Besplatan Program Za Uklanjanje Trojanaca
Jan 31, 2009 - Now most all major anti-virus/security software vendors have issued anti-rootkit solutions, though some are still in a beta release form. How seriously. Odlican besplatan removal tool za prilican broj najopakijih trojanaca i ostale mrezne gamadi o kojoj sam pisao [ovdje]. Verzija koja je aktualna.
Our computer is a profitable investment. Danas, we use computers for such a large number of things. We use Word Processors to compose reports for work or essays for school.
We play electronic games and use the internet for various things, such as shopping, staying in contact with friends and family, keeping money, researching, and significantly more. Our computer is an intense machine that can be used for such huge numbers of purposes, as long as it is legitimately tended to and kept up. Ako ne, it can progress toward becoming something not any more useful than a heap of plastic and metal.
Jasno, ovaj site na kojem ste sada “ can’t do any harm” osim mozda izazvati epilepticki napad ili zelju za gledanjem u bolje dizajnirani blog (koji to ni nije, ali to je jedna druga prica;-)), ali upravo poruka iz naslova je bila prikeljena za ovaj, ali i sve ostale Google search rezultate danas, od 16:10 do 16:30. u cijelom svijetu!
Yep Zbog pada Stopbadware.org - sustava koji Googleu providea relevantne informacije o “badware” (zlocudnim) siteovima - svi Google rezultati su oznaceni kao “badware'. Ovom greskom su bili pogodjeni SVI Google rezultati pretrazivanja, neovisno o tome je li se radilo o Google.com ili lokaliziranoj verziji trazilice.
Bas me zanima kada ce Google napisati sluzbeno objasnjenje i kako ce ono zvucati Prvo Google (i neke druge, ne toliko bitne/popularne servise) i zestoko uzdrama povjerenje mnogih u cloud computing, a sada se pojavi ovakva trivijalna (po nastanku) greska koja se vjerojatno mogla zaobici s nekoliko linija koda. Sam Google je ovaj ispad fantasticno dokumentirao zivjeti Google alati! ovaj dogadjaj ovo je Google Trends za 2009 01 31.
Stiglo objasnjenje iz Google-a hehe, kao sto rekoh - par linija koda! Cim o tome pise najsocnija (al’ ‘ladna) geek-riba Marissa - znaci da je jebeno vruce u Mountain Viewu What happened? Very simply, human error. Google flags search results with the message “This site may harm your computer” if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers.
We work with a non-profit called StopBadware.org to get our list of URLs. StopBadware carefully researches each consumer complaint to decide fairly whether that URL belongs on the list. Since each case needs to be individually researched, this list is maintained by humans, not algorithms. We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here’s the human error), the URL of ‘/’ was mistakenly checked in as a value to the file and ‘/’ expands to all URLs. Fortunately, our on-call site reliability team found the problem quickly and reverted the file.
Since we push these updates in a staggered and rolling fashion, the errors began appearing between 6:27 a.m. And 6:40 a.m.
And began disappearing between 7:10 and 7:25 a.m., so the duration of the problem for any particular user was approximately 40 minutes. Posted by Marissa Mayer, VP, Search Products & User Experience Vezani blogovi:. Was this article helful to you? If so, please click on the (+) plus sign below!
It's Croatian digg;-) Tnx! S It wasn’t really my intent to go back and revisit all these security post lists. That’s just how it seems to have turned out. Software gets developed and updated. New and better versions get released. So this time, I’m re-visiting my original anti-rootkit post: To summarize: “a rootkit is executable code that attempts to evade detection of running processes, files or system data. There are many ways it can do this, but the end result is that they are very hard to find and can make an infected system look clean and safe even to traditional anti-virus and anti-malware software.” More here: At the time of my original post, there were just a handful of anti-rootkit tools available to the public.
I just offered five. Now most all major anti-virus/security software vendors have issued anti-rootkit solutions, though some are still in a beta release form.
