|
More site info...
|
|
Forum profile page for Malware on http://www.sysinternals.com.
This report page is the aggregated overview from a single forum: Malware, located on the Message Board at http://www.sysinternals.com.
This forum profile page summarizes the general forum statistics such as: Users Activity, Forum Activity, and Top Authors, which are reported in either a table or graph below for a given reporting time period.
Additional forum profile information for "Malware" on the Message Board at http://www.sysinternals.com is also shown in the following ways:
1) Latest Active Threads
2) Hot Threads for Last Week
Warning: These statistics are generated using 'best efforts' and can experience delays and reporting errors at times. Please note that such statistics do not constitute a forum's popularity and/or exact posting volumes at any given reporting period.
|
|
|
|
|
Posting activity on Malware:
|
|
Week
|
Month
|
3 Months
|
|
Threads:
|
23
|
105
|
245
|
|
Post:
|
57
|
249
|
531
|
|
|
Malware Posting activity graph:
|
Top authors during last week:
user's latest post:
Removeit pro detections
Published (2009-12-20 00:00:00)
Hello Bomb 123, Removeit Pro is the ROGUE. Look here on user reviews(and read Assiste.com post): http://www.softpedia.com/progViewOpinions/RemoveIT-Pro-25600,.html Also here on wilderssecurity thread: http://www.wilderssecurity.com/showthread.php?t=109883 Look on sysinternals thread: 'FAKE / ROGUE / SCAREWARE Antivirus & Antispyware':...
user's latest post:
QUICK NEWS - Worldwide Malware...
Published (2009-12-20 00:00:00)
@PROROOTECT What so? Any complaints? Script-kiddie, who posts here only SPAM, NonSense and Bull/Sh1t is insulted? Always nice to see, when trolls like PROROOTECT becoming too stupid like now Report, abuse, do whatever you want, this does not helps you even a bit Give me a frog!
user's latest post:
Removeit pro detections
Published (2009-12-20 00:00:00)
Let's take a closer look at these detections... http://www.virustotal.com/analisis/21793f8b54906ebd1dada5bc350bae8399e49409c889bf6dc6294acb13baf797-1261305597
user's latest post:
VIRUT infection, Please help
Published (2009-12-16 18:50:00)
Micro malicious software found 5 this morning. These 5 seem to hook back somehow. Going to slave the drive again and file assassin the infected files. (as i did explorer.exe)
user's latest post:
QUICK NEWS - Worldwide Malware...
Published (2009-12-14 20:53:00)
var now; var SignatureCount; var SignatureStr; var Period; var t; // Signature counter increments every secondstoupdate seconds var secondstoupdate = 9; // Startcount is the number of malware signature to start with var startcount = 2400000; // Startdate is the number of milliseconds since Jan 1, 1970 var startdate = 1229538514055; /* When changing the secondstoupdate number, set the startcount to the current signatures value on the website,...
user's latest post:
Removeit pro detections
Published (2009-12-20 00:00:00)
After a brief look at this application in a VM, the only conclusion I can come to is that you do as it's name suggests and RemoveIt from your pc. Poor detection methods and ridiculous number of false positives. Their website even confirms some of what was detected in your scan as safe
user's latest post:
Rootkit TDL 3
Published (2009-12-16 02:24:00)
hitman pro 3.5 will find and clean it
user's latest post:
Kernel Detective
Published (2009-12-17 16:47:00)
Hi PRO, It works fine here in the same situations, you sure you selected other process than "SYSTEM" or "System Idle Process" to show it's DLLs ? BTW what's the benefit of changing it's compatibility ? [GM]
user's latest post:
Commercial Root kit: Credant CMG?
Published (2009-12-17 23:28:00)
That just deactivates the machine but doesn't decrypt the hard drive. WSDecrypt decrypts the hard drive. It looks like that is all controlled by policy now in 5.4. Now if I can just figure out how to get rid of Enterprise policy and convert a local machine to pull policies from itself. Then I could just say don't encrypt.
user's latest post:
QUICK NEWS - Worldwide Malware...
Published (2009-12-20 00:00:00)
With respect, Wind it in P. and consider some of your posts for a minute...look at some of the people that post here. If you understand your flack you may start posting in a way that gains some respect. Originally posted by PROROOTECT Have you seen this aggressive EP last post in Quick News thread, please? Perhaps now is the time to get it banned from this forum? How can you post this rubbish even getting stick you must appreciate the...
|
|
|
|
Latest active threads on Malware::
Started 2 months, 1 week ago (2009-10-17 15:33:00)
by PROROOTECT
Triumfant: The Worldwide Malware Signature Counter (on REAL TIME!): 5,317,000 + malware signatures today!
Triumfant.com: http://www.triumfant.com/default.asp
P. Edited by PROROOTECT - 17 October 2009 at 4:05pm
Started 4 days, 5 hours ago (2009-12-20 00:00:00)
by PROROOTECT
Hello Bomb 123,
Removeit Pro is the ROGUE.
Look here on user reviews(and read Assiste.com post): http://www.softpedia.com/progViewOpinions/RemoveIT -Pro-25600,.html
Also here on wilderssecurity thread: http://www.wilderssecurity.com/showthread.php?t=10 9883
Look on sysinternals thread: 'FAKE / ROGUE / SCAREWARE Antivirus & Antispyware': ...
