gen:Trojan.Heur.ZGY.5 Norton Antivirus - Trojan.Usuge!gen3 Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Mal/VB-OF Trend Micro Internet Security - Clean Twister Antivirus - Trojan.C41BB17EE1308DDA VBA32 Antivirus - infected Trojan.VBRA.013538 VIPRE - VirTool.Win32.VBInject.gen.dg (v) Zoner AntiVirus - Clean eTrust-Vet - Win32/VBInject.C!generic SCAN AHORA [info] Fecha del reporte: Wed, 01 Apr 2015 19:49:38 +0000 Archivo: ShadeSTB.exe Tamaño: 45056 bytes MD5: 3a0bbf4e1a857d7eda8f3f23d9235155 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: Just a moment... Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 19:50:57 +0000 Archivo: bola_Metal RC4.exe Tamaño: 65082 bytes MD5: 64d7fd51bfc2cbf6ce57fad8280086bf Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: Just a moment... Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 19:53:02 +0000 Archivo: bola_Metal XOR.exe Tamaño: 65082 bytes MD5: 6113df24594cc7dea55271a999c0e90b Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: Just a moment... Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 19:54:38 +0000 Archivo: CyberGate v1.07.5 XOR.exe Tamaño: 348849 bytes MD5: 3c9be5d2cae0da422bd96b6d71a6e734 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=38f5e4_g33h1399 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 19:56:21 +0000 Archivo: CyberGate v1.07.5 RC4.exe Tamaño: 348849 bytes MD5: 3f16a2d50ca64c1ee8dac3e7c87d7b40 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=7dd2fe_g33hdf92 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 19:58:00 +0000 Archivo: SpyNet2.6 RC4.exe Tamaño: 342705 bytes MD5: 587cd3e9987aa5550d8bd79f92fb6f98 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=1c29cb_g33hr366 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 19:59:37 +0000 Archivo: SpyNet2.6 XOR.exe Tamaño: 342705 bytes MD5: 98c0ce6a7e9f4cfcc9fc77625c413991 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=30e85a_g33i9n81 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 20:01:03 +0000 Archivo: Cybergate+Tcpview Binder RC4.exe Tamaño: 649682 bytes MD5: b6408529ac81152ff3f3b31ff05009bc Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=711bb0_g33ipl45 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 20:03:13 +0000 Archivo: Cybergate+Tcpview Binder XOR.exe Tamaño: 649682 bytes MD5: d31d40c1af20f5dcdfbd35e2561f5193 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=1a507d_g33jn562 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 20:04:23 +0000 Archivo: SPYNET2.6+RESHACKER RC4.exe Tamaño: 1281714 bytes MD5: 6c49962ff10126bf7e97d130359cbca1 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=22bf75_g33k9118 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 20:05:39 +0000 Archivo: SPYNET2.6+RESHACKER XOR.exe Tamaño: 1281714 bytes MD5: d874a805c00cbfcdce0dd41662c6de7f Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=1e641d_g33kmn78 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean [info] Fecha del reporte: Wed, 01 Apr 2015 20:07:10 +0000 Archivo: Tcpview + ResHacker + RC4.exe Tamaño: 1285074 bytes MD5: 352ecf435e248715b1f1e7f6d77b43d6 Estado: Limpio Detecciones: 0 de 35 (0%) Reporte: http://www.indetectables.net/scanner.php?report=3ac9f3_g33l6l43 Reporte generado por Indetectables.net [Detecciones] A-Squared - Clean AVG Free - Clean Ad-Aware - Clean AntiVir (Avira) - Clean Avast - Clean BitDefender - Clean BullGuard - Clean COMODO Internet Security - Clean Clam Antivirus - Clean Dr.Web - Clean ESET NOD32 - Clean F-PROT Antivirus - Clean F-Secure Internet Security - Clean FortiClient - Clean G Data - Clean IKARUS Security - Clean K7 Ultimate - Clean Kaspersky Antivirus - Clean MS Security Essentials - Clean McAfee - Clean NANO Antivirus - Clean Norman - Clean Norton Antivirus - Clean Panda CommandLine - Clean Panda Security - Clean Quick Heal Antivirus - Clean SUPERAntiSpyware - Clean Solo Antivirus - Clean Sophos - Clean Trend Micro Internet Security - Clean Twister Antivirus - Clean VBA32 Antivirus - Clean VIPRE - Clean Zoner AntiVirus - Clean eTrust-Vet - Clean
