Bloggers From Pemalang City, Indonesia
Join 4Shared Now! Get 4Shared Premium!

Senin, 14 Juni 2010

Remove Internet Security 2010 (Uninstall Guide)

Alert! Have a problem and would like to ask us for help? To learn how to ask your question Click Here!
Stop! Do you have popups or other malware infecting your computer? If so, Start Here!
Question? Are you having trouble using this site? Then you should visit the New User Orientation Center!

What this programs does:

Internet Security 2010 is a rogue anti-spyware program that is installed through the use of malware. Once installed, Internet Security will be configured to start automatically when you login to Windows. It will then scan your computer and display numerous infections, but will not remove anything until you purchase the program. These infections, though, are all fake and are only being shown to trick you into thinking you are infected so that you then purchase the program. It goes without saying that you should definitely not purchase this program.

Internet Security 2010
Internet Security 2010
For more screen shots of this infection click on the image above.
There are a total of 8 images you can view.

Internet Security 2010 is typically bundled with numerous Trojans that display fake security alerts on your computer. For example, one Trojan will display a message when you login into Windows before you see your desktop. This message will state:

Security Warning!
Worm.Win32.NetSky detected on your machine.

It will then recommend that you purchase the program to remove the infection. When you start certain programs, another Trojan will display a message and then terminate the program. The message it will display is:

Application cannot be executed. The file is infected. Please activate your antivirus software.

Some of the programs that will cause this message to be shown include Notepad, the CMD prompt, Freecell, Minesweeper, Nero, Windows Messenger, Microsoft Word, Microsoft Excel, Window calculator, Skype, and PowerPoint. This same Trojan will also display a warning when you try to run programs, such as Windows Media Player or WinAmp, that play audio and video files. This error message is:

Windows can`t play the folowing media formats: AVI;WMV;AVS;FLV;MKV;MOV;3GP;MP4;MPG;MPEG;MP3;AAC;WAV;WMA;CDA;FLAC;M4A;MID. Update your video and sound codec to resolve this issue.

It will then prompt you to purchase VSCodec Pro, which is another rogue program, to fix the supposed problem. Just like the scan results, these security warnings are fake and are only being shown to try and convince you that your computer has a security problem.

As you can see, Internet Security 2010 was created to scare you into purchasing the program. Without a doubt, you should definitely not do so, and if you have, you should contact your credit card company and dispute the charges stating that the program is a scam. Finally, to remove Internet Security 2010 and any related malware please use the removal guide to remove it for free.

Threat Classification:

Advanced information:

View Internet Security 2010 files.
View Internet Security 2010 Registry Information.

Tools Needed for this fix:

Symptoms that may be in a HijackThis Log:

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon86.exe
O4 - HKLM\..\Run: [winupdate86.exe] C:\WINDOWS\system32\winupdate86.exe
O4 - HKCU\..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper86.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper86.dll

Automated Removal Instructions for Internet Security 2010 using Malwarebytes' Anti-Malware:

  1. Print out these instructions as we may need to close every window that is open later in the fix.

  2. Before we can do anything we must first end the processes that belong to Internet Security 2010 so that it does not interfere with the cleaning procedure. To do this, download the following file to your desktop.

    rkill.com Download Link

  3. Once it is downloaded, double-click on the rkill.com in order to automatically attempt to stop any processes associated with Internet Security 2010 and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Internet Security 2010 when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Internet Security 2010 . So, please try running Rkill until the malware is no longer running. You will then be able to proceed with the rest of the guide. If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

    Do not reboot your computer after running rkill as the malware programs will start again.


  4. Now you should download Malwarebytes' Anti-Malware, or MBAM, from the following location and save it to your desktop:

    Malwarebytes' Anti-Malware Download Link


  5. Once downloaded, close all programs and Windows on your computer, including this one.

  6. Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MBAM onto your computer.

  7. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing and is at the last screen, make sure you uncheck both of the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware check boxes. Then click on the Finish button. If Malwarebytes' prompts you to reboot, please do not do so.

    If you receive a code 2 error while installing Malwarebytes's, please press the OK button to close these errors as we will resolve them in future steps. The code 2 error will look similar to the image below.


