TG Soft Software House - Vir.IT eXplorer: AntiVirus, AntiSpyware and AntiMalware
Detects viruses and malwareIdentifies polymorphic viruses thanks to DEEP SCANMacro Virus AnalyzerINTRUSION DETECTION TechnologyVirus/malware removal toolsInstallation on Active Directory16/32/64 bit Real-Time ProtectionVir.IT Scan MailVir.IT Console Client/ServerVir.IT WebFilter ProtectionAutomatic Live-UpdateVir.IT Personal FirewallItalian Tech SupportAntiMalware Reserch Center


Submit suspicious file
fb rss linkedin twitter

ICSA Lab

Vir.IT eXplorer PRO pass the test VB100 2017-04

AMTSO

OpsWat

EICAR Membro SERIT - SEcurity Research in ITaly

C.R.A.M. goals (Anti-Malware Research Center):

Anti-Malware Research Center

The objectives of the C.R.A.M.:

  • PROMOTE and SPREAD in our country the culture and awareness of IT security in all its aspects.
  • SUGGEST and PROPOSE conscious attitudes about Information Security and, in particular, which behavior user and IT consultants should take care about in order to deal with new virus/malware infections.
  • PROVIDE support about IT security to private and industry customers.
  • FOCUS on behavior methodology to deal with the C.R.A.M. team to send virus/malware or suspicious files not detected or removed by your Antivirus software. Take a look at [I have problem with virus/malware what should I do?] to see how to deal with infections.
  • PROMOTE, CREATE e FOSTER initiatives for training and awareness on different Information Security issues, in particular through the organization on seminars and publication of news, documents about IT security.
    TG Soft has realized a dedicated space, malwarelist.org, where news and findings, coming from malware analysis activity conducted by the TG Soft, are published.
  • REALIZE intercepting tests on virus/malware really affecting nowadays networks/computers.
  • TAKE initiatives towards firms and competent authorities, with the aim of coordinating the evolution of techniques and rules, both national and internationally, of Information Security.
  • BECOME a point of reference for the legislature.


I AM EXPERIENCING A PROBLEM WITH VIRUS/MALWARE WHAT CAN I DO?

When you get in touch with virus, spyware, trojan, backdoor, adware, dialer, BHO, hijacker, fraudtools, rootkit and generally speaking malwares, you are presumably in front of one of the following situations:

Click on the elements that more is close to your situation, in order to understand what to do to get rid of the infection thanks to the TG Soft's C.R.A.M. team.

  1. The virus/malware is detected uniquely but it is not removed:

    If you are facing an infection that is detected uniquely by Vir.IT eXplorer there should be no problem. If Vir.IT eXplorer is used correctly the infection can be removed with no problem. If not, it is suggested to contact the C.R.A.M. team in order to get support. By using assistenza@viritpro.com you can get in touch with the team (Available only for costumers of the PRO version of Vir.IT eXplorer PRO);


    ^^ Go up to the choice selection ^^
  2. The virus/malware is detected as a possible variant of {virus_name}:

    If you are experiencing an infection from a virus/malware detected by Vir.IT eXplorer as a possible variant of {virus_name}, Vir.IT won't remove the problem correctly. In this case it is necessary send the file to the C.R.A.M. team. From Vir.IT Lite Monitor and from Vir.IT Security Monitor, as can be seen from the images below, it is possible to proceed with the selection and the sending of the files detected as possible variant. Sending files to the C.R.A.M. team has no extra charges, priority will be given to the user of the PRO version of TG Soft.


    Send suspicious files from Vir.IT eXplorer Lite with Vir.IT Lite Monitor Send suspicious files from Vir.IT eXplorer PRO with Vir.IT Security Monitor


    Send a suspicion file - Vir.IT Lite Monitor Send a suspicion file - Vir.IT Security Monitor


    In both cases a standard window of Microsoft Windows will pop-up and let the user choose the file detected by Vir.IT as a {virus_variant}, the image above shows the window displayed after clicking on the Send a suspicion file (PRO/Lite version).