  12. Bot http multitasking cu un atacuri DDoS func?ionale ?i altele. Descriere: ============================== List? de func?ii principale Betabot: ============================== * Nivel de sistem Userkit (Ring3 rootkit) Suporta 64 de \ 86 sisteme de bi?i. component intercepteaza rootkit apel x86 sistem func?ie nizkourovnennye (KiFastSystemCall ?i x86SwitchTo64BitMode) pentru a intercepta toate apelurile de sistem efectuate printr-un procedeu f?r? a l?sa urme vizibile de activit??i tale. Cârlige distan?? restaurat în mod automat bot. * ANTI-AV Module Folosind metoda ingineriei genetice sociale (scris în 12 limbi), care apare sub forma unei ferestre legal UAC, barca poate ridica drepturile lor la nivel de administrator. Dup? ob?inerea Betabot drepturi de administrator capabil s? incapacitatea mai mult de 30 de instrumente de antivirus! Rata de succes folosind aceast? metod? pentru aproximativ 70%! Aceast? func?ie este esen?ial? poate fi activat \ dezactivat prin intermediul panoului de control al re?elei bot! List? de instrumente anti-virus acceptate: AhnLab V3 Lite (numai XP) ArcaVir Avast! AVG Avira BitDefender (On config minim) BKAV BullGuard Emsisoft Anti-Malware ESET NOD32 / Smart Security F-PROT IS F-Secure GData IS Ikarus AV K7 AntiVirus Kaspersky AV / IS (doar versiunile mai vechi) Lavasoft Adaware AV Malwarebytes Anti-Malware McAfee Microsoft Security Essentials Norman AntiVirus Norton AntiVirus (numai Vista +) Outpost Firewall Pro Panda AV / IS Panda Cloud AV (versiunea gratuit?) PC Tools AntiVirus Cre?terea AV / IS Sophos Endpoint Antivirus Raport defensiva Trend Micro Vipre Webroot SecureAnywhere AV Windows Defender ZoneAlarm IS * MODUL anti-malware Acest modul v? permite s? scana?i Betabot de sistem (euristice) pentru prezen?a malware si distruge-le (Inclusiv necunoscut noi troieni \ \ virusi). Modul utile pentru cei care doresc s? "cure?e" sarcina lor de concuren?? în plus! * Modul de securitate bot Betabot Procesul \ fisierului bot \ Datele din registrul de Windows sunt sub protec?ia constant de la îndep?rtarea \ distrugere ?i include o varietate de metode (nu numai rootkit). La ?tergerea cheile de registry ?i fi?ier bot vor fi restaurate automat. Acest modul îmbun?t??e?te supravie?uire a desc?rc?ri dumneavoastr?! * Se injecteaz? în procesul de Betabot folose?te mai multe tehnologii samopisnyh injectare în procesul de a eluda o mul?ime de agen?i antivirali (în Runtime) Lista de runde: ArcaVir IS - bypass Avast - bypass Avast Internet Security - este injectat dar cauzeaza fereastr? Cutia cu nisip AVG Internet Security - bypass Avira - bypass Avira Internet Security - bypass BitDefender - bypass (în func?ie de set?rile) BullGuard - Încercarea de a ucide dup? o repornire Comodo - Fereastra Dr. Web - bypass ESET AV / ESET Smart Security - bypass F-Secure - bypass GData - Fereastra K7 AntiVirus - bypass Kaspersky Anti-Virus - bypass (în func?ie de set?rile) Kaspersky Internet Security - bypass (în func?ie de set?rile) McAfee Total Protection - bypass Norman IS - Fereastra Norton Internet Security - bypass Panda Internet Security 2013 - bypass PandaCloud - bypass PC Tools AntiVirus - bypass Rising IS - bypass Defensiva Total - bypass Trend Micro - bypass VIPRE - bypass ZoneAlarm - bypass * Modul Editor DNS Utilizeaza func?ie interceptare sunt esen?iale în victima responsabil pentru activitatea de DNS. Poate fi folosit pentru a înlocui produc?ia de loturile dumneavoastr? (de exemplu, prin phishing Facebook redirec?iona c?tre o pagin? p.r fals facebook.com 127.0.0.1) * C?utarea fi?ierelor Caut? fi?ierele din sistemul are set?ri flexibile ?i o varietate de filtre de cautare. Toate fi?ierele sunt ambalate într-o arhiv? ZIP ?i înc?rca?i la server. * Modulul form? Grabber Formele Rob din urm?toarele browsere: Mozilla Firefox (ultima versiune) Google Chrome (sprijin? SSL) Internet Explorer Toate jurnalele Formular hapsân convenabil sortate în panoul de control. * Modul Grabber FTP / POP3 / SSH Permite furt ?i parolele trimiterea în panoul de control. Totul are loc în timp real! (Putty, Filezilla, etc.) * Modul de protec?ie proactiv? (Aceast? func?ie este op?ional? ?i poate fi activat? \ dezactivat prin intermediul panoului de control) Oportunitati de protec?ie activ? mod bot în acest mod Betabot va bloca orice încercare de a instala software r?u inten?ionat în sistem, precum ?i pentru a detecta automat impotriva deja instalate ?i a le elimina din sistem amprenta! Uneori ai nevoie pentru a opri func?ia prin panoul de control (de exemplu, dac? dori?i s? desc?rca?i la RAT-ul progruz, inutil betabot-l distrug? în mod automat) ============================== Caracteristici suplimentare BETABOT: ============================== * <Size Build 150KB * <Editor Config * <Lock bootkit (nu instituie bootkits de familie Carberp / Rovnix / Gapz, etc.) * <Suport pentru 16 servere -------------------------- * <4 metode diferite de atacuri DDoS (UDP, HTTP inunda?ii, CONNECT-DECONECTA?I inunda?ii, SLOWLORIS FLOOD (KILL APACHE) - DDoS Slowloris de inunda?ii server de web Apache v? permite s? ucid? cu un num?r minim de boti - Conecta?i-Deconecta?i atacuri DDoS inunda?ii este o aparen?? de SYN se bazeaz? pe protocolul TCP. Spre deosebire de SYN unde nu suntem responsabili pentru pachet ACK de la server, CONNECT-DECONECTA?I inunda?ii dribleaz? complet TCP-strângere de mân? (compusul) ?i repet? atât de multe ori. Din cauza lipsei de resurse pentru a procesa num?rul mare de conexiuni la serverul incapacitate de munc?. Am decis s? nu pun? în aplicare inunda?ii SYN datorit? faptului c? potopul plin de acest tip nu sunt disponibile pe sisteme Windows (f?r? editare drivere Tcpip) Utilizarea drivere ter?i, astfel încât nu cel mai bun perspectiva. - HTTP atacuri DDoS împotriva inunda?iilor complet randomizat ?i optimizate - Atac Standard UDP de inunda?ii DDoS -------------------------- * <Autorun USB (LNK cu File) * <SOCKS 4 servere (preia ?osete proxy pe desc?rc?rile) * <Desc?rcare / Actualizare / executie - caracteristici standard înc?rc?tor (suporturi desc?rca fi?iere DLL în zombie memorie proces svchost.exe, precum ?i fi?iere JAR) Panou detaliate ?i frumos. Imagini panou: Acas?: http://i.imgur.com/hdXeq1P.png Editor DNS: http://i.imgur.com/K1tt7MC.png Forma hapsân filtre: http://i.imgur.com/Y7cShSd.png Realtime Grabber Chit / FTP / POP3: http://i.imgur.com/G03jQ8B.png Obiective: http://i.imgur.com/eDKBei0.png Configurarea Socks Proxy: http://i.imgur.com/ritA4WR.png Cerin?e pentru panoul de control În scopul de a g?zdui un panou de control de pe serverul dvs. nevoie de urmatoarele programe: • ionCube Loader 5.3+ • 5.3.x PHP • MySQL • PHPMyAdmin Dowload baza americana 64 aHR0cHMlM0EvL3d3dy5kcm9wYm94LmNvbS9zLzZ6YXQ1dGd6ODZlcmd3aS9CdWlsZGVyJTI1MjAxLjcucmFyJTNGZGwlM0Qw
  13. TJX hacking mastermind Albert Gonzalez scoffed at antivirus tools. He and his cohorts wrote malware specifically designed to evade their detection. One can imagine him laughing as his team of hackers broke into corporate networks using SQL injection attacks and gained administrative access. Then he probably guffawed, Bond villain-style, as he uploaded the malware directly into server memory, and when the corporate networks began happily delivering customer credit card data directly to his servers chuckled all the way to the bank. Gonzalez was perhaps the biggest cyber criminal in history. He was eventually jailed for hacking more than 250 companies, ranging from retailers such as TJX and grocery chain Hannaford Bros through to payment processing company Heartland. He pilfered data from under their noses and cost them hundreds of millions of dollars. Even though many of these firms had antivirus software installed, they didn’t detect what he was doing. Why? Mind the gaps Don’t be mistaken: antivirus software is a crucial part of any security arsenal and every day malware scanners the world over detect and throttle millions of malicious software strains. This is not a category of software that we should live without. Antivirus tools work by scanning both static files and programs running in memory. They use several techniques to try and detect malicious activity. Signature scanning, which looks for known patterns in files, is a well-established method of finding software nasties, as its scanning code runs in memory, looking for potentially malicious activity as it happens. These are solid, reliable tools but when attackers are determined enough, antivirus software alone may not stop them from grabbing your data. The malware industry thrives on zero-day attacks – exploits using obscure or completely unknown vulnerabilities. A hacker smart enough to devise one – and there are plenty – can get past malware detectors. The smart IT manager uses complementary technologies to reduce the risk of attack, and one is to look at the potential delivery channels for malware. Ugly sites One way in which attacks are delivered is via drive-by downloads. Employees visiting legitimate work sites are relatively safe, but when they visit less savoury sites online they run the risk of being infected by rogue JavaScript running in the browser. Web protection software can reduce that risk by blacklisting certain sites or groups of sites. Filtering web access is a good way to reduce the risk of infection by simply