- Missouri Lottery Official Web Site
- Fedex Official Site Web
- Dr Web Official Site Phone Number
- Dr Web Cureit Official Site
- Irs Official Web Site
Back to news
Does your anti-virus consider a file to be 'clean', but you have your doubts? To scan a file, use the Dr.Web vxCube online service—a cloud-based intelligent interactive analyser for suspicious objects that has been specially designed for information security professionals and cybercriminalists. Andrew Weil, M.D., provides health and wellness information, shares advice and recipes, and answers questions on the principles of integrative medicine.
Trojan detected in APKPure Android app store client software
April 9, 2021
Doctor Web specialists have discovered a malicious functionality in APKPure—the official client application of the popular third-party Android app store. The trojan built into it downloads and installs various apps, including other malware, without users' permission.
APKPure is one of the oldest and most popular third-party games and software catalogs for the Android OS. Some Android device owners use it as an alternative to Google Play—the official Android app store. Analysis carried out by our specialists revealed that the trojan had emerged in the APKPure client version 3.17.18, relevant at the time of this news release and distributed through the official website of the APKPure platform. The app has a valid developer's signature. This could indicate the trojan was intentionally embedded by unidentified insiders, or that a hack took place and the attackers gained access to the app store developers' internal resources. The German telecommunications equipment manufacturer Gigaset also faced a similar case, which further serves as evidence of a hack. According to the company, the attackers gained access to one of its updating servers. Soon after that, several Gigaset Android smartphone models begun downloading and installing trojan applications linked to the malicious code built into the APKpure app.
Doctor Web received the first data on the malicious version of the APKPure client on March 25th. Since then, the trojan's code has changed slightly, but its main functionality remains untouched. The current version of the malware is detected by Dr.Web anti-virus as Android.Triada.4912.
This trojan belongs to the dangerous Android.Triada malware family capable of downloading, installing and uninstalling software without users' permission. In this case, the trojan is responsible for the first stage of the infection. There is another trojan of the very same family— Android.Triada.566.origin—hidden in its code in encrypted form. This trojan performs the main malicious actions. Once it is decrypted and executed, this component begins to load various websites in the default browser. For example, these can be sites with ads, as well as phishing resources. It also downloads and executes other malicious modules and various apps. So it can be said that the cybercriminals behind these trojans make money on pay-per-install schemes and ads.
Doctor Web has informed the owners of the APKPure platform about the discovered threat. The Android device owners who have installed APKPure app are advised to temporarily uninstall it to get rid of the infection. Users are also advised to use any other third-party Android app catalogs with caution.
Dr.Web anti-virus products for Android successfully detect and delete these and other modifications of the Android.Triada trojans, so they pose no threat to our users.
The analysis of the trojans continues.
Your Android needs protection.
Use Dr.Web
- The first Russian anti-virus for Android
- Over 140 million downloads—just from Google Play
- Available free of charge for users of Dr.Web home products
Tell us what you think
To ask Doctor Web's site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.
Other comments
Last updated on 5/31/2019
About
New Features
Installation
Additional Information
Dr.Web for Microsoft Exchange Server is an anti-virus plug-in designed on the basis of the latest and most advanced antivirus technologies of Doctor Web to protect corporate mail systems against viruses and spam. It flexibly integrates into the system of Microsoft Exchange Server, processes all messages and attachments dispatched to the server and neutralizes all types of viruses and malware. The plug-in checks the mail traffic for viruses, dialers, adware, hacktools, jokes and riskware.
Dr.Web for Microsoft Exchange Server performs the following functions:
•Scans all incoming and outgoing messages in real time
•Filters and blocks spam according to custom black and white lists of addresses
•Isolates infected and suspicious objects in the quarantine
•Sorts email messages
•Allows configuring groups of users and using specific settings for each group
•Sends notifications on detected viruses
•Registers incidents in Windows Event log and in the internal event database
•Collects statistics
•Allows setting identical configuration for several mail servers, including clustered servers
•Automatically updates virus databases and components
For Microsoft Exchange Server 2007/2010/2013/2016, Dr.Web for Microsoft Exchange Server integrates its own transport agents into the server transport system, thus, providing Dr.Web anti-virus engine with access to the e-mails and their attachments. For the versions of Microsoft Exchange Server preceding Microsoft Exchange Server 2013, the VSAPI (the Virus Scanning Application Programming Interface developed by Microsoft for Exchange Servers) is also supported.
Dr.Web for Microsoft Exchange Server uses virus databases, which are constantly supplemented with new records to assure up-to-date protection. Also, a heuristic analyzer is used for additional protection against unknown viruses.
New Features
A new setting for the Anti-spam module was added. In theMark as spam section you can select additional objects that will be marked as spam.