    Send a suspicion file - Vir.IT Monitor


    ^^ Go up to the choice selection ^^
  3. A suspicious program has put itself in Auto Run mode and was detected by the Intrusion Detection system:

    When the Intrusion Detection system technology detects and shows a program that has put itself in auto execution mode it is probably (99%) a virus/malware of new generation not yet detected by Vir.IT eXplorer PRO. In this case it is necessary send the suspicious file to the C.R.A.M. team for a first analysis in order to generate a specific signatures and algorithms to detect and remove properly the infection.

    As shown by the image below it is possible to send the file as soon it is detected by the resident shield (Vir.IT Lite Monitor or Vir.IT Security Monitor).

    Sending a suspicious file to the C.R.A.M. is free of charge, priority will be given to the user of the PRO version of Vir.IT eXplorer suite.


    Send a suspicion file - Vir.IT Intrusion Detection

    EVEN IF FOR SOMEONE CAN LOOKS LIKE UNNECESSARY, WE SUGGEST TO PRESS THE SEND BUTTON.

    ^^ Go up to the choice selection ^^
  4. Suspect of infection from a new generation and/or unknown virus/malware:

    If you have the suspect that your computer is infected (computer slowdown, strange behaviour, advertising popping-up everywhere when surfing or simply when using the computer,[other]) it is a symptom of a new potential infection maybe not yet discovered or detected by the current version of the AntiVirus. In this situation it is suggested to send the List of the files in execution directly to the C.R.A.M..

    Directly from Vir.IT Lite Monitor or Vir.IT Security Monitor it is possible, with few clicks, send the list of files in execution.


    Send List of file in execution from the free version Vir.IT eXplorer Lite through the Vir.IT Lite Monitor Send List of file in execution from the pro version Vir.IT eXplorer PRO through the Vir.IT Security Monitor


    Send file in Auto Execution - Vir.IT Lite Monitor Send file in Auto Execution - Vir.IT Security Monitor


    From the window that appears you can simply click on the [Send Mail] button, as shown in the image below:

    Programmi in Esecuzione Automatica - Vir.IT Monitor


    ^^ Go up to the choice selection ^^



USE ANTIVIRUS SOFTWARE WITH AWARENESS

Many user and many security consultants think that AntiVirus can stop all types of virus/malware affecting nowadays networks. This belief, as can be simple understood, is not true. Indeed, if it would be true, AntiVirus software would not have the necessity to be constantly updated. An AntiVirus software receives new signatures across with new engines only when a new type of infection is discovered in the wild, ie after a user is hit by the infection and one of the may end user that are experiencing the same issue is quick enough to send the sample to its research center of reference.

The research center will proceed with the extraction of an identification signature and implement, when possible, algorithms for its removal.

There is no need to wonder if AntiVirus software can't identify a virus/malware. No anti-virus software is exempt from this reality. It is in this situation that some products can make differences taking care about the end user and offering a high level of support that other company doesn't consider.

TG Soft S.a.s, Software House specialized in Information Security since 1993, develops AntiVirus and AntiMalware software solutions, has always had the intellectual honesty to present this problematic and focus not only on already known infections, but also and especially on new generation of virus/malware and/or not yet detected by the current version of their software.

TG Soft with the goal of support end users with its security software solutions, makes available the Vir.IT Intrusion Detection technology that allows a constant protection of the system. In the case the computer is hit by a new generation virus/malware, Vir.IT displays an information window in the center of the monitor warning the end user about a new strange activity detected on the computer. With a simple “click” the user can decide to send the detected file to the C.R.A.M. for a first analysis. In the case the file is discovered to be a new type of virus/malware, new signatures and algorithms are created to sanitize the infection and clean the computer.



