Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
HitManPro vs a Zero-Day Botnet
Message
<blockquote data-quote="cruelsister" data-source="post: 663751" data-attributes="member: 7463"><p>Hi Guys! A number of things should be explained:</p><p></p><p>1). Zemana AM is excellent at detecting hollowed processes, even when used as a second opinion scanner (also really good against Worms, whereas both MB and HMP are most certainly not).</p><p>2). I did not state it (not that it was needed), but in the video WF was active. But as WF has no intrinsic Outbound protection the malware blew right past it. A simple solution would have been just to have some Outbound protection in place like WFC or Tinywall. A Botnet, Keylogger, or info stealer that is prevented from connecting out is really nothing more than a piece of junk waiting for the AV to catch up to it and delete it.</p><p></p><p>That being said, I used HMP and not HMP.A for a couple of reasons- the first reason is a common theme of mine- that running a 2nd opinion scanner, getting a clean result and thus assuming that the system is without infection may not be correct. The second reason is that the initial malware run was part of something larger that I coded in order to embarrass and disgrace some Governmental IT "Pros" that should know better at a Show and Tell last week (I am really mean). As it is not released in the Wild there is no way that I would allow it to be uploaded into any Cloud by anyone (my mama didn't make no stupid children). Also running it against traditional protection as it is an actual zero-day would be like beating a puppy.</p></blockquote><p></p>
[QUOTE="cruelsister, post: 663751, member: 7463"] Hi Guys! A number of things should be explained: 1). Zemana AM is excellent at detecting hollowed processes, even when used as a second opinion scanner (also really good against Worms, whereas both MB and HMP are most certainly not). 2). I did not state it (not that it was needed), but in the video WF was active. But as WF has no intrinsic Outbound protection the malware blew right past it. A simple solution would have been just to have some Outbound protection in place like WFC or Tinywall. A Botnet, Keylogger, or info stealer that is prevented from connecting out is really nothing more than a piece of junk waiting for the AV to catch up to it and delete it. That being said, I used HMP and not HMP.A for a couple of reasons- the first reason is a common theme of mine- that running a 2nd opinion scanner, getting a clean result and thus assuming that the system is without infection may not be correct. The second reason is that the initial malware run was part of something larger that I coded in order to embarrass and disgrace some Governmental IT "Pros" that should know better at a Show and Tell last week (I am really mean). As it is not released in the Wild there is no way that I would allow it to be uploaded into any Cloud by anyone (my mama didn't make no stupid children). Also running it against traditional protection as it is an actual zero-day would be like beating a puppy. [/QUOTE]
Insert quotes…
Verification
Post reply
Top