KernelMode.info

A forum for reverse engineering, OS internals and malware analysis
https://www.kernelmode.info/forum/

Rogue Antimalware (FakeAV, 2011 year)

https://www.kernelmode.info/forum/viewtopic.php?f=16&t=2233

Page 19 of 34

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Mon Jun 27, 2011 6:06 pm
by Xylitol
Unpacked Personnal Shield Pro
This sample is used in test apparently on the BestAV affil (yeah, i've again access to the shit)
I guess usual kernelmode lurkers will give the sample to mbam :mrgreen:

Image

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Tue Jun 28, 2011 2:37 am
by EP_X0FF
In addition to new Xylitol blog post http://xylibox.blogspot.com/2011/06/tra ... evera.html there is dedicated resource about Security Shield crap administrated by Severa himself (he is ex script-kiddie carder and spammer, claims to be in business since 1999) Peter Severa which occupation (surprise) is "security".

hxxp://vulnes.com/showthread.php?t=1452

Welcome partners!
Image

All payments done until 22 june.
Image

We have good convert - 400-800$ from 1k loads
Image

Satisfied partner, small 20Kb loader, good payments.
Image

Windows Inviolability System

PostPosted:Wed Jun 29, 2011 11:33 am
by bitx
Windows Inviolability System

Image

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Wed Jun 29, 2011 11:46 am
by kmd
hxxp://vulnes.com/showthread.php?t=1452&page=3
В связи с текущими событиями временно и планово прекращаю работу по АВ, последние текущие выплаты уйдут на днях, о возобновлении работы сообщу в своих топиках, один из которых вы сейчас читаете, благодарю за понимание.
is he already pissed in his pants? :D

Windows Proofness Guarantor

PostPosted:Thu Jun 30, 2011 12:25 pm
by bitx
Windows Proofness Guarantor

Image

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Thu Jun 30, 2011 12:30 pm
by bitx
kmd wrote:hxxp://vulnes.com/showthread.php?t=1452&page=3
В связи с текущими событиями временно и планово прекращаю работу по АВ, последние текущие выплаты уйдут на днях, о возобновлении работы сообщу в своих топиках, один из которых вы сейчас читаете, благодарю за понимание.
is he already pissed in his pants? :D
Probably not :) summer + a lot of money = brilliant holidays

Fast Antivirus 2011

PostPosted:Thu Jun 30, 2011 4:52 pm
by rough_spear
Fast Antivirus 2011

FILE NAME - FastAntivirus2011.zip
password - malware

Regards,


rough_spear.

Spyware Quake

PostPosted:Sat Jul 02, 2011 8:25 am
by Maxstar
Spyware Quake

http://www.virustotal.com/file-scan/rep ... 1304739923
MD5 : 7e56ea2ba66f0ba2db6591c428923872
Result: 36 /42 (85.7%)

Windows Microsoft Guardian

PostPosted:Sat Jul 02, 2011 8:34 am
by Maxstar
Windows Microsoft Guardian

Image
http://www.imgdumper.nl/uploads4/4e0ed7 ... c2-WMG.png

http://www.virustotal.com/file-scan/rep ... 1309206910
MD5 : 5ce600445bb09eedf432a78441090671
Result: 4 /42 (9.5%)

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sat Jul 02, 2011 4:50 pm
by kmd
tango down :))
scriptkiddie vulnes.com down
Peter Severa or his real life name Peter Levashov is well known spammer in the past (world spam king rank #6 in 2008), malware/spam programs developer, who escaped arrest (Alan Ralsky case) and now rules fake av bussiness.
http://www.spamhaus.org/rokso/evidence. ... id=ROK4035

latest FBI actions likely making his holidays not so brilliant as he planned
All times are UTC
Page 19 of 34
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/