'virus'에 해당되는 글 2건

  1. 2011.10.25 Comodo Cleaning Essentials (CCE) (1)
  2. 2009.11.06 GENO Virus에 의한 SCRIPT 삽입 공격 흐름
2011. 10. 25. 10:20

Comodo Cleaning Essentials (CCE)

Comodo Cleaning Essentials (CCE) is a set of computer security tools designed to help users identify and remove malware and unsafe processes from infected computers.

Comodo Cleaning Essentials (CCE) is a set of powerful security tools designed to help users identify and remove malware and unsafe processes from Windows computers. Designed as a portable application, the software requires no installation and can be run directly from removable media such as a USB key.

CCE consists of two core technologies:

  • KillSwitch - an advanced system monitoring tool that allows users to identify, monitor and stop potentially unsafe processes that are running on endpoint systems. Uniquely for a product of its type, KillSwitch leverages Comodo's huge whitelist database to isolate untrusted processes with an extremely high degree of accuracy – improving IT operational efficiency by reducing false positives and cutting the amount of time spent troubleshooting an endpoint machine.
  • Malware scanner – fully featured malware scanner capable of unearthing and removing viruses, rootkits, hidden files and malicious registry keys hidden deep within a system. The scanner is highly configurable, uses the latest heuristic techniques to detect previously unknown viruses, features first-class malware removal capabilities and is capable of detecting hidden drivers and services loaded during system start-up.

CCE is another indispensable security tool from Comodo that offers unique functionality to users of any experience levels.

All users will benefit from the ability to quickly scan and remove viruses with a VB100 rated scanning engine. Advanced users such as system admins will enjoy the high levels of visibility and control that KillSwitch provides over processes and services.

CCE Features
  • Classifies the threat level of all objects and processes currently loaded into memory and highlights those that are not trusted
  • Allows the admin to terminate, delete or suspend every untrusted item with a single click.
  • On-demand malware scanner quickly finds viruses, rootkits and hidden services
  • Extremely efficient malware removal routines thoroughly disinfect virus stricken endpoints
  • Detailed statistics and graphs allow admins to analyze and fine tune system activity to almost infinite levels of detail
  • Leverages Comodo's huge whitelist database to accurately identify the trust status of every running process with minimal false positives
  • Integration with Comodo cloud scanning technology delivers instant behavioral analysis of unknown processes
  • Powerful system tools provide control over even the most obscure system settings
  • Simple interface for admins to manage trusted vendors list
  • Comprehensive event logs provide detailed overview of system activity on endpoint machines
  • Quick repair feature allows fast restoration of important Windows settings
  • Can replace the standard Windows Task Manager if required
  • Another indispensable addition to admin's security toolkit to complement software such as Comodo Internet Security
  • Lightweight – requires no installation and can be run right from a USB stick
  • Fast, free and easy to use

FreeDownload : http://enterprise.comodo.com/security-solutions/endpoint-security/cleaning-essentials/download-form.php?key5subkey1=564e8abe8709a69fdc2dc19b42a527b18755933e&key5subkey2=&key5subkey3=1319537671000&key5subkey4=&key5subkey5=1319537823000&key6subkey1=&key6subkey2=CH130782220&key6subkey3=5&key6subkey4=ko-kr&key6subkey5=KR&key6subkey6=0&key6subkey7=http://www.comodo.com/business-security/network-protection/cleaning_essentials.php&key6subkey8=103183&key6subkey9=16001200&key6subkey10=true&key7subkey1=111

출처 : comodo.com

Trackback 0 Comment 1
  1. 우울이 2011.10.25 13:22 address edit & del reply

    COMODO Cleaning Essentials (CCE) 2.0.212902.151 BETA Released!

    Download Locations:

    32 bit:

    64 bit:

2009. 11. 6. 16:30

GENO Virus에 의한 SCRIPT 삽입 공격 흐름

Hacker à 취약 Web 서버  [APP Hacking 이용한 Adobe사의 Acrobat이나 Flash Exploit삽입]

Hacker à GENO Virus 유포 Web 서버 [APP Hacking을 이용하여 GENO Virus 실행 파일삽입]

Web 서버 관리자 à 취약 Web 서버 [메일이나 게시판등의 redirection에 의해 취약 Web 서버로 접근]

③④ 취약 Web 서버 à GENO Virus 유포 Web 서버 à Web 서버 관리자

[“Web 서버 관리자의 인지 없이  Exploit 코드에 의해 “GENO Virus 유포 Web 서버에서 GENO Virus 다운로드 및 실행

⑤ Web 서버 관리자 [실행된 GENO Virus에 의해 관리자가 웹사이트의 파일을 관리하는 FTP 프로그램을 가지고 있을 경우 ID/PW유출]

⑥ Web 서버 관리자 à Web 서버

[GENO Virus가 가지고 있는 유출된 ID/PW를 이용하여 Web서버 접근 후 Index , Main이름을 가진 PHP, HTML 파일에 SCRIPTIFRAME삽입]

“Web 서버취약 Web 서버화 되면서 2차 피해 발생

GENO Virus 침해 대응
 Web 서버 관점 - 악성 Script Iframe 삭제
 Web 서버 관리자 관점 - GENO Virus 치료
                                   관리가 PC의 각 Application 최신 Patch 및 백신 패턴 업데이트
                                   Secure FTP 사용
                                   FTP ID/PW 변경

출처 : http://blog.naver.com/kumao111

Trackback 0 Comment 0