Started 2 weeks, 1 day ago (2009-12-08 16:33:00)
by nullptr
Did you run portmon at any stage from sysinternals Live? ASUSHWIO.sys is usually an asus driver.
Started 10 months, 1 week ago (2009-02-17 09:06:00)
by Cretemonster
There is no recovery from Virut...FUFI! Format in other words.
Started 7 months ago (2009-05-22 10:30:00)
by GamingMasteR
Hi, It's just a separator between each processor IDT .
Started 5 months, 2 weeks ago (2009-07-06 13:33:00)
by controler
Appears some government agencies use it. Unless things have changed, Kevin ( Boclean ) said the government would not let him mess with the kernel at all, which hindered his work. Which product did you install? Have you looked at it with an antirootkit to see what is going on?
Started 4 months, 1 week ago (2009-08-15 14:20:00)
by fl3a
CodeWalker 0.2.4.500 http://cmcinfosec.com/download/cmcark_cw0.2.4.500. rar
KernelDetective 1.3.0 http://www.at4re.com/files/Tools/Releases/GamingMa steR/KERNEL_DETECTIVE_V1.3.0.ZIP
Radix 1.0.0.8 http://www.usec.at/downloads3/radix_installer.zip
Started 3 weeks, 2 days ago (2009-11-30 17:42:00)
by ntunldr
I'm creating this topic for grouping information about TDL series rootkit. First topic with TDSS description TDL 1 (analysis by A_D_13) Interesting new malware TDL 2/2+ (analysis by A_D_13) Interesting new malware, part 2 TDL 3 (analysis by thug4lif3) TDL3 - Why so serious? Let's put a smile on that face .. TDL 3/3+ (analysis by Dr.Web, ...
Started 1 month, 2 weeks ago (2009-11-09 11:20:00)
by NTInternals
It looks as if this news is no longer available? Could you post it one more time or translate it?
Alex
Started 5 months, 2 weeks ago (2009-07-06 19:02:00)
by SystemPro
DDE and Drwatson, how well-known. Edited by SystemPro - 07 July 2009 at 8:21am
|
|
Hot threads for last week on Malware::
Started 2 months, 1 week ago (2009-10-17 15:33:00)
by PROROOTECT
Triumfant: The Worldwide Malware Signature Counter (on REAL TIME!): 5,317,000 + malware signatures today!
Triumfant.com: http://www.triumfant.com/default.asp
P. Edited by PROROOTECT - 17 October 2009 at 4:05pm
Started 7 months ago (2009-05-22 10:30:00)
by GamingMasteR
Hi, It's just a separator between each processor IDT .
Started 10 months, 1 week ago (2009-02-17 09:06:00)
by Cretemonster
There is no recovery from Virut...FUFI! Format in other words.
Started 4 days, 5 hours ago (2009-12-20 00:00:00)
by PROROOTECT
Hello Bomb 123,
Removeit Pro is the ROGUE.
Look here on user reviews(and read Assiste.com post): http://www.softpedia.com/progViewOpinions/RemoveIT -Pro-25600,.html
Also here on wilderssecurity thread: http://www.wilderssecurity.com/showthread.php?t=10 9883
Look on sysinternals thread: 'FAKE / ROGUE / SCAREWARE Antivirus & Antispyware': ...
Started 2 weeks, 3 days ago (2009-12-06 21:17:00)
by dsilvers
You have a number of services and .exe running from a .tmp folder. If I don't miss my guess they are mostly left overs from rkr. You can use sc delete to remove them if they are sysinternals files. Some appear related to DR web and lavasoft. I assume you have or have had them installed at one time. IF they are rkr leftovers they will be manual start. Have a look ...
Started 2 weeks, 1 day ago (2009-12-08 16:33:00)
by nullptr
Did you run portmon at any stage from sysinternals Live? ASUSHWIO.sys is usually an asus driver.
Started 3 weeks, 2 days ago (2009-11-30 17:42:00)
by ntunldr
I'm creating this topic for grouping information about TDL series rootkit. First topic with TDSS description TDL 1 (analysis by A_D_13) Interesting new malware TDL 2/2+ (analysis by A_D_13) Interesting new malware, part 2 TDL 3 (analysis by thug4lif3) TDL3 - Why so serious? Let's put a smile on that face .. TDL 3/3+ (analysis by Dr.Web, ...
Started 5 months, 2 weeks ago (2009-07-06 13:33:00)
by controler
Appears some government agencies use it. Unless things have changed, Kevin ( Boclean ) said the government would not let him mess with the kernel at all, which hindered his work. Which product did you install? Have you looked at it with an antirootkit to see what is going on?
Started 1 month, 2 weeks ago (2009-11-09 11:20:00)
by NTInternals
It looks as if this news is no longer available? Could you post it one more time or translate it?
Alex
Started 5 months, 2 weeks ago (2009-07-06 19:02:00)
by SystemPro
DDE and Drwatson, how well-known. Edited by SystemPro - 07 July 2009 at 8:21am
|
|
Size: 667 bytes
