Perhaps you, my readers, are tired(bored) to read articles about complicated malware analysis and how to disinfect the computer manually which sometimes is a tough job, so I thought it is a good idea to offer you an easier solution to keep your computer protected from malware.  My idea is to reward my website visitors with a free 1 year  license key for Avira Antivirus Premium 2012 — the license will be bought by me. Avira Premium 2012 is an antivirus that I love for its simplicity, its [...]

As requested by one of the site’s visitor, today I have tested Webroot SecureAnywhere Antivirus 2012 (hereinafter referred to as WSAA) against the same bunch of malware as in the last article, to make a comparison between it and ByteHero Unknown-virus Detection Software (BDV). The main idea was to test the heuristic analysis capabilities of these products. With an installer of about 618 KB, WSAA seemed to be another revelation and when I received the trial installation key in a webpage containing [...]

A few days ago when I was scanning a file on virustotal.com, I noticed a name less known to me: ByteHero. Googling a bit I found the official product website at: http://www.bytehero.com/english.asp. The software is developed in China by ByteHero Information Security Lab and is promoted as a first class dynamic and static heuristic analyzer. Because the main component of it is a heuristic detection engine, the software does not need a virus signatures database therefore there is no need to be updated [...]

These days the debate about Android platform malware become more intense than ever. On one side the open source and public sector engineering manager at Google, Chris DiBona wrote an article at Google+ blog containing some incendiary sentences like: No major cell phone has a ‘virus’ problem in the traditional sense that windows and some mac machines have seen. There have been some little things, but they haven’t gotten very far due to the user sandboxing models and the nature of [...]

The improvements in the new TDL4 bootkit versions are suggesting that the original code was outsourced. For example in the older TDL4 versions the computer infection was initialized by infecting the Master Boot Record(MBR) of the hard disk with malicious code and the attempts to fix it were initially thwarted hooking and malforming the disk read-write operations. In the recent TDL4 versions, the bootkit does not infect the MBR anymore, instead it creates its own primary and hidden partition with [...]

The keyword “antispyware” has around 2000,000 monthly searches in Google search engine and it’s obvious why nowadays when the security related websites are abundant with news about new computer trojans, new dangerous creations which have in fact a unique objective: not to delete Windows installation, not to take over the mouse and keyboard but to spy silently and unnoticed on the victim’s computers or networks, posing a huge risk for all non public data. If we search in Google [...]

The backdoor trojans from Buterat(Butirat according to Dr.Web security vendor) family appear two years ago on the scene and was improved by its creators with each version. The latest version added new features as self modifying the data in the PE header(the executable file first bytes) in order to modify its hash. This renders unusable or better said ineffective the identification based on file hashes and antivirus detection based on files signature is deceived packing the malware with modified version [...]