    Malwarebytes Anti-Malware Screen

  8. As this infection deletes a core executable of Malwarebytes' we will need to download a new copy of it and put it in the C:\program files\Malwarebytes' Anti-Malware\ folder. To download the file please click on the following link:

    Malwarebytes' EXE Download
    When your browser prompts you where to save it to, please save it to the C:\program files\Malwarebytes' Anti-Malware\ folder. When downloading the file, it will have a random filename. Please leave the filename the way it is as it is important that it is not changed. You may want to write down the name of the file as you will need to know the name in the next step.

  9. Once the file has been downloaded, open the C:\program files\Malwarebytes' Anti-Malware\ folder and double-click on the file you downloaded in step 8. MBAM will now start and you will be at the main program screen as shown below.


    Malwarebytes Anti-Malware Screen

  10. Before you can perform a scan, you must first update the program. To do this click on the Update tab, and that at the new screen click on the Check for Updates button. Malwarebytes' will now check for new updates and download and install them as necessary. When the update is completed, you will be prompted with a message stating either that you already have the latest updates or that they have been updated. Either way, you should now click on the OK button to continue.

  11. Now click on the Scanner tab and make sure the the Perform full scan option is selected. Then click on the Scan button to start scanning your computer for Internet Security 2010 related files.

  12. MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.


    Malwarebytes Anti-Malware Scanning Screen

  13. When the scan is finished a message box will appear as shown in the image below.


    Malwarebytes Anti-Malware Scan Finished Screen

    You should click on the OK button to close the message box and continue with the Internet Security 2010 removal process.

  14. You will now be back at the main Scanner screen. At this point you should click on the Show Results button.

  15. A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.


    Malwarebytes Scan Results


    You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.

  16. When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.

  17. You can now exit the MBAM program.

  18. Due to the fact that this infection deletes certain MalwareBytes' files, and we had to work around this, if you wish to continue using MalwareBytes' Anti-Malware, which we suggest you do, then you should uninstall and then install it again so that the files are created properly.

Your computer should now be free of the Internet Security 2010 program. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes' Anti-Malware to protect against these types of threats in the future.

If you are still having problems with your computer after completing these instructions, then please follow the steps outlined in the topic linked below:

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Associated Internet Security 2010 Files:

c:\s
c:\Program Files\InternetSecurity2010
c:\Program Files\InternetSecurity2010\IS2010.exe
c:\WINDOWS\system32\41.exe
c:\WINDOWS\system32\winhelper86.dll
c:\WINDOWS\system32\winlogon86.exe
c:\WINDOWS\system32\winupdate86.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
%UserProfile%\Desktop\Internet Security 2010.lnk
%UserProfile%\Start Menu\Internet Security 2010.lnk

Associated Internet Security 2010 Windows Registry Information:

HKEY_CURRENT_USER\Software\IS2010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Internet Security 2010"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "winupdate86.exe"


Continue reading...

Kamis, 10 Juni 2010

Computer viruses: description, prevention, and recovery

This article was previously published under Q129972

To continue receiving security updates for Windows, make sure you're running Windows XP with Service Pack 3 (SP3). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.

This article discusses the following:
  • How to determine whether your computer is infected with a computer virus, a worm, or a trojan
  • How to recover from an infection
  • How to prevent future infections from a computer virus

What is a computer virus?

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer, use an e-mail program to spread the virus to other computers, or even delete everything on the hard disk.

Computer viruses are most easily spread by attachments in e-mail messages or by instant messaging messages. Therefore, you must never open an e-mail attachment unless you know who sent the message or unless you are expecting the e-mail attachment. Computer viruses can be disguised as attachments of funny images, greeting cards, or audio and video files. Computer viruses also spread by using downloads on the Internet. Computer viruses can be hidden in pirated software or in other files or programs that you may download.