SEND THE 'ANOMALY' TO GET A SOLUTION

As already stated some users and IT consultant are thinking (wrongly) that AntiVirus can detect all virus/malware already discovered and not yet discovered.

When your AntiVirus software doesn't detect a virus/malware, generally in the mind of the end user and sometime in the retailer of the software solution as well, is popping up the idea that the purchased software isn't infallibility. The problem can't be found in the fallibility of the product, instead, in the wrong idea, that the software is INFALLIBILY.

Unfortunately no AntiVirus software is foolproof and as already stated, the only way a company can be sure that its AntiVirus is detecting and removing infections is making analyse the infection to its team. This is obviously possible only if an infected user is quick enough in sending a sample of the infection to his research center of reference.

It is in this situation that it is possible to see the quality of the delivered service. If the AntiVirus software has no tools for sending suspicious files or program set in Auto Run mode it does mean that the AntiVirus software has no care about end users problematic.

From long time TG Soft makes available the possibility to send suspicious and/or infected file to its laboratory. The steps to follow in order to send a file can be done in few clicks.

We want to emphasize one more time that in order to get a solution it is fundamental send the problem. Prevent sending suspicious file does mean that in further version of the AntiVirus software it is possible that your specific infections will not be detected and remove.


We suggest to follow the steps below:

  1. Send suspicious and/or infected files to TG Soft, through the Vir.IT Intrusion Detection technology;
  2. Aside from sending suspicious and/or infected files, it can be useful send the list of Auto Run programs; from its analysis TG Soft researcher can understand if there are malicious files;
  3. After this two actions are made, the user has to wait the C.R.A.M. analysis, in the meantime the user is free to try to discover new solutions to fix as fast as possible his/her problem but we suggest to avoid this approach. If something get wrong, the end user can make more damage than the infection;
  4. After the solution developed by the C.R.A.M. team is made available to the end user, stick to the instructions written in the email to get rid of the infection/problem detected on the computer.



VADEMECUM – HOW TO AVOID VIRUS/MALWARE OF NEW GENERATION

  1. Take up to date your computer with all security patches proper of the Operating System (with Microsoft Windows Update), and take always an eye on the IE browser security updates. Going to http://www.update.microsoft.com/;

  2. Take up to date your AntiVirus software and make cross check with different IT software solutions. For this purpose we suggest to try Vir.IT eXplorer Lite, that is developed with the idea to be interoperable with any other AntiVirus solutions already installed on the computer: download Vir.IT eXplorer Lite;

  3. Avoid to open attached elements coming from unknown people or strange messages coming from known person, for example your director sends you a file or a link with explicit pornography images or videos;

  4. Avoid to get played from social engineering technique, by tricky messages that informs you about a winning price, goods or services, because in most of the cases you will be asked to click on a link.

    The link can refer to a virus/malware or to “form” that needs to be compiled. If the user is using his/her true personal information the 'bad guy' will store your date and sell them to others or just force you to download a new generations virus/malware on your computer;

  5. Avoid the use of peer-to-peer software. Peer-to-peer solutions like eMule, KaZaA, DC++, and many others, are used by virus-writer to distribute their new creations that are masked as genuine files. In most cases these files are inside the top ten files more downloaded from users.;

  6. Prevent to visit non institutional website. (example. Pornography, cracks, illegal sharing website, etc).

    Some of these website tracks users activity in order to send advertising Pop-Ups while the user is surfing on the web;

  7. Prevent to fall in the fraudtool tricks. These are scareware software, like fake AntiVirus that thanks to an attractive interface convince the end user that the computer is infected, at the same time they try to play the user to buy the full protection of the rouge AntiVirus in order to get rid of all the detected (false) infections. Of course if the user wants to buy the fake AV (in most cases) the proposed solution is through a credit card;





TG Soft S.a.s. - via Pitagora 11/B, 35030 Rubàno (PD), ITALY - C.F. e P.IVA 03296130283