The Threat How seriously concerned should the average user be? Wellif you are practicing “safe-surfing” by staying away from “risky” websites, keeping your operating system patched, scanning all files downloaded and sent in email with an up-to-date anti-virus program, you should be mostly ok. I say mostly because, even if you are playing by the rules. Certain individuals would like nothing else than to get a home-broadband user’s system infected with a rootkit. Not so much to steal your personal information–though that’s always a potential target–but to install trojan services that would allow them to leverage the system for attacks on other larger systems, spam-mail-bot rental services, or even hosting of their hidden/illegal files on the system.
Any of these events could seriously make a home or corporate user’s system a great big pile of steaming cow-dung for the user and those impacted by those services. SANS-ISC recent reported that Europe has been pounded lately by emails which include variants of a virus/trojan loader file:. While bad, it doesn’t sound too seriousbut! HeiseSecurity in Germany expands the story with more details, much more disconcerting:. What the trojan seems to be doing is download additional files from the internet, and “according to, one action it takes is to install the rootkit Win32.agent.dh.” Depending on the anti-virus company, different names may be used. Over at the Anti Rootkit blog: Steo does some more research on just how this rootkit does its deed.
Rootkit writers aren’t happy about the attention. Just this week, they have worked to get the mirrors shut down under a massive DDOS attack. As soon as new mirrors for the files went up, they also were attacked. More information: and blog post: The battle for pc security rages on. The Response There are a number of ways to look for a rootkit on your system.
The first is to download and run several of these rootkit detection tools on your live system. These rootkit detection tools are specially programmed to check for hidden files and masked running or injected processes. It’s a cat and mouse game, and some tools and methods are more effective than others. Just as hard as the security programmers work to prevent and detect these rootkits, the developers on the other side are working to make them more difficult to be detected.
A second technique is to download and run several of these rootkit detection tools onto a USB drive. Then using a bootable “LiveCD” like or, run the appropriate rootkit detection tools on the “dead” system’s drive(s). This may be a much more effective approach.
Since the infected system isn’t being booted, the drives just contain “static” data files that shouldn’t be executed. They could be, but that’s the pointto not run or launch any files on the potentially compromised system. That way they can be detected and removed while “dormant'. Using a Linux “LiveCD” to scan a Windows system disk is even more safe as the likelihood of cross-contamination is almost non-existent. If a rootkit is found you have two options: 1) Use one of the detection/removal tools to–hopefully!–remove it.
Or, 2) recover your critical data files to another drive/media location, then do a full wipe of the infected system, and reinstall it fresh. Speaking as a half-way competent computer geek, I personally would feel more comfortable going with option two, because otherwise I would always have a shadow of doubt of the system’s integrity. Nor would I have have the patience to pick through a manual removal process if the tools failed to remove it. Rootkit Detector Tool List InformationWeek posted an excellent article recently titled.
I was familiar with some of them, and had come across a few more on my own that didn’t make the author’s cut. But that got me observing the increase in the number to tools now at our disposal.
With some more careful searching, I’ve ended up collecting quite a list. Almost all are offered as freeware or trialware. I have only used a handful of these tools and only keep a few with me on my USB system administrator’s stick.
So far, I haven’t found a rootkit on my systems (here or at work) so I can’t speak of their effectiveness in removal. Also, because of the nature of how these tools work and where they look, it is quite possible that removal of a real rootkit or a listed file in error (that wasn’t actually malicious) can cause your Windows system to fail, not boot, or BSOD to the point you will be recovering files off the dead OS drive and then reinstalling your system. You’ve been warned!. Restrictive wizard interface, but easy to use for the uninitiated. Developed in China but nicely translated into English. Busy interface but updated often. Has some advanced tools like the ability to “reboot and monitor” during the boot process.
Two tools in one; 1) scans for hidden files on drives, 2) scans for hidden processes and hooks. Takes a bit of work to run the scans, and can’t do a global system scan with both.
Runs scans in five system areas and exports a nice log file. You can then opt to remove the detected items. From the Sysinternal’s team. Easy to use, but does often turn up documented false-positives. Just identifies suspicious processesyou are on your own to delete them with other methods and applications.