Symptoms of a computer virus

If you suspect or confirm that your computer is infected with a computer virus, obtain the current antivirus software. The following are some primary indicators that a computer may be infected:
  • The computer runs slower than usual.
  • The computer stops responding, or it locks up frequently.
  • The computer crashes, and then it restarts every few minutes.
  • The computer restarts on its own. Additionally, the computer does not run as usual.
  • Applications on the computer do not work correctly.
  • Disks or disk drives are inaccessible.
  • You cannot print items correctly.
  • You see unusual error messages.
  • You see distorted menus and dialog boxes.
  • There is a double extension on an attachment that you recently opened, such as a .jpg, .vbs, .gif, or .exe. extension.
  • An antivirus program is disabled for no reason. Additionally, the antivirus program cannot be restarted.
  • An antivirus program cannot be installed on the computer, or the antivirus program will not run.
  • New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs.
  • Strange sounds or music plays from the speakers unexpectedly.
  • A program disappears from the computer even though you did not intentionally remove the program.
Note These are common signs of infection. However, these signs may also be caused by hardware or software problems that have nothing to do with a computer virus. Unless you run the Microsoft Malicious Software Removal Tool, and then you install industry-standard, up-to-date antivirus software on your computer, you cannot be certain whether a computer is infected with a computer virus or not.

Symptoms of worms and trojan horse viruses in e-mail messages

When a computer virus infects e-mail messages or infects other files on a computer, you may notice the following symptoms:
  • The infected file may make copies of itself. This behavior may use up all the free space on the hard disk.
  • A copy of the infected file may be sent to all the addresses in an e-mail address list.
  • The computer virus may reformat the hard disk. This behavior will delete files and programs.
  • The computer virus may install hidden programs, such as pirated software. This pirated software may then be distributed and sold from the computer.
  • The computer virus may reduce security. This could enable intruders to remotely access the computer or the network.
  • You receive an e-mail message that has a strange attachment. When you open the attachment, dialog boxes appear, or a sudden degradation in system performance occurs.
  • Someone tells you that they have recently received e-mail messages from you that contained attached files that you did not send. The files that are attached to the e-mail messages have extensions such as .exe, .bat, .scr, and .vbs extensions.

Symptoms that may be the result of ordinary Windows functions

A computer virus infection may cause the following problems:
  • Windows does not start even though you have not made any system changes or even though you have not installed or removed any programs.
  • There is frequent modem activity. If you have an external modem, you may notice the lights blinking frequently when the modem is not being used. You may be unknowingly supplying pirated software.
  • Windows does not start because certain important system files are missing. Additionally, you receive an error message that lists the missing files.
  • The computer sometimes starts as expected. However, at other times, the computer stops responding before the desktop icons and the taskbar appear.
  • The computer runs very slowly. Additionally, the computer takes longer than expected to start.
  • You receive out-of-memory error messages even though the computer has sufficient RAM.
  • New programs are installed incorrectly.
  • Windows spontaneously restarts unexpectedly.
  • Programs that used to run stop responding frequently. Even if you remove and reinstall the programs, the issue continues to occur.
  • A disk utility such as Scandisk reports multiple serious disk errors.
  • A partition disappears.
  • The computer always stops responding when you try to use Microsoft Office products.
  • You cannot start Windows Task Manager.
  • Antivirus software indicates that a computer virus is present.
Note These problems may also occur because of ordinary Windows functions or problems in Windows that are not caused by a computer virus.

How to remove a computer virus

Even for an expert, removing a computer virus can be a difficult task without the help of computer virus removal tools. Some computer viruses and other unwanted software, such as spyware, even reinstall themselves after the viruses have been detected and removed. Fortunately, by updating the computer and by using antivirus tools, you can help permanently remove unwanted software.

To remove a computer virus, follow these steps:
  1. Install the latest updates from Microsoft Update on the computer.
  2. Update the antivirus software on the computer. Then, perform a thorough scan of the computer by using the antivirus software.
  3. Download, install, and then run the Microsoft Malicious Software Removal Tool to remove existing viruses on the computer. To download the Malicious Software Removal Tool, visit the following Microsoft Web site:
For more information about how to remove a computer virus, visit the following Microsoft Web site:
http://www.microsoft.com/protect/computer/viruses/remove.mspx

How to protect your computer against viruses

To protect your computer against viruses, follow these steps:
  1. On the computer, turn on the firewall.
  2. Keep the computer operating system up-to-date.
  3. Use updated antivirus software on the computer.
  4. Use updated antispyware software on the computer.
For more information about how to protect a computer against viruses, visit the following Microsoft Web site:
http://www.microsoft.com/protect/computer/default.mspx

How to obtain computer virus and security-related support

For United States and Canada

The computer safety team is available for computer virus and for other security-related support 24 hours a day in the United States and in Canada.

