When looking for infected files at the compromised server I recommend the admins to check the 404 error page which is often modified by hackers to...
The server with IP address 66.79.164.134 was blacklisted because of the malware distribution. Infections originated from this address were...
Description of the malware from Sucuri LLC: http://sucuri.net/new-malware-evalfunctionpacked.html I was looking for info about this malware...
I agree, using a browser extension to limit JavaScript is very effective in reducing the risk of being infected. Unfortunately an end user has to...
We have noticed multiple websites are still compromised. The websites are running same malware which was inserted by hackers probably several...
Some Torrent sites are trying to generate income by providing third party sponsor applications. Sometimes the offer to download/install the...
You can unblock blocked addresses by entering the *blocked_domain* into the List of addresses excluded from filtering and marking the List...
In order to fix the problem cease usage of the obfuscation. You can find detail explanation here:...
In the last message I see a third party blacklisted website which works on similar principle as clickjacking video sites. Most probably some of...
Disabling the advanced heuristics is a serious security compromise as it not only disables the NewHeur_PE detection but almost all Win32 generic...
It is very unlikely for the static signature Win32/TrojanDownloader.Small.PAC trojan to create a false positive. This detection target infected...
I downloaded the newer build of avast! from a download server and discovered the OpenCandy plug-in was removed from the installer. It was nice...
We have been informed by Mr. Thompson (OpenCandy CEO) about their new internal policy to determine suitability of promoted applications for their...
Plan A: You can try to contact the Kanvaso.com team again and inform them about disadvantages of this obfuscation. If they are interested they...
I appreciate you decided to share your opinion. There is also the performance issue which I have already mentioned. A plain JavaScript code...
Hi Ncsapko and welcome to the wilders, Did you read my previous post http://www.wilderssecurity.com/showpost.php?p=1868378&postcount=12 about...
Obfuscation has more disadvantages then advantages. It makes the script to look like malware, it introduces non-zero delay each time prior...
MAXA Cookie Manager from MAXA Research Int'l Inc. has the identical code as Ultimate Cookie Manager from Treasure Island Software. It is very...
The file you have sent is most probably clean and it looks as an uninstaller of some application. The file was developed using the Java2exe...
I think there is a bug in the virus and sometimes it infects a copy of notepad.exe in the incorrect way, resulting in creating harmless...
You can submit the file according the instructions: http://kb.eset.com/esetkb/index?page=content&id=SOLN141
Is something detected on the webpage or do you have some more details about the issue?
When the viruslab colleagues read complains about undetected rogues they are often asking: “Where are those undetected samples?” and expecting...
Here is the updated link to the McAfee's article Who Digs the Elephant Trap? http://blogs.mcafee.com/mcafee-labs/who-digs-the-elephant-trap
Just a note about the AV testing My colleagues had a presentation called AV TESTING EXPOSED at the VIRUS BULLETIN conference VANCOUVER 2010. The...
Separate names with a comma.