Better for system checking and monitoring, rather than protection and removal in-of-itself. Russian software team project. Does a self-test to make sure it hasn’t been compromised; that’s a good feature. Provides lots of details and the ability to do focused scans or a global element scan. Also provides multiple methods to address/remove the located processes and files. “McAfee Rootkit Detective Beta is a program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the system.” Nice interface.
“Sophos Anti-Rootkit provides an extra layer of detection, by safely and reliably detecting and removing any rootkit that might already have secreted itself onto your system.” Note: Registration required for download from the vendor’s site. The utility itself is free. The tool that’s got everyone in a fuss! Scans for hidden processes, services, files, registry keys, drivers, and hooks. Also allows some system function monitoring. Highly regarded by the antirootkit professionals. (while the site is up).
This command-line based scanner was one of the very first rootkit detectors I became familiar with. I don’t think it has been updated since it’s original release (back in 2004). The website is in Spanish, but the application worked just fine for me.
I can’t say it now can handle the newest rootkit methods of attacks, but just for posterity I’m offering it here. More follow as discovered on. They’ve done a bang-up job of finding and detailing all these. Please check out their site for more information as well as some screenshots, reviews and evaluation ratings. These guys (and gals?) are doing great work and deserve full credit for locating these wide selections of tools. Note: Some products here are beta products and may not be available or will work past a certain date.
Others are trialware/crippleware. In these cases I have chosen to still include them so you can keep an eye on possible future development or releases. Specialized and targeted rootkit removal tool list via Antirootkit.com.
Tool to remove the Sony/BMG DRM CD protection software. More of a process, injection, hooking scanner. But has other specialties as well. current version was beta and has expireddeveloper’s promise new one sometime. Beta product. Doesn’t seem to be offered anywhere but from Antirootkit.com.
Beta product disabled after 1-4-07. See for file. Chinese developed tool. Supports process, kernel mode, file, registry scan (disabled in test version) and hidden port detection.
Via Antirootkit.com. Alpha level program right now. Behavior-based, not signature based detection.
Interesting interface and approach. Worth looking at, but remember it is alpha/beta level Developers offer videos as well of their tool in action. trialware - Shows hidden processes and drivers on a system and then allows for killing of the desired process. Tiny little application.
Displays import address table (IAT) hijacks and “detour style hooks.” Lots of information in the tiny display!. Mac OS X 10.4 product.
I don’t support Apple systems, but there you are. By developer. (I didn’t think Mac’s got sick like this!). Linux rootkit scanner. beta software. Looks at hidden drivers, processes, modules, files, registry items, hooks. Of user optionsscan, clean, and view results.
trialware - API comparison tool. Reports on any system hooks and modules and displays findings. Linux rootkit scanner. trialware - Command-line scanner. Unmasks located files and prevents from boot-execution. Then can be manually removed by user or using other security tools. trialware - GUI based version that incorporates RootKitShark (above) among other features.
Allows process and user monitoring of systems. (Intrusion Detection System). Detection enabled in trial version, but rootkit elimination feature only in the fully-licensed version. beta - Appears to be a hidden process and file scanner. See for overview. Bitdefender doesn’t have any information on their site for it. Multi-purpose system reporting tool that has an interesting interface.
Filmovi Sa Prevodom Besplatni 2016
Includes a rootkit scanner as part of it’s features. Website (translated from French) has quite a bit of good information on rootkits and as they apply to their program. (kinda hard to find in French). Get the English version unless you know French. Tool developed by Joanna Rutkowska to validate system integrity by checking important Windows System components targeted by hidden malware. She also provides links to some related PowerPoint presentations.
trialware - until license purchased and entered - In standard, “Roaming” and “Professional” editions. University of Minnesota’s Safe Computing page documents rootkit removal tutorial with Unhackme.
Linux rootkit scanner. Additional Resources. Anti Rootkit Software, News, Articles and Forums.
