IClean is a portable application that can be run from anywhere including a portable drive or device. The computer program will then display information about the computer system in six tabs that are accessible on top of the interface.

• Processes: Displays all running processes with the option to check processes and kill them or kill and delete them.
• Services: A list of all running services with the option to delete multiple services at once.
• Registry: Several security sensitive Registry settings are displayed here including programs that bypass firewall rules, toolbars and browser helper objects with the option to repair, backup and restore settings.
• Startup Folders: Displays a list of startup items that are loaded during system start with the option to enable, disable or clear them.
• Hosts: The Windows hosts file that is used by malware to redirect Internet traffic.
• Advanced: Option to terminate a known process ID.

Several of these options could come in handy after a sucessful malware removal on the computer system. IClean is available at the developer’s website and compatible with all Windows operating systems from Windows 98 to Windows Vista (and probably Windows 7 as well).

Related posts

• What You Should Do After Buying A New Computer System (18)
• Computer Virus Effect Remover (11)
• Youtube Video Search Is A Barebone Youtube Downloader (2)
• Xkcd Comic Wallpaper Changer (2)
• Wireless Networking Software Homedale (13)

These things seem to happen regularly and it is not only laptops that are affected by this. We have seen malware on appear virtually anywhere where it can appear in the last years, even on music CDs from a well known company. This leads to the interesting question on what users can do to ensure that their computer system is not already infected by malicious software.

Security companies advise to scan a newly purchased computer system thoroughly before starting to work with it. They also suggest to stay offline during the procedure which can sometimes be problematic if the computer system is the only available at hand. The virus definition files of antivirus software that is already installed on the computer system is usually outdated and might not catch the virus. The same is true for antivirus software that is purchased in stores.

Security experts therefor suggest to download the virus definitions for the antivirus program from a different computer with Internet access. That’s problematic if there is only one computer system available. Solutions for this might be to visit friends, go to an Internet Cafe or computer shop to download it from there.

Which leads to the question: What do you do after buying a new computer system?

Related posts

• Recover Computer System After Malware Infection (7)
• Web Browser Have Impact On Battery Life (1)
• Turn Off Computer Hardware With A Single Click (6)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Say no to Drugs Virus (0)

The Open Source software can aid the user in removing effects from the Windows file system and the Windows Registry. One of the main functions of it is that it can re-enable access to the Windows Taskmanager, Registry Editor, MSconfig and the Process List.

Other options include process details that can be used to kill any running process including files that are currently in use by it. These processes and files can be added to a blacklist so that they will not be executed anymore even if they try to do so automatically.

The program provides additional options to create or restore a Registry backup, check system files and to repair AutoRun options.

Virus Effect Remover can be a helpful program to remove traces of malicious software.

Virus Effect Remover

Related posts

• Recover Computer System After Malware Infection (7)
• Xkcd Comic Wallpaper Changer (2)
• Wireless Network Scanner inSSIDer (3)
• Windows Tabbed Browsing (4)
• Windows Run Aliases (8)

Users who followed the advice of the AVG software program were greeted with a Blue Screen of Death as soon as they clicked on the Heal button to remove the virus. Any attempts to boot the system afterwards failed because of the missing file. AVG was quick to react and released another update that corrected the issue.

This does not help those users who already cleaned the file in Windows. Here is the official information on how to fix the system for those users:

The system can be restored by following the steps in one of the comments on forum (using safe mode or recovery console and copying c:\windows\system32\dllcache\user32.dll into the right location)

If you need to restore deleted files from AVG Virus Vault you can do it this way:

- Open AVG user interface.
- Choose “Virus Vault” option from the “History” menu.
- Locate the file that was incorrectly removed and select it (one click).
- Click on the “Restore” button.

A possibility would have been to cross-check the detected virus with another anti-virus software or an online virus scanner to be sure that it is indeed infected before deleting the file.

Related posts

• Clam Win Antivirus (3)
• AVG-Antivirus will continue to be free (2)
• Antivirus Test (5)
• What You Should Do After Buying A New Computer System (18)
• Test your Anti-virus program (10)

The DLL Remover works by pointing the application to a dll on the system which initiates four actions in the software. It searches for infected threads, deleted infected files, deletes entries in the Windows Registry and restarts the computer at the end to complete the operation.

UnDLL (via Techtrends) can be dowloaded from the Italian ESET (Essential Security against Evolving Threats) website only.

Related posts

• What You Should Do After Buying A New Computer System (18)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Say no to Drugs Virus (0)
• Remove old dll files from your system (7)
• Recover Computer System After Malware Infection (7)

An Internet connection is needed on the other hand to perform the scan which sometimes can be a problem if the system is not booting into the operating system. A Live CD could help but many Online Virus Scanners demand the Internet Explorer which is obviously unavailable on Linux systems.

Online Virus Scanners can be used to get a “second opinion” without having to install another anti-virus software on the computer. It is probably a good idea to use as many of the virus scanners as possible if it is suspected that the system was infected by a virus. Below is a list of services that provide access to online virus scanners.

Bitdefender Online Scanner – requires Internet Explorer 4+

Eset Online Scanner – requires Internet Explorer

F-Secure Online Scanner – works only with Internet Explorer 6+

Kaspersky Free Virus Scan – browser independent, downloads roughly 25 Megabytes of files prior to scanning. User can select locations to scan. The scanner does not remove infected files.

McAfee FreeScan – requires Microsoft Internet Explorer 5.5+

Microsoft OneCare Live – requires Internet Explorer.

Panda ActiveScan – requires Internet Explorer or Firefox, does not run in Opera.

Shields Up! – browser independent but very slow and unresponsive currently.

Symantec Security Check – down or gone.