prohibiting access to sites that are not necessary for work. It can also be a worthy complement to antivirus software that will attempt to detect anything installed via the browser. This multi-faceted protection is a basic tenet of modern cyber security. Another important vector is email. This has gained huge traction among attackers, who use it for phishing, and in some cases spear phishing targeting specific companies. Attackers can gather information about a company's organisational structure and employees. The list of sources here is endless, ranging from annual reports through to social media posts. These can be used to socially engineer employees to obtain login details or have them open a file containing a zero-day attack. Employee training is all-important here but it must be backed by a technological solution too. All it takes is for one user to open a file or click a link to a fake IT administrator page asking them to enter their single sign-on password as part of a security audit, and you can wave goodbye to the integrity of your network. Big phish The best way to counter threats delivered via email is to choke them off before employees even see them. Monitoring and filtering emails is therefore an important part of any corporate cyber-security strategy. Email can be scanned for viruses, and it can be controlled still further by scanning for known spam signatures and characteristics. This alone can root out the lion’s share of malicious or pestering emails, increasing employee productivity as well as reducing the risk of compromise. Adding blacklists for known bad domains and whitelists for recognised sources, such as business partners and customers, can be an extra-useful technique for locking email down. The further that companies can keep unscrubbed email away from their IT architectures the better. Pre-filtered email streams contain not only infected files but also large volumes of spam, which serve only to clog bandwidth and servers. Having these filtered offsite by a third-party service mitigates the problem, ensuring that only clean communications touch company servers. Patch and mend Even after all these measures have been taken, there is still the chance that a company’s systems can be compromised. The likes of Gonzalez, or the Sony Pictures hackers, are determined assailants. The battle doesn’t stop with web protection or email scanning. Making sure the software running on the network is up to date is an important aspect of any cyber-security strategy so that attackers can’t exploit any of the known vulnerabilities in the average operating system or application. Patch management processes and tools are critical, especially as companies grow larger and IT infrastructures become more complex. Understanding what has been rolled out and when can help IT administrators prevent dangerous holes from appearing in the system. All of these measures, layered onto antivirus software, can help to reduce the risk of a successful cyber attack. Here’s the dirty little secret of cyber security, though: nothing is 100 per cent secure. The key is to make things so difficult for attackers that they decide to move on to easier targets. The way to do that is to layer your defences, using multiple tools and protecting different parts and communications channels of the IT infrastructure. Managing it centrally also gives you a single point of access, helping you not only to quash incidental attacks but also to spot any emerging trends that could indicate a sustained, targeted assault on your company. This concept reflects a long-established military strategy: defence in depth, in which layers wear down an attacker’s ability to mount an offensive. In a modern environment, where companies live and die by their data, don’t rely on a thin red line to protect it all. Source
  14. Zemana AntiMalware 2 reprezinta un antivirus complementar, bazat pe tehnologia cloud ce iti protejeaza calculatorul impotriva tuturor amenintarilor de tip malware: virusi, troieni, adware, spyware, etc. Te ajuta in a indeparta aplicatiile nedorite, toolbarurile inutile, sau extensiile nedorite din browser, folosind mai multe motoare de scanare. Poti folosi acest program alaturi de orice alt antivirus deja instalat in PC-ul tau. Gratie unei promotii speciale poti avea acest program gratuit cu licenta pe viata! Acceseaza acest link pentru a beneficia de oferta: Free Zemana AntiMalware 2 (100% discount) | Daily giveaways and discounts | SharewareOnSale -> Sursa: Zemana AntiMalware – licenta gratuita pe viata