•Email campaigns and advertising email.
•Suspected spear-phishing attaks.
•Social networks' messages.
•Transactional emails.
Installation
•To install Dr.Web for Microsoft Exchange Server 12.0, your computer must meet the following minimum requirements:
Specification | Requirement |
RAM | 512 MB or more |
Disk space | 1 GB or more |
64-bit platforms For Microsoft Exchange Server 2007/2010: •Microsoft® Windows Server® 2008 x64; •Microsoft® Windows Server® 2008 R2; For Microsoft Exchange Server 2013: •Microsoft® Windows Server® 2008 R2; •Microsoft® Windows Server® 2012; •Microsoft® Windows Server® 2012 R2: ▫SP1 or higher is required for Exchange Server 2013; For Microsoft Exchange Server 2016: •Microsoft® Windows Server® 2012; •Microsoft® Windows Server® 2012 R2; •Microsoft® Windows Server® 2016: ▫Cumulative Update 3 (or higher version) for Exchange Server 2016 is required. | |
Microsoft Exchange Server | •Microsoft® Exchange Server 2007 x64 with SP1; •Microsoft® Exchange Server 2010 x64; •Microsoft® Exchange Server 2013; •Microsoft® Exchange Server 2013 with SP1 (Cumulative Update 5 or running Exchange2013-KB2938053-Fixit script is required); •Microsoft® Exchange Server 2016. |
Compatibility
Before installation of Dr.Web for Microsoft Exchange Server, please review the following information on product compatibility:
1.Dr.Web for Microsoft Exchange Server of version 12.0 is compatible only with Dr.Web products of major version 12.0, including Anti-virus for Windows Server 12.0.
2.Dr.Web for Microsoft Exchange Server is not compatible with other anti-virus software. Installing two anti-virus programs on one computer may lead to system crash and loss of important data. If you already have anther anti-virus software installed then it is necessary to uninstall it using the installation file or standard tools of the OS.
3.Dr.Web for Microsoft Exchange Server of version 12.0 is not compatible with Dr.Web for Microsoft ISA Server/Forefront TMG.
Installation of Dr.Web for Microsoft Exchange Server 12.0
Before installation
•Install all critical updates released by Microsoft for the OS version used on your computer (available at http://windowsupdate.microsoft.com).
•Check the file system with system utilities and remove the detected defects.
•Close all active applications.
If you are using Microsoft Exchange Server 2013 with SP1, but without Cumulative Update 5, run the Exchange2013-KB2938053-Fixit script available on the Microsoft official website at http://support.microsoft.com/kb/2938053 before installation to prevent errors of registering the transport agents during the installation. |
To install Dr.Web for Microsoft Exchange Server
1.Run the installation file drweb-[version]-av-exchange-windows-x64.exe. The InstallShield Wizard will open on the first window of the installation process.
2.To continue installation, you should read and accept the terms of the License Agreement by selecting I accept the terms in the License Agreement.
Click Next.
3.Stop the Microsoft Exchange Transport service (only if you are using Microsoft Exchange Server 2007/2010/2013/2016).
To do so, click Open the list of services link, right-click the service in the list and then click Stop. Once the service is stopped, click Next.
Stopping Microsoft Exchange Transport service manually is required to preserve the installation integrity on the server operating under load. In some cases Microsoft Exchange Transport service may take considerable time to stop. |
4.Select the licensing type. You can register your license later, specify the path to the valid license key file or use the key file from the central protection server if Dr.Web Agent is installed on your computer.
Click Next.
For correct plug-in operation, specify the path to the drweb32.key license key file. To register license after installation or to renew it, copy the valid license key file to the program installation folder, then restart Dr.Web for MSP Scanning Service. |
Missouri Lottery Official Web Site
5.Before starting the installation procedure, click Installation parameters to configure the following parameters:
•Install transport agents – allows you to install transport agents (enabled by default). If you are using Microsoft Exchange Server 2007/2010/2013/2016, enabling this option registers the DRWTransportAgent.dll library and its transport agents (anti-virus and anti-spam) by Microsoft Exchange Transport service. If you are using Microsoft Exchange Server of previous versions, enabling this option registers the DrWebSink.dll library and enables the anti-spam agent in Microsoft Internet Information Services (IIS).
•Install VSAPI – allows you to install the DrWebVSAPI.dll component for scanning via VSAPI (not supported in Microsoft Exchange Server 2013) provided by Microsoft Exchange Information Store service. If this option is enabled, you can also configure additional parameters: enable scanning of the outgoing messages, proactive and background scanning.