Blog page for Antirootkit.com. Website of security guru and brilliant mind Joanna Rutkowska. Presented “” concept. Lots of neat tools and detailed rootkit related information on her website. Rootkit discussion between Leo Laporte and Steve Gibson.
Good foundational information. Basic article from an ISC-SANS handler (with pictures!). Amazon.com. Amazon.com. Amazon.com. Very nice, well documented and illustrated post on how a rootkit shows up on various security scanners. See you in the skies Vezani blogovi:.
Was this article helful to you? If so, please click on the (+) plus sign below!
It's Croatian digg;-) Tnx! Svi smo se barem jednom sreli s nekakvim, ili koje se htjela nakotiti na nas stroj i koristiti njegovu procesorsku snagu i mrezne potencijale za udahivanje zivota u vlastito bitje, a sve zbog potrebe za virtualnom prokreacijom. Gamad nam se najcesce pokusava useliti e-mailom (takvi pokusaju se lako osujete jer ljudi s vremenom znaju prepoznavati ispravne attachmente) ili posjetom nekim web stranicama. Doduse, postoje jos mnoge tehnike, od pravih trojanskih napada ( nosi payload u obliku nekog programa) do namjernog instaliranja nezeljnih programe od ruke trece osobe (pacijent). Gadan kao virus, zao kao hemoroid! Kako koristim (najbolja ljuska za surfanje - besplatna) koji koristi engine od, podlozan sam svim ranjivostima tog proizvoda. Nasilne web stranice, pop-upe, dosadne bannere i one razne ActiveX toolbare sto mi se pokusavaju instalirati obicno eliminiram definirajuci content filter u MyIE2.
Ta zgodna mogucnost omogucava blokiranja ucitavanja bilo koje web stranice, ili dijela web stranice (slike, flasha, zvuka i sl.) bilo po nazivu domene, dijela naziva domene (npr. Definira se wildcard.xxxtoolbar.) Na taj nacin sam se rijesio vecine pop-up dosadnih prozora, gomile nepotrebnih bannera i sto je najvaznije, kad jednom vidim da mi se neko activeX govno pokusa instalirati (iskoci onaj prozor koji pita zelite li dozvoliti instalaciju togaitoga) dodjem misem na naziv programa pa mi se u tooltipu pojavi naziv site, odnosno tocni URL od tog smeca. Zapamtim cijeli url ili samo bitan dio i dodam ga u content filter. Filtrirano govno se vise nikada ne pokaze.
Velika vecina korisnika grijesi u postavkama Internet Explorera, pa dozvole da im se ta gamad instalira bez pitanja. Za pravilno podesavanje postavki Internet Explorera i sigurno surfanje u MyIE2 (ili Internet Exploreru) definitivno preporucam citanje sljedeceg clanka:. Ok, prevencija sredjena. Uz dobre mjere prevencije prilicno je smanjena mogucnost naseljavanja stetocina, medjutim novi exploiti i nove rupe u Windowsima ili Internet Exploreru omogucavaju stvaranje novih generacija gamadi koji te propuste iskoristavaju. Kada je vec kasno i kada sumnjamo da nam se gamad naselila, na red stupaju cistaci gamadi.
Preporucam besplatne programe: Jos poneki software i kvalitetni tekstovi se mogu naci na: Vazna napomena! To sto ste instalirali cistace spywarea i nakon sto su oni preskenirali i pocistili vas stroj, ne znaci da ste sada potpuno sigurni i da se mozete samozadovoljno zavaliti u fotelju i frkati brkove. Jedino istinsko zadovoljstvo u sigurnosti je moguce svakodnevnim odricanjem i skidanjem update-a liste novostvorene gamadi. Oba navedena programa podrzavaju automatski update i neka vam to postane ritual jednak jutrokleku, checkiranju maila, sexu/masturbaciji, ) Sigurno surfanje! Vezani blogovi:.
Was this article helful to you? If so, please click on the (+) plus sign below! It's Croatian digg;-) Tnx!