  15. For many years, different types of malware rank among the biggest IT security threats both in the business and the private domain. In order to protect oneself from the dangers of malware, numerous software manufacturers offer IT security products like antivirus and endpoint protection software. But these products alone offer no sufficient protection from malware that knows some tricks, as the results of our recent research with the topic antivirus evasion show. In the recent past, there were several computer-based attacks against IT networks that became public and raised a lot of media attention. Especially the attacks against the New York Times [1] and the Washington Post [2] at the beginning of 2013 had a world-wide media coverage and also heated the debate about such cyber threats with manufacturers of IT security products like antivirus and endpoint protection software. In both mentioned cases, attackers were able to install malware on computer systems of employees in order to literally spy on the affected companies – and this probably undetected for several months. Once more, incidences like these have pointed out that in spite of the use of IT security products like antivirus software or host intrusion detection/prevention software (HIDS/HIPS) such attacks cannot be entirely prevented. This kind of threat illustrates that enterprises and also government agencies require a master plan with a working information security management and security awareness of all employees. This paper discusses how developers of malware like trojan horses (in short trojans), viruses, and worms proceed to hide their malicious intentions from antivirus software. Thereby, current results of our recent research are presented and recommendations are given for dealing with threats and security risks caused by malware. How Antivirus Software Works Current antivirus software, no matter if a standalone software product or a component of a software suite (host intrusion detection/prevention software, endpoint protection software, etc.), uses different methods to detect known and unknown threats by means of malware. In general, these methods used for protecting computer systems from unwanted, malicious software can be assigned to the following two strategies: 1. Blacklisting 2. Whitelisting In the context of antivirus software, the two terms blacklisting and whitelisting simply mean that the execution of a program is either explicitly forbidden (being on a black list) or explicitly allowed (being on a white list). Thus, by following the blacklisting approach antivirus software will prevent the execution of programs that are Read more: http://dl.packetstormsecurity.net/papers/general/outsmarted-malware.pdf
  16. https://www.virustotal.com/en/file/bc570ca7bf79e509cdd1d0350131d561b3f6cd241940e83ac17bc07eb42718bb/analysis/1421906792/ Testat pe Coailii Stealer de 2ori. Doar o data mi-a aratat 1/60 de la un antivirus de care nu auzisem. DOWNLOAD: MoAJn2gtbDwa0m0mOxHXnm64ny6q0IHsOxTa+DwC ATOM Cu placere
  17. Toate lumea isi doreste o promotie cu licenta gratuita pentru produsul de securitate utilizat. Atunci cand o gasesti esti in culmea fericirii, iar daca o primesti prin email, fara chiar a o solicita esti in extaz. Sau nu ar trebui sa fii ? Ei bine, atunci cand primesti oferte nesolicitate, trebuie sa fii circumspect si sa nu deschizi niciodata atasamente suspecte, mai ales cand contin fisiere executabile si denumirea lor nu are nicio legatura cu mesajul primit. Se raspandeste astfel un email cu subiectul “Norton Antivirus Free 1 Year Trial!” si contine atasat fisierul office.zip, ce include executabilul office.exe. Fisierul este infectat cu un malware de tip troian, a carui detectie este una buna: 22 din 56 de scannere antivirus, conform VirusTotal.com. Continutul email-ului este tentant si suna astel: Odata rulat, acesta va porni automat cu Windows-ul, va trimite date personale din PC-ul tau catre un server la distanta si va descarca alti virusi in calculatorul tau. Pentru DEVIRUSARE descarcati si scanati PC-ul cu Malwarebytes Anti-Malware. -> Sursa: Norton Antivirus Free 1 Year Trial! – email cu atasament virusat
  18. Accesa?i jocul urm?tor de pe facebook ?i selecta?i 10 ??ri în care BD nu exist?. http://bit.ly/inteligenta_bitdefender Licen?a îi valid? 6 luni de la activarea codului.