You can also enable the transport agents installation and registration monitoring by selecting the Enable transport agents monitoring option. During the installation on Microsoft Exchange Server 2007/2010/2013/2016, transport agents are registered in SMTP transport system by Exchange PowerShell, which does not close automatically, so you will need to enter the exit command manually to complete installation.
Click OK.
To avoid transport agents registration errors during the installation, please make sure that the RemoteExchange.ps1 script is installed on Microsoft Exchange Server (the script is located by default in the C:Program FilesMicrosoftExchange ServerV14bin folder on Microsoft Exchange Server 2010 or in the C:Program FilesMicrosoftExchange ServerV15bin folder on Microsoft Exchange Server 2013). |
6.If you are re-installing the application, you may use the saved configuration (if the corresponding option was selected during its removal) or delete it and re-configure the application after installation.
Click Next.
The installation of Dr.Web for Microsoft Exchange Server on your computer will start. By default, program files are copied to %Program Files%DrWeb for Exchange and %Program Files%Common FilesDoctor Web folders. the event logs and auxiliary files are copied to %Program Data%Doctor Web folder.
7.If you selected the Enable transport agents monitoring option when configuring thee installation parameters, you need to exit the monitoring window after the transport agents are installed and registered. Enter the exit command in PowerShell. The 'Dr.Web AntiVirus Agent enabled' and 'Dr.Web AntiSpam Agent enabled' messages in PowerShell indicate the successful agents registration by Microsoft Exchange Transport service. Enter the exit command in PowerShell.
8.Once the installation is complete, click Finish.
If Microsoft Exchange POP3 or Microsoft Exchange IMAP4 service do not operate correctly after Dr.Web for Microsoft Exchange Server is installed on the computer, it is recommended to restart them. The restart is not required: the Microsoft Exchange Transport service is started automatically, resulting the correct operation of the server. However, if the POP3 and IMAP4 supporting services are running on the server, restarting the Microsoft Exchange Transport service may disconnect them from the server transport system. In this case it is recommended to wait until Microsoft Exchange Transport and the installed application services are started and then to restart the Microsoft Exchange POP3 and/or Microsoft Exchange IMAP4 services manually (or to restart the computer). |
Upgrade to version 12.0
To update Dr.Web for Microsoft Exchange Server to version 12.0, it is necessary to start installation of this version of the application.
If a previous version is detected during the installation, you will be prompted to delete it. If you confirm the deletion, the previous version will be deleted, then the computer will be restarted. Then Dr.Web for Microsoft Exchange Server 12.0 installation procedure described above will start.
Additional Information
If you encounter any issues installing or using company products, before requesting for the assistance of the technical support, take advantage of the following options:
•Download and review the latest manuals and guides at https://download.drweb.com/doc/.
•Read the frequently asked questions at http://support.drweb.com/show_faq/.
•Browse the Dr.Web official forum at http://forum.drweb.com/.
If you have not found solution for the problem, you can request direct assistance from Doctor Web company technical support by one of the following ways:
Fedex Official Site Web
•Fill in the web from in the corresponding section at http://support.drweb.com/.
•Close all active applications.
If you are using Microsoft Exchange Server 2013 with SP1, but without Cumulative Update 5, run the Exchange2013-KB2938053-Fixit script available on the Microsoft official website at http://support.microsoft.com/kb/2938053 before installation to prevent errors of registering the transport agents during the installation. |
To install Dr.Web for Microsoft Exchange Server
1.Run the installation file drweb-[version]-av-exchange-windows-x64.exe. The InstallShield Wizard will open on the first window of the installation process.
2.To continue installation, you should read and accept the terms of the License Agreement by selecting I accept the terms in the License Agreement.
Click Next.
3.Stop the Microsoft Exchange Transport service (only if you are using Microsoft Exchange Server 2007/2010/2013/2016).
To do so, click Open the list of services link, right-click the service in the list and then click Stop. Once the service is stopped, click Next.
Stopping Microsoft Exchange Transport service manually is required to preserve the installation integrity on the server operating under load. In some cases Microsoft Exchange Transport service may take considerable time to stop. |
4.Select the licensing type. You can register your license later, specify the path to the valid license key file or use the key file from the central protection server if Dr.Web Agent is installed on your computer.
Click Next.
For correct plug-in operation, specify the path to the drweb32.key license key file. To register license after installation or to renew it, copy the valid license key file to the program installation folder, then restart Dr.Web for MSP Scanning Service. |
Missouri Lottery Official Web Site
5.Before starting the installation procedure, click Installation parameters to configure the following parameters:
•Install transport agents – allows you to install transport agents (enabled by default). If you are using Microsoft Exchange Server 2007/2010/2013/2016, enabling this option registers the DRWTransportAgent.dll library and its transport agents (anti-virus and anti-spam) by Microsoft Exchange Transport service. If you are using Microsoft Exchange Server of previous versions, enabling this option registers the DrWebSink.dll library and enables the anti-spam agent in Microsoft Internet Information Services (IIS).
