Our good friends over at Symantec love VIPRE so much, they’ve decided to use the logo in their new marketing campaign!
We prefer our colors, of course (I like blue) but otherwise, not a bad copy of our logo.
Imitation is the sincerest form of flattery!
Alex Eckelberry – GFI
DE-Cleaner powered by Avira
Minimum Requirements for the DE-Cleaner powered by Avira:
- Computer from Pentium, at least 266MHz
- Windows XP with at least SP 2, (32 oder 64 Bit)
- Windows Vista (32 oder 64 Bit, SP 1 or higher recommended) Windows 7 (32 or 64 Bit)
- At least 150 MB free disk space
- At least 192 MB memory on Windows XP
- At least 512 MB memory on Windows Vista, Windows 7
- Internet connection for Updating und first time Download
- Please note: At the moment there is no DE-Cleaner available for Linux or Mac OS. Since Internet criminals mainly concentrate on and attack Windows based computers.
The big news in the IT security industry today is the announcement that Intel plans to acquire McAfee for a jaw-dropping $7.68 billion.
Yes, that’s “billion”. Oh to have such pocket money.
Of course, those of us with long memories will know that Intel is no stranger to the computer security industry.
Indeed they used to have their own anti-virus product (Intel LanDesk Virus Protect) which they sold to Symantec in 1998.
Now, Intel is purchasing Symantec’s arch-enemy McAfee and re-entering the business.
Is your computer safe from online threats? The Security Scan performs the following tests and offers recommendations based on the results:
Hacker Exposure Check
Checks whether your computer allows unknown or unauthorized Internet communications.
Windows Vulnerability Check
Checks whether basic information about your computer, including your PC’s network identity, is exposed to hackers.
Trojan Horse Check
Checks whether your computer is safe from Trojan horses.
Here at a security press conference held by Kaspersky Lab, the company demonstrated how some malware detections are easily triggered by innocuous programs.
The problem arises when one vendor detects a threat. Samples are often passed on to other vendors, through multi-scanning services like VirusTotal. The fact that another vendor, particularly a respected one like Kaspersky, detects a threat is enough of a reason to take a serious look at the sample.
After suspecting such problems, Kaspersky created a test which demonstrated the phenomenon. They wrote a series of simple and innocuous programs, compiled them, created false detections for them in their engine, and then submitted the files to Virustotal. Only Kaspersky detected the files at this point.
But standard procedure with VirusTotal is that if at least one of the products detects a submitted sample, it is submitted to the others who didn’t detect it. The idea is that they can then analyze the file and create their own detection.
Instead, what they found was that other companies were creating detections for the false submissions from Kaspersky. The programs create some variables and perform simple mathematical operations on them. They don’t even touch the file system. Kaspersky provided me with the programs and the source code.
Click on these to see some of the detections:
But it turns out that the fact that Kaspersky was detecting the threats was not the only reason the others were. The real problems were the aggressive heuristics in the products and that fact that only a static scan was performed.
And there is something suspicious about a program that appears to do nothing and then exits. Other vendors I communicated with on the matter said that the behavior was not surprising and that a live on-access detection on a system with their product installed would not be the same. For instance, F-Secure said that “[o]n the end users Windows box, these alerts would show up as a prompt, asking the user whether he really trusts the program. In addition, we have massive whitelist databases in our back-ends, so such prompts would only appear from new, unknown applications.”
I suspected that the compiler used to generate the samples might itself be an issue, so I asked Kaspersky about it. They used the mingw crosscompiler, a gcc version for Linux that generates Win32 binaries. It’s possible that the same source code compiled with Microsoft Visual Studio would have generated a different reaction in the anti-malware products, not that it should make a difference. But Kaspersky then creates a “hello world” program with the same compiler and settings and uploaded it to VirusTotal; hours later, even though there were no Kaspersky detections, 2 other products called the sample “suspicious”.
This problem is not entirely new; Hispasec Sistemas Lab of Spain, the company that operates VirusTotal, wrote about it a few months ago (original Spanish, Google translation to English). As they point out, the volume of samples coming into company labs is so enormous that the vast majority has to be handled by automated analysis processes, and perhaps they are designed to be a little more paranoid than humans.
Kaspersky Lab has written an Analyst’s Diary entry on the issue as well.
By Larry Seltzer from PCMag.com
Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.
W32.Fujacks.CB is a worm that spreads through removable drives and network shares. It may download files on to the compromised computer.
Note: This threat has been renamed from Trojan.Matem.
- Wild Level: Low
- Number of Infections: 0 – 49
- Number of Sites: 0 – 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
- Damage Level: Medium
- Payload: Downloads a remote file on to the compromised computer.
- Modifies Files: Modifies the hosts file.
- Distribution Level: Medium
- Target of Infection: Shared drives
Writeup By: Fergal Ladley and Asuka Yamamoto
For More TECHNICAL DETAILS ( Click Here )
Symantec corporation made a tool called Norton security scan, its a tool that using last Norton Virus definitions with scan and detect viruses, spyware, adware and other risks in your computer, so its a useful tool for who want to make sure his computer is safe even if he has other Antivirus products and its free to use for scanning and detect but not removing, if you want to remove the viruses you can upgrade it to Norton 360.
Instructions to Install Norton Security Scan
|Step 1||Click here to start download|
|Step 2||Click “Save File” in the window that appears.|
|Step 3||Click on the “Tools” menu in Firefox. You will see a window displaying your downloads.|
|Step 4||Look for “Setup.exe” in the “Downloads” window and click the “Open” link next to “Setup.exe”.|
|Step 5||Your software will now install.|