To obtain computer virus and security-related support, follow these steps:
  1. Before you contact a support engineer, make sure that you run updated antivirus software and updated spyware removal software on the infected computer.

    For more information about how to obtain a free computer safety scan, visit the following Microsoft Web site: For more information about antispyware software, visit the following Microsoft Web site:
  2. Call 1-866-PCSAFETY or call 1-866-727-2338 to contact security support.

For locations outside North America

To obtain computer virus and security-related support for locations outside North America, visit the following Microsoft Web site:
http://support.microsoft.com/common/international.aspx?rdpath=4

APPLIES TO
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, 64-Bit Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Small Business Server 2003 Premium Edition
  • Microsoft Windows Small Business Server 2003 Standard Edition
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Media Center Edition 2005 Update Rollup 2
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows NT 4.0
  • Microsoft Windows Millennium Edition
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows 95
  • Microsoft Outlook 2002 Standard Edition
  • Microsoft Outlook Express 6.0
Keywords:
kbmsccsearch kbpubtypekc kbfirewall kbvirus kbhowto kbenv kbinfo KB12997


Continue reading...

Win32/Sality Remover description

A useful tool for deleting the Win32/Sality virus from your computer

Win32/Sality Remover will allow you to easily clean the virus infection from your PC. All you need to do is download the three files and run the executable.

You can also specify the disks (or partitions) to heal as a command parameters, e.g.: "rmsality C: D:". If the command is used without parameters, it heals all disks (partitions) on computer.

Note:
Successful running of the remover requires administrator rights. For proper functionality of the remover it is necessary to save the rmsality.nt and rmsality.dos into the same folder as rmsality.exe. After the healing process please run the AVG Complete Test to make sure your computer is virus-free.

DOWNLOAD Win32/Sality Remover 1.1.0.153

Continue reading...

Selasa, 08 Juni 2010

avast! antivirus Home Edition 5.0.545

Avast Free 5, an A-list freeware antivirus app, provides the same steadfast protection of well-known, pricier antivirus programs. Avast is remarkable for both its effectiveness and arguably providing the most complete free antivirus on the market.

Avast Free 5, formerly known as the Home Edition, protects you with multiple guards. The antivirus, antispyware, and heuristics engines form a security core that also includes multiple real-time shields. The adjustable mail and file system shields join the pre-existing behavior, network, instant messaging, peer-to-peer, and Web shields. The behavioral shield is a common-sense feature, as security software publishers leverage their large user bases to detect threats early and warn others. Other new features include a silent-gaming mode and an "intelligent scanner" that only looks at changed files after establishing a baseline. The biggest change in Avast 5, though, is the interface. Gone is the music player default look, which was skinnable but confusing. In its place is a sleek UI that new users should find far more manageable. It's also Aero-friendly, with Explorer-style navigation buttons in case you can't remember where you tweaked a particular setting.

Avast's recent independent third-party testing has been notably solid, able to hold its own against better-known programs from Symantec and Microsoft. Avast 5 Free lacks features in the paid upgrade including antispam measures, a testing sandbox, a Script shield, and a firewall. Even without those, Avast Free 5 is probably the strongest, free antivirus currently available.

DOWNLOAD

Continue reading...

Detailed Description of Ansav 2.0.40

Ansav Ansav is a free antivirus utility designed to identify, thwart and eliminate computer viruses and other malicious software (malware).

ANSAV, abbreviation from Ans AntiVirus, ANSAV is an application that run on Windows XP, was made especially to handle various mallware like virus, Trojan and Spyware.

ANSAV was not the same as commercial Antivirus, ANSAV only designed as portable software and could be undertaken without needing the installation, because ANSAV not resident and only treated.

At this time ANSAV could have detected various newest local virus (Indonesia Viruses) and several foreign viruses that often circulated in Indonesia, but ANSAV could not be relied on as personal Antivirus because quite few viruses that could be detected by other Antivirus and was not detected by ANSAV, this was caused of the limitations Antivirus database (the virus definition signature).

ANSAV was developed in the Indonesian scope (local support only) although could have detected several foreign viruses, therefore your role to always send the sample of the newest virus that still could not be detected by ANSAV was really needed, so that ANSAV always became your mainstay weapon to eradicate the virus especially the local virus.

D0WNLOAD NOW

File size : 0.68 MB


Continue reading...

