Categories
Editorials and informational articles Security solutions and antivirus software

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

As you may know, OSArmor is a free anti exploit software that stays in the Windows Tray and protects the computer against auto executable scripts. The software has been designed by the NoVirus Thanks and is officially supported on Windows 7, Windows 8.1 and Windows 10.

Main features:

  • Block execution of pif, com and double file extensions.
  • Block USB spreading malware.
  • Prevent “important” system modifications via bcedit.exe.
  • Block direct execution of scripts and exe files from archives.
  • Prevent regsrv32 from executing remote scripts and /i: parameter.
  • Block processes executed from wscript.exe, cscript.exe, mshta.exe and wmic.exe.
  • Block executionpolicy bypass and windowstyle hidden in PowerShell.
  • Block remote URL downloads from the command line.
  • Block direct execution of JavaScript and VBscript code.
  • Limit Windows Screensaver files to Windows folder.
  • Block execution of schtasks.exe.

After the application has been installed, the configuration parameters can be modified via File -> Open Configurator. If you ask me, the default settings are enough for regular users. For extra security, the software can block running apps from Local AppData, Roaming AppData, Common AppData, but I do not recommend this setting for regular users, do to the fact that it may break some programs.

Also, it can be configured to block apps created by NirSofer, VNC software and LogMeIn, software which is commonly used by IT support specialists.

Tjhe interface is simple and clean and displays the number of blocked processes, the last blocked process and the date and time when the process was blocked. If you need to perform troubleshooting, you can read the logs.

When this article was written, the latest version available was OSArmor 1.3. The software can be downloaded for free from here.

I have toyed a little with OSArmor and decided to keep it installed on the system.

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

OSArmor Is An Anti Exploit Free Software That Blocks Malicious Processes From Running

Categories
Editorials and informational articles Security solutions and antivirus software

Opera 50 NoCoin Feature Will Prevent Malicious Sites From Performing CPU Bitcoin Mining

Starting with Opera 50 stable, the Chromium based internet browser will receive two awesome changes: enhanced VPN service, which will be using the Opera data centers instead of the SurfEasy LLC ones used in the present and a new function called NoCoin, designed to block websites from performing CPU mining while you navigate on the internet.

The revised VPN function:

Starting with the new VPN function, Canada, US, Germany, Netherlands and Singapore will be replaced with Europe, America and Asia. Despite this, the functionality will remain the same.

If you don’t know this yet, the VPN feature can be enabled by going to the Settings menu (ALT + P) -> Privacy and Security – Enable VPN.

NoCoin – the anti mining service:

The NoCoin feature forbids the websites to perform malicious CPU mining while you navigate on the internet. For this to work, you need to also enable the built-in Opera adblocker and along with it, the NoCoin gets also activated (but can be disabled by user, if needed).

Basically, the NoCoin feature is just a list of malicious websites that get blocked by the adblocker.

So, if you want to enable both the built-in adblocker and NoCoin, you need to go to the Settings Menu (ALT + P) -> Block Ads.

Funcționalitatea antibitcoin nu permite siteurilor infectate sa mineze monede virtuale și să folosească putere de procesare în plus, in timpul navigării pe internet. Funcția este foarte bună și cred că va fi repede adoptată de celelalte browsere. Pentru ca noua funcție să funcționeze (și să apară în opțiuni), e nevoie să se activeze și mecanismul integrat adblocker.

The NoCoin function will be included in the stable version of Opera 50, but it is already present in both Opera 50 Beta and Opera 51 Dev.

For more information, see this article from the official Opera Blog.

Like usual, Opera is the browser that implements new features the fastest. The NoCoin feature should be adopted quickly to by the other internet browsers as well.

Opera 50 NoCoin Feature Will Prevent Malicious Sites From Performing CPU Bitcoin Mining

Opera 50 NoCoin Feature Will Prevent Malicious Sites From Performing CPU Bitcoin Mining

 

Categories
News

How To Remove The Troubleshooter Malware That Generates Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

According to Myce, the security researchers from Malwarebytes have discovered a malware called Troubleshooter, which generates fake Blue Screen of Deaths (BSODs) and asks the user to buy Windows Defender Essentials (fake Windows Defender version) to clean the computer.

