Fast Raw File Copier Pro easily allows you to copy files while showing progress percentages as well as the ability to copy files which generally cannot be copied through traditional means in the Windows OS. An example of a file which cannot be copied due to built-in Windows OS protection is the SAM file which [...]

We have made available to our users the SDK to use our API service. Users can download the SDK from their Dashboard: Documentation of the SDK: ////////////////////////////////////////////////////////////////////////////// /////////////////// MalwareHash Function Definitions //////////////////////// /////////////////////////////////////////////////////////////////////////////     /* Validates an API Key in order to use the MalwareHash.com service   Returns TRUE if the key is valid [...]

We have recently included a link “Free API Key” in the service api.malwarehash.com: Every new user that register to the service, can make use of this option. When the link “Free API Key” is clicked, it will generate an API key with 50 free queries that can be used for testing the service or for [...]

Download EXE Radar Pro and install it. Download Ikarus T3 (T3 VDB + T3 Commandline Scanner): http://updates.ikarus.at/updates/update.html Extract ikarust3scan.exe in: C:\AVs\Ikarus\ Place there also t3sigs.vdb. Now open EXE Radar Pro and click the [TAB] Behavioral. Open the [TAB] Custom Scanners. Put a check in Enable Custom Scanners. Select the file: C:\Programmi\NoVirusThanks\EXE Radar Pro\Examples\Config.ini In the [...]

Malware Hash is a commercial service offered by NoVirusThanks™ that collects malicious MD5/SHA1 hashes of malware samples that are analyzed by our malware analysts, internal honeypots, sandboxes, submitted by users and captured from our Multi Engine Antivirus Scanner. www.malwarehash.com We have recently finished to work in the Malwarehash.com API Service that allows users to query [...]

We have received another fake UPS email containing an infected ZIP archive: Dear customer.   The parcel was sent your home address. And it will arrive within 3 business day.   More information and the tracking number are attached in document below.   Thank you.   Copyright © 1994-2011 United Parcel Service of America, Inc. [...]

EXE Radar Pro vs Infected Website with Hidden Iframe Password Protect Task Manager Execution Protect your Web Browser Block Execution of New Processes Started by IEXPLORE.EXE Block Processes Using Regular Expressions Remote PHP Notification with EXE Radar Pro Service Integrate Custom Antivirus Scanners with EXE Radar Pro New EXE Radar Pro Rules How to Configure [...]

In this video we want to demonstrate that Behavioral Analysis feature in NoVirusThanks EXE Radar Pro can successfully block recent versions of Blackhole Exploit Kit. We have enabled the option “Block Process + Quarantine File” in Behavioral TAB. When we visit the infected website, we can see that the payload of blackhole exploit kit is [...]

While searching images on Google Images, we noted a suspicious redirect: hxxp://epnfmackey. info/index.php?tp=81350e0ebb536599 It looks like the Blackhole Exploit Kit URL format! Malicious code can be found by analyzing the page source: The main redirect was created by this malicious URL: hxxp://www.buy-itraconazole. info/noob-tube&page=6 Analysis from NoVirusThanks Sandbox: Connection Established – %ProgramFiles%\Internet Explorer\iexplore.exe – TCP – [...]

Infected website: hxxp://somerandomiframedomain. com Activity: Connection Established – %ProgramFiles%\Internet Explorer\iexplore.exe – TCP – 92.38.232.92 – 80 Web Request – %ProgramFiles%\Internet Explorer\iexplore.exe – GET – somerandomiframedomain.com – /forum.php?tp=9c7447caf251fe78 File Created – %ProgramFiles%\Internet Explorer\iexplore.exe – %UserProfile%\Impostazioni locali\Temporary Internet Files\Content.IE5\OJZMJR51\forum[1].htm – 05BF0A782B09E63E962AF592C04CF640 – 16304 bytes – attr: [] – - Connection Established – %ProgramFiles%\Internet Explorer\iexplore.exe – TCP – [...]