•Install VSAPI – allows you to install the DrWebVSAPI.dll component for scanning via VSAPI (not supported in Microsoft Exchange Server 2013) provided by Microsoft Exchange Information Store service. If this option is enabled, you can also configure additional parameters: enable scanning of the outgoing messages, proactive and background scanning.
You can also enable the transport agents installation and registration monitoring by selecting the Enable transport agents monitoring option. During the installation on Microsoft Exchange Server 2007/2010/2013/2016, transport agents are registered in SMTP transport system by Exchange PowerShell, which does not close automatically, so you will need to enter the exit command manually to complete installation.
Click OK.
To avoid transport agents registration errors during the installation, please make sure that the RemoteExchange.ps1 script is installed on Microsoft Exchange Server (the script is located by default in the C:Program FilesMicrosoftExchange ServerV14bin folder on Microsoft Exchange Server 2010 or in the C:Program FilesMicrosoftExchange ServerV15bin folder on Microsoft Exchange Server 2013). |
6.If you are re-installing the application, you may use the saved configuration (if the corresponding option was selected during its removal) or delete it and re-configure the application after installation.
Click Next.
The installation of Dr.Web for Microsoft Exchange Server on your computer will start. By default, program files are copied to %Program Files%DrWeb for Exchange and %Program Files%Common FilesDoctor Web folders. the event logs and auxiliary files are copied to %Program Data%Doctor Web folder.
7.If you selected the Enable transport agents monitoring option when configuring thee installation parameters, you need to exit the monitoring window after the transport agents are installed and registered. Enter the exit command in PowerShell. The 'Dr.Web AntiVirus Agent enabled' and 'Dr.Web AntiSpam Agent enabled' messages in PowerShell indicate the successful agents registration by Microsoft Exchange Transport service. Enter the exit command in PowerShell.
8.Once the installation is complete, click Finish.
If Microsoft Exchange POP3 or Microsoft Exchange IMAP4 service do not operate correctly after Dr.Web for Microsoft Exchange Server is installed on the computer, it is recommended to restart them. The restart is not required: the Microsoft Exchange Transport service is started automatically, resulting the correct operation of the server. However, if the POP3 and IMAP4 supporting services are running on the server, restarting the Microsoft Exchange Transport service may disconnect them from the server transport system. In this case it is recommended to wait until Microsoft Exchange Transport and the installed application services are started and then to restart the Microsoft Exchange POP3 and/or Microsoft Exchange IMAP4 services manually (or to restart the computer). |
Upgrade to version 12.0
To update Dr.Web for Microsoft Exchange Server to version 12.0, it is necessary to start installation of this version of the application.
If a previous version is detected during the installation, you will be prompted to delete it. If you confirm the deletion, the previous version will be deleted, then the computer will be restarted. Then Dr.Web for Microsoft Exchange Server 12.0 installation procedure described above will start.
Additional Information
If you encounter any issues installing or using company products, before requesting for the assistance of the technical support, take advantage of the following options:
•Download and review the latest manuals and guides at https://download.drweb.com/doc/.
•Read the frequently asked questions at http://support.drweb.com/show_faq/.
•Browse the Dr.Web official forum at http://forum.drweb.com/.
If you have not found solution for the problem, you can request direct assistance from Doctor Web company technical support by one of the following ways:
Fedex Official Site Web
•Fill in the web from in the corresponding section at http://support.drweb.com/.
•Call by phone in Moscow: +7 (495) 789-45-86.
Dr Web Official Site Phone Number
Refer to the official website at http://company.drweb.com/contacts/offices/ for regional and international office information of Doctor Web company.
All rights reserved. This document is a property of Doctor Web No part of this document may be reproduced, published or transmitted in any form or by any means for any other purpose than the purchaser's personal use without proper attribution.
TRADEMARKS
Dr.Web, SpIDer Mail, SpIDer Guard, CureIt!, CureNet!, AV-Desk and Dr.WEB logos are trademarks and registered trademark of Doctor Web. Other trademarks, registered trademarks and company names used in this document are property of their respective owners.
DISCLAIMER
Dr Web Cureit Official Site
In no event shall Doctor Web and its resellers or distributors be liable for errors or omissions, or any loss of profit or any other damage caused or alleged to be caused directly or indirectly by this document, the use of or inability to use information contained in this document.
Irs Official Web Site
© Doctor Web, 2019
Russia, Moscow – Saint-Petersburg