The malware inserts a BSOD image and disables the key combinations that permit the user to close the windows (e.g. ALT+F4) and asks for 25$ on Paypal, for buying the fake version of Win Defender.

How To Remove The Troubleshooter Malware That Generate Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

How To Remove The Troubleshooter Malware That Generate Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

How To Remove The Troubleshooter Malware That Generate Fake BSODs And Asks Users To Buy A Non Existent Windows Defender AV

A security researcher found out that if the user pays for the fake software, the website http://hitechnovation.com/thankyou.txt gets opened and the malware kills himself. If you get in this situation, just use the CTRL + O combination and navigate to the website yourself (without paying the ransom).

Apparently, this type of malware spreads with cracked software, so if you are a good samaritan and use only genuine software or open-source alternatives, you should be safe.

To remove this software completely, you need to reboot in safe mode, delete the Troubleshooter.exe file from %temp%, disable the csrvc service and scan your computer with Malwarebytes. More detailed instructions can be found on this Malwarebytes forum thread.

Categories
Offers and promotions Security solutions and antivirus software

Get Shadow Defender for free

Shadow Defender is an easy-to-use security solution (for Windows operating systems) that protects your PC/laptop real environment against malicious activities and unwanted changes.

Shadow Defender can run your system in a virtual environment called ‘Shadow Mode’. ‘Shadow Mode’ redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activities and/or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened.

With Shadow Defender, you have the flexibility to specify which files and folders are permanently saved to the real environment. This ensures important files and folders are kept after a reboot.

If you want to make a maintenance-free computer, Shadow Defender will be your best choice.

Shadow Defender users…

  • Maintain a system free from malicious activities and unwanted changes.
  • Test software and game installations in a safe environment.
  • Protect against unwanted changes by shared users (suitable for workplaces and educational institutions).

Shadow Defender Features

  • Prevent all viruses and malwares.
  • Surf the internet safely and eliminate unwanted traces.
  • Protect your privacy.
  • Eliminate system downtime and maintenance costs.
  • Reboot to restore your system back to its original state.

The installer is very light, only 3,5 MB and also the use of the application is self explanatory. The offer is still available through SharewareOnSale. Get it now and save up to $35. In case you miss out the offer, you could always check the producers website and get a 30 days trial.

Disclaimer

You are allowed to use this product only within the laws of your country/region. Zeroviruses and its staff are not responsible for any illegal activity. We did not develop this product; if you have an issue with this product, contact the developer. This product is offered “as is” without express or implied or any other type of warranty. The description of this product on this page is a marketing description, written by the developer with few more notes written by the ZeroViruses team. The quality and performance of this product is without guarantee. Download or use at your own risk. If you don’t feel comfortable with this product, then don’t download it.

Categories
Offers and promotions Security solutions and antivirus software

Get MalwareFox for free

Malwarefox is advanced, yet simple-to-use anti-malware solution for Windows computers. It gets rid of adware, spyware, browser hijacker and other malware and keeps PC safe from Ransomware. It provide aggressive detection capabilities and effective malware removal tool to keep your systems safe and secure.

Considering the advent newer form of cyber crimes, Anti-Malware software have become necessity these days. This is because traditional Antivirus programs are incapable of catching every threat.

MalwareFox is a lightweight yet powerful anti-malware program. It has clean and simple user interface. It is strong against adware, ransomware, and zero-day exploits. MalwareFox provides real-time protection against different malware attacks.You can turn to this application if you need a quick, efficient way to detect if your system has been targeted by malicious attacks and whether or not they had succeeded to infect it.

Just as you launch the program you will notice that the main window displays a bunch of statistics, which include the status of your PC, when you performed the last scan and the real-time protection status. Running a scan can be simply done by pressing the “Scan” button.

All things considered, if you’re looking for a handy malware scanner that lets you quarantine detected items, you can opt for MalwareFox AntiMalware.

MalwareFox

Installer size: 5 MB.