Senin, 31 Mei 2010

About Malware



Norman Malware Cleaner 2010.05.29

I use the word "malware" to refer to any code, script or software that has effects unintended by or prejudicial to the user; usually where these effects are hidden.

That is indeed broad enough to include certain commercial software (stealth registration, undisclosed adware, spyware, stealth installation of bundled apps) and device drivers (recurrent intrusions into startup axis, e.g. as part of DOS support). From a troubleshooting perspective, the process of cleaning up these commercial/driver issues is similar to cleaning up many worms and trojans, so for both practical and philosophical reasons it's appropriate to include them.

The traditional anti-malware approach is to run an antivirus application as 'underfootware' to recognize known malware via the "mugshot comparison" method. Heuristics (i.e. assessments of behavior) are also used, but as so many hi-level scripting statements are indistinguishable as to intent (every file system write or registry addition is a risk), I don't hold much faith for this.

Instead, I tackle the 4 E's directly. Where possible, I'd rather wall out a hundred or so risks than chase the recognition of thousands of malware, just as I'd rather burglarguard a few windows and doors than allow everyone in and count on recognizing known burglars when I encounter them in the house.

Enter

Primary entrance points are where the malware can enter a system, without requiring any pre-existing presence on that system.

Such entrance points are; human operators, removable disks in the boot process, files incoming via diskettes, LAN shares, downloads or email attachments, removable disks where AutoRun.inf is supported, data files (Office and HTML) where scripts are auto-executed, and finally hacking in through networks such as the LAN or Internet.

Escalate

Entrance may be in a setting where a limited range of behavior is possible, e.g. a script embedded in an HTML email that is running in 'Internet Zone', or a scripting language that places limits on what can be done. Escalation goes about extending the range of possible behaviors from whatever initial beachhead you have established; it is the very essence of hacking, and second nature to malware coders.

Escalation may exploit what I call "secondary entrance points", which are the system startup axis, application startup axes, and extensions of theses axes such as "magic name" and file association intrusion points.

Secondary entrance points are irrelevant within the narrow "Entrance" view, in that they cannot be exploited unless a primary entrance point has already been breached. But it is my opinion that one should never assume the latter will not happen, and look beyond the "can't happen here" view.

Extend

Extension is similar to escalation, except that it involves spreading from one system to another - it is the means by which the malware propagates itself. Not all malware do self-propagate; there are plenty of one-off attacks, which defeat both mugshot recognition and any heuristics that focus on spreading-type behavior.

Web sites and spammer's MILLION EMAIL ADDRESSES FOR ONLY!!! CDs allow non-propagating malware to be shotgunned out in a million "one-off" attacks, so the significance of this should not be underestimated.

The defining characteristic of viruses is that they extend by infecting other files or disks. Worms extend by infecting networks, and trojans by masquerading as desirable files so that the user extends them into their own system or allows them to survive on the assumption they are valid parts of the system.

A malware can do any of the above, which is why I no longer use words like "virus", "worm" and "trojan" if I mean malware in general.

Spread can be localized to the LAN, which is why I advise extreme caution in deciding what to share over networks, even if your own LAN is "closed" (no TCP/IP on LAN to expose systems directly to Internet)

Execute

The payload, the nature of which may terminate all of the other E's with the functional death of the host. One should place little faith that an environment or language will limit the scope of execution, unless you have made a thorough assessment of escalation possibilities from that environment or language.

Suffice to say, if you can write to the file system (even renames or copies is enough), add to the registry or other settings files, or launch other processes or files, your "sandbox" is leaking.

Microsoft

Microsoft have an abysmal record where understanding these simple concepts are concerned. In terms of what they offer their clients (i.e. disregarding how they interact with investors, competitors, staff, "business partners" etc.) this is the single biggest problem I have with MS; they either don't have a clue or don't care.

The worst examples are the autorunning macros in data files and HTML email, but I am also concerned about escalation risks posed by secondary entrance points. The reason why I have railed against "View as Web Page" so obsessively is that this is one risk that I have yet to be able to conclusively wall out of Win98.

Windows Millennium Edition

Windows Millennium Edition (ME) removes some secondary entrance points from the system startup axis, i.e. Config.sys and AutoExec.bat, and adds an "auto-repair" facility that could block malware that attempts to trojanise system code files.

