The Cimuz uninstaller

Checking a server that installs a variant of Trj/Cimuz, I came across a link that pointed to remover.exe file:  After analyzing the code of the…
View Post

How TruPrevent Works (I)

I recently came across an interesting document by Gartner's analyst Neil MacDonald, called Host-Based Intrusion Prevention Systems (HIPS) Update: Why Antivirus and Personal Firewall Technologies…
View Post

Malware-friendly countries

Recently there have been some studies regarding Internet hosting providers which are often used maliciously to distribute malware. As this is an interesting subject we've…
View Post

A new server hosting a Briz

VisualBreeze or VisualBriz is another malware that is usually sold in forums of malware developers, similar to the ones we mentioned in “Cybercime for sale”.…
View Post

W32/MsnPhoto.A.worm

We have found a new malware that uses instant messaging to deceive users. It arrives as an .exe file disguised as a .jpg. If you open it, you will…
View Post