Other notes: the software is very similar to Zemana Antimalware. In case you already have Zemana installed you will notice an error when installing MalwareFox stating that you have a newer version of MalwareFox, and I’m guesing that this is the case since it seems to use the same engine and algorithm for scanning against malware.

The offer is available for the next 2 days and a half through SharewareOnSale. Take advantage now and save $24.95. In case you miss the offer, please go to the developers website.

Disclaimer

You are allowed to use this product only within the laws of your country/region. Zeroviruses and its staff are not responsible for any illegal activity. We did not develop this product; if you have an issue with this product, contact the developer. This product is offered “as is” without express or implied or any other type of warranty. The description of this product on this page is a marketing description, written by the developer with few more notes written by the ZeroViruses team. The quality and performance of this product is without guarantee. Download or use at your own risk. If you don’t feel comfortable with this product, then don’t download it.

Categories
Offers and promotions

Get GcMail Safe for free

When it comes to security, you’re never 100% safe. Our recommendation for today is GcMail Safe, a simple, small but fine password manager who keeps all your passwords absolutely safe. Your data is not stored on an external server, but you decide where you want to store your backups in addition, encrypted. You also have the option to save your master password to a USB stick and to start the program with your USB flash drive. The key on your USB stick is only usable in conjunction with the logged-in user of the computer with which this key was created.

GcMail safe can also protect individual files (all file formats) on your computer from , with a password.

  • Encrypting files: Encrypt individual files that you want to protect from other shooters. You can use your master password or a new password.
  • Drag & Drop: Use the drag & drop function to drag your user name and password into the input fields of the web pages.
  • Symbols:GcMail safe automatically downloads the favicons of the website, so you have a quicker overview. If you do not want the icons, you can disable this feature.
  • Group:Select whether you want your entries to be grouped or simply to be among each other.
  • Secure passwords: Create secure passwords to protect your data on the Internet
  • USB-Stick: Save your master password directly from the safe, onto your USB stick and start the program with it

The application is developed by a few deutsch developers. Enjoy the many features the app has to offer. If you find the application usefull, you might also like GcMail for e-mails. The password manager can be downloaded for free from SharewareOnSales, allowing you to save €14.95. In case you miss the offer out, you can always check the developers website.

Disclaimer

You are allowed to use this product only within the laws of your country/region. Zeroviruses and its staff are not responsible for any illegal activity. We did not develop this product; if you have an issue with this product, contact the developer. This product is offered “as is” without express or implied or any other type of warranty. The description of this product on this page is a marketing description, written by the developer with few more notes written by the ZeroViruses team. The quality and performance of this product is without guarantee. Download or use at your own risk. If you don’t feel comfortable with this product, then don’t download it.

Categories
Games Offers and promotions

Humble Bundle 2K Playstation offer

It seems that Humble Bundle comes back with a new offer, specially made for PlayStation fans – 2K Playstation. There is a variety of offers starting at $1 and reaching $20.

The first offer starts at $1 and you can get the following games: XCOM: Enemy Unknown Plus (PSVita), Civilization Revolution 2 Plus (PSVita), The Bureau: XCOM Declassified (PS3) and Evolve (PS4).

For the second offer at $6.28 (approximately 5.35€) or more you can get the following games: XCOM: Enemy Within (PS3), BioShock (PS3), Battleborn (PS4, for Battleborn Platinum VC you’ll have to pay an extra $9,99), Borderlands (PS3), Borderlands II Ultimate Edition (PS3), Mafia II (PS3) and Spec Ops: The Line (PS3). This offer seems to be specially made for PS3 players, except for the Battleborn Trial that is for PS4.

For the third offer starting at $20 or more (approximately 17.04€) you can get the XCOM 2 game for PlayStation 4.

All of the above games and offers can be purchased by following this link. You have 4 more days to get one or all of the offers. What I like the most at this offer is the fact that Humble Bundle has thought at all the PlayStation users, from PSVita ’till PS4 ones. So far, by my opinion, the second offer is the best money can buy especially for user that could not afford a PS4 or PS4 Pro and are still sticking with the PS3 consoles.