But ME's "auto-repair" may be a mixed blessing, where it restores components that have been deliberately removed so as to manage escalation threats, e.g. WScript.exe, CScript.exe, SHSCrap.dll, Attrib.exe, FDisk.exe, Format.com and Debug.exe - however, there are ways around this.

ME has also missed some opportunities to correct stupid defaults; surprising, given the object lesson posed by LoveLetter and Kak. Outlook Express still defaults to sending and replying in HTML, interpreting HTML scripts within email text in 'Internet Zone', and allowing "safe" controls and Java to run within 'Restricted Zone' as it is defined by the default "high security" template.

Finally, the loss of true real mode boot (though this can be fixed) makes management of malware attacks and damage difficult (getting in before the malware code runs, tackling files that are "always in use"), including steps needed to overcome the "auto-repair" obstacle. It also encourages opening up a primary entrance risk that most savvy builders and users have closed for several OS generations; the infected bootable diskette.

Norman Malware Cleaner 2010.05.29
Server 1 Brothersoft(CDN for Global) Click to Download

Any problem in download link, please click Report Invalid Link.
Please scan with your antivirus software before installing. Read our Safety Policy here or contact us for virus report.
Continue reading...

Minggu, 16 Mei 2010

Avira security solutions

Integration examples

Logo IBM Systems Avira AntiVir certifies for IBM System Series p, Series i and Series z
Porting of the Avira security solutions AntiVir MailGate and AntiVir WebGate to IBM hardware platforms System p5, System i5 and System z9 for the IBM program. IBM Application Advantage for Linux (Chiphopper).


Logo Clearswift Avira AntiVir for Clearswift MIMEsweeper
Avira AntiVir provides professional malware protection for the MIMEsweeper product family from Clearswift, one of the furthest developed and most versatile content security solutions.
Logo AVM Avira AntiVir for AVM KEN!
The Avira AntiVir security solutions for KEN! can be seamlessly integrated in KEN! installations from AVM and offer reliable protection against viruses and spam including WebProtector.
Logo SAP Certified Integration AntiVir Virus Scan Adapter (for SAP Solutions)
The Avira AntiVir Virus Scan Adapter (for SAP Solutions) was developed for the NetWeaver platform and offers SAP customers in this environment the possibility to use the professional Avira AntiVir security technology to detect and combat malware and thus achieve a high degree of security.

Logo GROUP Technologies Avira AntiVir for IQ.Suite
The iQ.Suite from GROUP Business Software AG is the leading program package for the implementation of email lifecycle management. For the IQ.Suite module Watchdog, Avira provides professional protection for all incoming and outgoing emails.

Logo GeNUA AntiVir for GeNUGate
GeNUA (Gesellschaft für Netzwerk- und Unix-Administration) specializes in the security and support of corporate networks. The GeNUGate product family includes the multi-stage complete firewall systems GeNUGate and GeNUGate Pro. Both solutions are equipped with Avira AntiVir malware protection on request.


System Integration

Avira security solutions enable third-party suppliers to easily integrate the AntiVir technology, proven a million times over, in their own software and hardware solutions. Users can use the complete scope of services for virus and malware defense and for system and data recovery. The Avira integration software is available in specially optimized versions for integration in Unix and Windows platforms and in both versions provides comprehensive sets of functions, protocols and documentation.

1.Technology integration

Solutions for efficient defense against viruses and malware create value added for your software or hardware products and reinforce the confidence of your customers. Integrate one of the best virus scanners available with the specially optimized AntiVir Scan Engine. A SDK (software development kit) is available for integration.

2.OEM bundling

You can perfectly integrate Avira security solutions – for example for malware protection of email and Internet communication – in applications and hardware products and thus achieve useful additional security for your customers.

3.Co-branding/re-branding

Avira AntiVir is one of the most reliable and well-known brands on the security market – not least thanks to the more around 100 million satisfied users worldwide. Take advantage of the strength of this brand for cobranding or re-branding – we will support you.

4.Customized solutions

Benefit from the experience and innovation of Avira for individual security solutions that are specially tailored to the needs of your customers.

Internationally operating IT corporations trust in the expertise of Avira to protect their customers. They have already successfully integrated Avira security solutions in their product and service portfolio.
Continue reading...

