Just one day
Small notes on computer related topics.
BitDefender Antivirus behaves in an interesting way if it encounters a file packed with NSAnti: it doesn’t even look at the packer that says “Host, virus - NSANTI packer”. I rarely get clean files, so I cannot say that this packer only packs infection.
Frankly destructive infection occurs infrequently. Even Antidurov, who went to the contact, not only rubbed files from the computer, but also caused a negative reaction to the contact. And today, at first, a colleague picked a trojan that the MBR was rewriting, then me. In my case, the message was also like “Forget about dvach, cattle. Now fix the comp, or something like that. Moreover, the MBR was not written garbage, but quite meaningful (at least in the beginning) code.
')
About stupidity. I understand that you can get an exploit - the wrong page has come and this is enough. Autorun flash drives (and disks in general) are not able to disconnect everyone. But THIS ... This is similar to the same Antidurov, when the file had to be downloaded and run. It comes, it means, a ticket with such comments: “A month ago, a friend on ICQ sent a URL link. I went on it. And recently I was taken off ICQ, I changed the passwords - they still take her away, save-help. ” Site as a site, no exploits immediately visible. The inscription about "Chef kills a subordinate" and a link to the archive. That is, you must not just go to the site, and download the archive, unpack and run. I downloaded, we detect. I decided to run under virtualku. I threw another file out of myself, after unpacking - good old LdPinch.1941 seems. Added by. Let this durik pray that for a month they will not put another Trojan in there.
BitDefender Antivirus behaves in an interesting way if it encounters a file packed with NSAnti: it doesn’t even look at the packer that says “Host, virus - NSANTI packer”. I rarely get clean files, so I cannot say that this packer only packs infection.
Frankly destructive infection occurs infrequently. Even Antidurov, who went to the contact, not only rubbed files from the computer, but also caused a negative reaction to the contact. And today, at first, a colleague picked a trojan that the MBR was rewriting, then me. In my case, the message was also like “Forget about dvach, cattle. Now fix the comp, or something like that. Moreover, the MBR was not written garbage, but quite meaningful (at least in the beginning) code.
')
About stupidity. I understand that you can get an exploit - the wrong page has come and this is enough. Autorun flash drives (and disks in general) are not able to disconnect everyone. But THIS ... This is similar to the same Antidurov, when the file had to be downloaded and run. It comes, it means, a ticket with such comments: “A month ago, a friend on ICQ sent a URL link. I went on it. And recently I was taken off ICQ, I changed the passwords - they still take her away, save-help. ” Site as a site, no exploits immediately visible. The inscription about "Chef kills a subordinate" and a link to the archive. That is, you must not just go to the site, and download the archive, unpack and run. I downloaded, we detect. I decided to run under virtualku. I threw another file out of myself, after unpacking - good old LdPinch.1941 seems. Added by. Let this durik pray that for a month they will not put another Trojan in there.
Source: https://habr.com/ru/post/26907/
All Articles