Search found 1105 matches

by rkhunter
Sat Jul 23, 2011 12:35 pm
Forum: Malware
Topic: Trojan WinAD (alias Ransom.ER, Winlock, Win32.Timer)
Replies: 164
Views: 173270

Re: Trojan.Winlock - WinAD

Maybe sites already taken down. Unfortunately, I did not keep the samples.
by rkhunter
Sat Jul 23, 2011 12:03 pm
Forum: Malware
Topic: Trojan WinAD (alias Ransom.ER, Winlock, Win32.Timer)
Replies: 164
Views: 173270

Re: Trojan.Winlock - WinAD

To GMax, thank's a lot!
by rkhunter
Sat Jul 23, 2011 11:22 am
Forum: Malware
Topic: Trojan WinAD (alias Ransom.ER, Winlock, Win32.Timer)
Replies: 164
Views: 173270

Re: Trojan.Winlock - WinAD

To GMax: What service do you use to get such detailed information? I have some links: hxxp://rating-2011.ru/xxxvideo.avi.exe hxxp://erotic-a.ru/xxx_porno_video.avi.exe For both host ISP: FOP Opria Ruslan Dmitrievich Server Location: Ukraine But full address not present. Useful Russian service - htt...
by rkhunter
Fri Jul 22, 2011 8:52 pm
Forum: General Discussion
Topic: Anonymous members was arrested
Replies: 6
Views: 6592

Anonymous members was arrested

16 Suspected 'Anonymous' Hackers were Arrested. Info + video: http://www.foxnews.com/scitech/2011/07/19/exclusive-fbi-search-warrants-nationwide-hunt-anonymous/ FBI press release: http://www.fbi.gov/news/pressrel/press-releases/sixteen-individuals-arrested-in-the-united-states-for-alleged-roles-in-c...
by rkhunter
Fri Jul 22, 2011 7:58 pm
Forum: Malware
Topic: Trojan.Winlock - Pornoblocker
Replies: 47
Views: 58865

Re: Trojan.Winlock - Pornoblocker

May be is present list of dark side hosting providers on Russia/Ukraine, who distribute blockers? As i know it distribute from porno sites and legal hosts as Narod/Yandex.
by rkhunter
Fri Jul 22, 2011 7:22 pm
Forum: Malware
Topic: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader)
Replies: 83
Views: 117530

Re: Trojan.Mayachok.2

Probably they update it for x64 system - x64 browsers. Previous version not working correct for x32 browsers (on start, browser was crashed) in x64 system. And not working for x64 browsers (no banner).
by rkhunter
Wed Jul 20, 2011 9:23 am
Forum: Malware
Topic: Rootkit ZeroAccess (alias MaxPlus, Sirefef)
Replies: 374
Views: 322920

Re: Rootkit ZeroAccess (aka MAX++)

Webroot wrote: ZeroAccess Gets Another Update. Last week ZeroAccess received another update, and again it’s a major one. The rootkit shifted from a hidden encrypted file used as an NTFS filesystem volume to a more comfortable hidden directory created inside the Windows folder, where the rootkit stil...
by rkhunter
Wed Jul 20, 2011 9:04 am
Forum: Tools/Software
Topic: Epic Fail from IDA and ESET
Replies: 14
Views: 18728

Re: Epic Fail from IDA and ESET

Previous link to nfo, does not working;
available here http://webcache.googleusercontent.com/s ... m/Q6p4CEbg
by rkhunter
Mon Jul 18, 2011 12:30 pm
Forum: Malware
Topic: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)
Replies: 595
Views: 636913

Re: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)

Video about Dr.Web Scanner cures TDL-4
http://www.youtube.com/watch?v=fNlTigi8RAc