Most Frightening 10th Computer Virus

VBScript type virus attack is still very high, it is evident from the many reports that complain about these types of script viruses. One virus that shot high into the first sequence is Discusx.vbs. If you still remember with these viruses, the Virus Top-10 March 2008 edition of the past, viruses Discusx.vbs ranked fifth, but this time he sped up to the first sequence. The following list details:

1. Discusx.vbs
VBScript viruses on this one, have a size around 4800 bytes. He will try to infect the multiple drives in your computer, including flash disk drive, which if infected shall make autorun.inf file and System32.sys.vbs on the root drive.
2. Reva.vbs
Again, the virus types that VBScript pretty much complained of by some readers. He will try to spread itself to every drive on your computer including flash disk drives. On the drive there will be infected reva.vbs files, autorun.inf, and shaheedan.jpg. In addition, he will change the default page of Internet Explorer that leads to http://www.arrahmah.com site.

3. XFly
PC Media Antivirus recognizes two variants of this virus, namely XFly.A and XFly.B. Just like most other local viruses, he created using Visual Basic. Has amounted to 143 360 bytes in body size without being compressed. And he may be disguised as a folder, MP3 files with WinAmp or any other way directly change the existing icon resource to its body. This will make more difficult for ordinary users in recognize. On infected computers, when running Internet Explorer, its caption is changed into x-fly "..:: ::..", and when starting Windows will appear the message from the maker of the virus in the default browser. Or every time show at 12:30, 16:00, or 20:00, the virus will display a black screen that also contains messages from the virus creator.

4. Explorea
Viruses that are compiled using Visual Basic comes with a size of about 167 936 bytes, without being compressed. Using the standard Windows folder icon similar to defraud victims. This virus will attack your Windows Registry to change the default open from a few extensions such as. LNK,. PIF,. BAT, and the. COM. On infected computers, certain times when the error message sometimes appears, for example when opening the System Properties.

5. Gen.FFE
Gen.FFE or manufacturer named Fast Firus Engine is one of the program Virus Generator locally made. By simply using this program, did not take long to create a virus / new variant. Viruses of the output of this program icon-like images using standard default Windows folder. He will block access to Task Manager, Command Prompt, and also eliminate some of the menu in the Start Menu. He also will read the caption of the current program, if there are strings associated with the antivirus program will soon be closed to him.

6. Empty
Viruses are also created using Visual Basic and had a folder icon has a size of about 110 592 bytes, without being compressed. There are so many changes that he has made in Windows, such as the Registry, File System, etc., which even can cause Windows can not be used as appropriate. On a computer that is infected by this virus, when starting Windows will display a message from the virus creator.

7. Raider.vbs
This VBScript virus type size of approximately 10 000 bytes, if the virus file is opened with Notepad for example, it is not a lot of strings that can be read by the encrypted condition. In the Registry, he also gave recognition to create a new key in HKLM \ Software with same name as the name of the computer name, the contents of a string value such as a virus, Raider, and the date the first time the infected computer.

8. ForrisWaitme
Viruses are created with Visual Basic uses the standard Windows folder icon similar to disguises. Some ulahnya is exchanged with the left mouse button function right, removes the Folder Options menu, create a file the message "read saya.txt" on the drive is infected, and there are still others.

9. Pray
Local virus was created using Visual Basic. We found two variants of this virus, for Pray.A variant has no icon, while for variant Pray.B using the icon-like Windows Explorer. If the computer is infected by this virus, while at the computer clock shows 05:15 AM, 13:00, 16:00, 18:30, or 19:45 and, this virus will display a message reminding the user to perform the prayer.

10. Rian.vbs
This VBScript virus has a size of 3788 bytes. When infecting, it will create new files autorun.inf and RiaN.dll.vbs on each root drive that is installed on the victim's computer, including the Flash Disk. Computers infected by this virus, caption of Internet Explorer will change to "Rian P2 Cantiq PR
Continue reading...

AIR (Adobe Integrated Runtime), a New Way Internet access as well Desktop

Adobe's latest re-launch the application which is surprising, because it can incorporate a variety of Internet access and multimedia applications into a single container. Containers are labeled by the Adobe AIR which stands for Adobe Integrated Runtime. AIR provides convenience for the user to access various Internet access and multimedia needs daily with enough run an application interface. Even more interesting is the AIR, the application can retrieve files from both local and Internet desktop in a similar way to then proceed to use a special file system. Thus, the user will hardly find a significant difference between accessing files from local desktop or from the Internet, because the user does not need another browser to search for data on the Internet.