  19. ESET NOD32 Antivirus 6.0.308.0 Changes in 6.0.308.0: Fix: Outlook plugin crashed in specific situations Fix: SSL scanning issue with certain type of data Direct Download link 6.0 Final - x86: Direct Download link 6.0 Final - x64: Note ESET Fixes are flagged as viruses/potentially unwanted applications by ESET, we assure you they are not harmful in any way. box, mara-fix 1.6 | Trial reset patch. Check the "_Readme!.txt" file for the archive password. This file is not a virus, ESET marks it as a Potentially Unwanted Application because it is created using AutoIt. Instructions: 1. Install ESET EAV/ESS. 2. Extract the fix using the password above, ignore the Potentially Unwanted Application warning (if any). For your convenience a [VirusTotal.com] report is added. The file is shown as a PUA (Potentially Unwanted Application) because it is created using AutoIt, this is a FALSE POSITIVE. 3. Follow the on-screen instructions and read the ReadMe First message. 4. If ESET is not installed, you can apply the fix during installation. Just run it before installation. 5. Enjoy ;-) Virus total patch exe (box, mara-fix 1.69) : MiNodLogin 4.0.1.55 | Inserts license into ESET. Requires Java Runtime Environment. If your antivirus detects as virus to any of the programs, MiNODLogin and / or MiNODServer, do the following: - Disable the antivirus (in some cases is not necessary). - Install MiNODLogin and / or MiNODServer. - In Advanced Settings, in the Exclusions option, add the folders where have been installed (by default, in the eset folder C:\Program Files\ESET\Minodxxx). - If the antivirus has sent the files to the quarantine, restore them. Many thanks to everyone for help in improving these applications! TNod 1.4.2.1 | Inserts license into ESET. - Uninstall any previous version. - Add to exclusion sites (including the asterisks): *tukero.* and *tnoduse* - Add to exclusion the directory where you will download TNod and where you're going to install (by default it installs in the folder C:\Program Files\ESET\TNod User & Password Finder). Download link,toate 3(TNod 1.4.2.1,MiNodLogin 4.0.1.55,box, mara-fix 1.6):
  20. Remove Fake Antivirus is used to remove the most popular fake antiviruses. What is fake antivirus? This is a type of virus/malwares which disguises itself to be an antivirus. It infects your computer when you accidentally click a link in a website which will download the malware into your computer and run automatically when your windows boot. It scan the infected computer and produces fake alert warnings. It convinces you that your computer is in danger and urge you to purchase a useless copy of the fake antivirus. These fake antiviruses must be removed immediately. List: Windows Smart Warden Home Malware Cleaner Strong Malware Defender AV Security 2012 Data Recovery Wolfram Antivirus Security Protection Windows Antivirus 2011 Mega Antivirus 2012 AVG Antivirus 2011 PC Security 2011 ThinkPoint ThinkSmart Antivirus 8 Security Tool My Security Shield Antivirus 7 Antivirus GT Defense Center Protection Center Sysinternals Antivirus Security Master AV CleanUp Antivirus Security Toolbar Digital Protection XP Smart Security 2010 Antivirus Suite Vista Security Tool 2010 Total XP Security Security Central Security Antivirus Total PC Defender 2010 Vista Antivirus Pro 2010 Your PC Protector Vista Internet Security 2010 XP Guardian Vista Guardian 2010 Antivirus Soft XP Internet Security 2010 Antivir 2010 Live PC Care Malware Defense Internet Security 2010 Desktop Defender 2010 Antivirus Live Personal Security Cyber Security Alpha Antivirus Windows Enterprise Suite Security Center Control Center Braviax Windows Police Pro Antivirus Pro 2010 PC Antispyware 2010 FraudTool.MalwareProtector.d Winshield2009.com Green AV Windows Protection Suite Total Security 2009 Windows System Suite Antivirus BEST System Security Personal Antivirus System Security 2009 Malware Doctor Antivirus System Pro WinPC Defender Anti-Virus-1 Spyware Guard 2008 System Guard 2009 Antivirus 2009 Antivirus 2010 Antivirus Pro 2009 Antivirus 360 MS Antispyware 2009 IGuardPC or I Guard PC Additional Guard Download: http://olzen.info/RemoveFakeAntivirus.exe
×
×
  • Create New...