What about virus scanner ?

>> Thursday, November 26, 2009


We recently updated the service Malware & Virus Scan with some other useful tools such as the detection of malicious PDF code used for exploiting well known vulnerabilities and the detection of malicious code in HTML/PHP pages. We have added also a new option to scan a remote file with our scanner. Following there is the changelog:
[*] Optimized the stability
[*] Improved Binder Detector;
[+] Added PDF Exploit Scan;
[+] Added HTML Exploit Scan;
[+] Added Scan Web Address;                                       { Read Full story }

Malware Scanner
What’s new in the Binder Detector ?
We have optimizied and improved the detection of possible malware that can have been joined/binded with legit applications.
What is the PDF Exploit Scan ?
It is a new tool able to detect if a PDF document is infected with generic malicious code that can exploit the various vulnerabilities that were discovered in Adobe Reader old versions. The results are located in the ‘Extra Information’ part of the scanner report.
What is the HTML Exploit Scan ?
It is a new tool able to detect generic malicious code that can be used to infect webpages and other malicious exploits codes used in drive-by-downloads kits. The results are located in the ‘Extra Information’ part of the scanner report.
What is the Scan Web Address ?
It is a new option that allow our users to scan a file before they download it in their own computer. You can scan, for example, the file located in www.site.com/file.exe before download it in your computer. It can also be used to scan a single web page .html/.php/.js with all the Antivirus engines. Scan Web Address can handle also changes in the filename.
What does mean that can handle changes in the filename ?
If you try to scan a malicious url that contain a drive-by-download kit (tipically used to infect visitors by detecting the web-browser using the useragent and then redirecting the user to the related browser’s exploit) such as xxx.xxx/1/pdf.php the Scan Web Address will show the final filename of the file that is being scanned, and in our case was You_are_in_danger.pdf, that contain a PDF exploit.



blog comments powered by Disqus

Post a Comment

Related Posts with Thumbnails

  © Blogger template Webnolia by Ourblogtemplates.com 2009

Back to TOP