AIR runs on Windows platform, although the development is also designed for MacOS. While for the Linux version will be released soon. To use the AIR, users can medownload first at http://labs.adobe.com installer for free, then install it on the computer. After all the installation process is complete, users can directly use it. Even more interesting, AIR does not include entry into the Windows registry, and did not use the library's Windows, so the bit does not affect the stability of Windows, not even no effect at all on Windows at the time of uninstall.

At the time of operation, the Adobe Integrated Runtime is working with three basic components to process data from the desktop and the Internet. The third component consists of the WebKit engine that functions as HTML, Flash Engine that functions almost like a Flash Player and SQL Lite.

As the software that runs with two input data, from the desktop and the Internet, the Adobe Integrated Runtime is taking preventive measures security by not letting any one application is installed without the user's knowledge. AIR confirmation process is always executed to secure existing systems will occur when the installation process.

Basically, the application called the Adobe Integrated Runtime is very interesting, because the user will be able to bridge the needs of a future application, where the user can access data from desktop and online Internet simultaneously. In other words, the Adobe Integrated Runtime is also a reflection of Web 2.0 application development with huge potential. (Dna)
Continue reading...

Local Eradicate Virus Manually

Faced with a variety of computer virus attacks - with OS Microsoft Windows, of course - most people will figure out how to get the latest antivirus and anti-virus for certain local viruses because most antivirus software can not detect it. In contrast to a very general way of thinking, I offer an alternative solution to deal with local virus that is Eradicate manually.

Viruses are programs / applications (= series of commands) that can reproduce themselves. Most programmers make these viruses as a series of commands that infiltrated into the ranks of the commands in other applications. Certain viruses can be programmed even sneak in the master boot record or specific sectors in the disk with special protection without being able to recognize the user as a file. Unfortunately, this clever work does not apply to most local viruses whose existence is very striking and inviting hostility.

Based on this weak point we can locally eradicate the virus manually. There are two common references in combating the virus manually, stop running the virus and eliminate viruses. Based on these two points are you can develop your own strategy depending on the case that you are facing.

Part I: Stop Running Virus

To attack the virus that created by Visual Basic (VB) - fortunately most of the local virus was made in VB - you can stop the virus running through 'remove' msvbvm50.dll and msvbvm60.dll which is in the directory c: windowssystem32 which is a virtual machine from the program -a program created in VB. The word 'remove' can be realized in various ways depending on the circumstances or the taste, which is removed (not recommended), moved to another folder, or replaced with another name. Also how can be done in various ways depending on the level of virus attacks from using Windows Explorer, command prompt on windows emulator (when the virus disable windows explorer), nor have to run windows in a fashion 'save mode with command prompt only' by pressing F8 on initial startup windows to display the startup menu. If the virus is still running, meaning the virus is not made in VB and to carry out the next steps you need to use Linux or another OS that is not installed emulator for windows programs.

Part II: Removing Viruses

To eliminate the viruses that you should do is gather all the files with the entry application via the find *. exe name, to identify applications which is a virus, and delete them. If you find the menu has been disabled by the virus, you can memanggilnuya by pressing F3 (much easier than having to edit the registry editor). Denouncing the program as a virus depends on the experience and your instincts, because its characters can be quite varied, but that should be the touchstone is that you are looking for things 'not as a proper and is in the proper place' or hidden impressed. Applications with the Microsoft Word document icon or folder icon could be adjudged as the virus directly, but any application with the usual icons should you suspect if you are not sure anyone ever move there. To minimize the scope, you also need to pay attention to the file size because many viruses that each have the same file size.

The applications that you have a verdict as the virus must be removed immediately by pressing the SIFT + delete. Previously, make sure all your data has been saved by copying the contents of documents and in-paste elsewhere in the state of virus is not runnig. Congratulations action.
Continue reading...
 

Patron Computers And Mobile Phones From Viruses Copyright © 2009 Not Magazine 4 Column is Designed by Ipietoon Sponsored by Dezigntuts