Disclaimer

You are allowed to use this product only within the laws of your country/region. Zeroviruses, Humble Bundle and its staff are not responsible for any illegal activity. We did not develop this product; if you have an issue with this product, contact the developer. This product is offered “as is” without express or implied or any other type of warranty. The description of this product on this page is a marketing description, written by the developer with few more notes written by the ZeroViruses team. The quality and performance of this product is without guarantee. Download or use at your own risk. If you don’t feel comfortable with this product, then don’t download it.

Categories
Editorials and informational articles Security solutions and antivirus software

After few months Locky ransomware reappeared

According to a Malwarebytes article, after it went dark for months, Locky ransomware returned with two new ‘flavors’. The new versions use new command and control servers. They also use two new affiliate IDs: AffillD3 and AffillD5.

The way that the ransomware is spreading has not changed much. It still uses phishing e-mails that contains malicious code into MS Office files or archived attachments.

Back in 2016, Locky ransomware was in top 3 along with Cryptowall and Cerber. It came back in 2017 but a little more quitter. On August the 9th it reappeared using a new ransomware note and the extension .diablo6 for encrypted files. After another week, a second version appeared using the .Lukitus extension for encrypted files.

Locky ransomware has its base code based on the banking trojan Dridex and it is associated with Necrus malware as distribution botnet. The Dridex trojan seems to be behind the theft of approximately 20 million punds from UK bank accounts. It was then reorganized for ransomware instead of stealing authentication data from online bank account platforms.

Stay alert when opening attachments that come from unknown sources and also a antivirus or antimalware solution is always welcomed. Better safe than sorry! is a phrase we use. 

Categories
Editorials and informational articles

PlayStation Plus prices are changing from 31st of August

PlayStation Plus prices are changing starting 31st of August.

If you have a PlayStation console there’s something you should know, in case you did not received an e-mail recently. The PS Plus subscription prices will get higher. The official e-mail sounds like this:

We will alter the price of a PlayStation®Plus membership at 00:01 BST on 31 August 2017. As you are an existing member, this means that all recurring subscription fees payable by you on or after 31 August 2017 will be charged at the new price. Up until 31 August 2017, you may purchase a PlayStation®Plus subscription at the current price, which will then be added (or “stacked on”) to your current membership period.

First I thought that it is just a marketing strategy so that the PS Plus subscriptions for 365 days would get higher numbers, but if that was the case, the e-mail would have said that the prices might be altered. That’s seems not to be the case, so the e-mail is for real and the prices will change.

playstation plus prices are changing

The thing is that the prices are going up globally, so if you don’t have a PS Plus subscription, it might be prudent to grab a renewal or a subscription for 365 days, before 31st of August.

More information about the subject can be found here and for the UK users, here.

Categories
Editorials and informational articles

Fruitfly malware went undetected for years

A new Mac malware has passed undetected for years allowing its operator to spy on its victims. The Fruitfly malware has been patched in January 2017, but Patrick Wardle, scientist researcher at security firm Synack has discovered another version of the malware out in the open. Patrick was formerly a NSA hacker.

This new version could gain control of the victim’s computer, take screenshots of their screen, take webcam photos and more. So far it has been known that Fruitfly has infected nearly 400 victims, but the number can be bigger. Most of the victims are in the United States.

Wardle has stated for ZDNed that “it’s not the most sophisticated Mac malware“. He also continued in another article from ArsTechnica stating “I don’t know if it’s just some bored person or someone with perverse goals […] If some bored teenager is spying on me, that would still be very emotionally traumatic. If it’s turning on the webcam, that’s for perverse reasons“.

After the discovery made by Wardle, he reported everything to the law enforcement officials. Also all domains know to be associated with the malware are no longer available. That should essentially neutralize the threat.

As you might all guess, the Apple representatives did not respond to an e-mail seeking comment for this article.

The interesting thing is that even though the malware is not that sophisticated, it managed to stay under the radar for so long. Compairing with the new Mac malware that appeared recently, Fruitfly malware was easily detectable. Given the facts, none managed to find it until recently.

According to a McAfee study, the infections of Mac operating systems is increasing and by the end of the year we’re expecting for the numbers to grow.

fruitfly malware

Credits for photo, Patrick Wardle.