Trendsecure HouseCall – Java based scanner, works with Java compatible browsers.

Windows Security – Trojan scan that requires Internet Explorer 5+

File Scanners:

Avast Online Scanner – file size limit of 512 Kilobyte

Virus Scan – file size limit of 10 Megabyte.

Virus Total – email upload option, 10 Megabyte file size limit.

Do you know any other services where users can scan files or the computer ?

Related posts

• What You Should Do After Buying A New Computer System (18)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Say no to Drugs Virus (0)
• Recover Computer System After Malware Infection (7)
• Norton Antibot Free 1 Year License (15)

The offer this time was directed at the readers of the German computer magazine Computer Bild which would receive a free one year license of the software Norton AntiBot if they purchased the magazine. Unfortunately though the link to generate the serial number leaked and is now available on the Internet.

I discovered it at Raymond’s excellent blog. To receive the free one year license you need to visit this official Norton page. Enter your email address in the form field, check the Ich akzeptiere box and click on the Gratis Produktschlüssel Anfordern button which will send the serial number to the mail address that you entered in the form.

Now download Norton Antibot in the meantime and activate the product with the serial number that you have received in your inbox. The serial number works with the English version – and probably every other language version – as well. The link above points to the English version of Norton Antibot.

Related posts

• True Crypt 6 released (3)
• Protect Files in Windows by locking them (6)
• Open Ports 1.0 (2)
• List all Recently Accessed Files (7)
• HijackReader analyse HijackThis results (6)

The problem with the Say no to drugs virus is that most virus scanner still do not detect it. Extensive information about this virus is available on the Precise Security website. If you suspect that your computer is infected with this virus you need to download the (free) Ewido Micro Scanner and perform a scan of your system. Remove the entries found and remove the entries of the virus as an autostart entry (autoruns comes in handy) and kill the tasks associated with the virus as well.

I was not able to find out if other products like Spyware Terminator or the various anti-virus applications like Antivir would be able to find and remove the Say no to Drugs virus. I was not infected with it but I guess they should be able to if you consider the fact that the removal procedure at the Precise Security website was posted in January.

Related posts

• Which Programs Should I Run To Scan A Computer For Malicious Software? (13)
• What You Should Do After Buying A New Computer System (18)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Rootkits: Sony does it again (3)
• Recover Computer System After Malware Infection (7)

Some of the key elements of both documents were the following:

The installation of the Skype trojan could be by email or by the police in the apartment.
The software could be updated, extended and removed without leaving traces on the system.
Data would be send through a computer located outside German jurisdiction.
Access to internal settings of the Skype client and access to SSL-encrypted websites.

The two zipped PDF documents contain information about the company that designed the Trojan, the costs of the Trojan and the federal agencies. The second document contains detailed information about the technique used to eavesdrop on communications, especially what the so called Skype Capture Unit does.

The Skype Capture Unit is installed on the client’s system, capable of recording voice and chat among other things, and directs the data to a recording server. A Recording proxy was not part of the offer but would be possible to install as well. Members of the police would be able to access the data on the recording server in real time.

The document further mentioned that Skype Capture Units were only available for Windows XP or Windows 2000 at the moment.

Besides offering the Skype Trojan Digitalk also offered Man in the Middle attacks on SSL encrypted web traffic if the client would be using Firefox or Internet Explorer.

The costs for the operations are the following:

Skype Capture Unit €3500 per month
Installation of Unit €2500 once
Man in the Middle Attack €2500 per month

You are currently safe if you use Windows Vista, Linux or have a Mac. You are safe with Opera or Safari.

The question that a lot of people in Germany are currently asking are about the low costs of the software. Some see it as an indication that there had to be an agreement to use those units on a large scale.

Before everyone else says: Yeah, that’s Bavaria, part of Germany. I live in XXX, why should I care ? I would like to point out that other countries are most likely using techniques like that as well. Or, they simply ask Skype for assistance which is possible if you read the Skype Privacy Statement:

Please be informed that, notwithstanding the abovementioned, in the event of a designated authority lawfully requesting Skype or Skype’s local partner to retain and provide personal data, communications content and/or traffic data, Skype and/or its local partner will provide all reasonable assistance and information to fulfil this request.

Related posts

• VoxOx Unified Messaging (3)
• Time To Look For A Skype Alternative (3)
• Skype VOIP Recorder (12)
• Skype Voice Changer (13)
• Skype Translator (3)

The premium version of AntiVir sells for €19.95 (that’s Euro) usually and adds protection against spyware, adware. pop3 email protection and fast updates through premium servers in comparison to the free version. Both versions protect against viruses, dialers, phishing, worms, trojans and rootkits.

Make sure you fill out the form above and download the Personal Edition Premium from the Avira servers.

Related posts

• AVG-Antivirus will continue to be free (2)
• Another Antivir free premium promotion (2)
• Free McAfee VirusScan Plus 2008 (24)
• Antivirus Test (5)
• What You Should Do After Buying A New Computer System (18)

The discovery was first reported by Websense on their website and several anti-virus applications have already been updated to counter this attack.

The interesting aspect in my opinion is that hackers are very quick to react on global events that trigger lots of searches for a specific subject in a short time. It took them less than 24 hours to prepare hundreds of websites with the malicious Javascript code and make it into the top 10 for several related search terms.

The Why is obvious. There is always a massive increase in searches when events that are of global interest happen. This can be assassinations, wars or catastrophes for example. The more users search for a subject the higher the chance that they will land on a prepared website.

Protecting yourself:

Here are some thoughts on how to protect your computer from falling into this trap.

• Use the excellent Firefox add-on NoScript which disables Javascript on all websites except on those that you whitelist.
• Visit trustworthy news websites only. The problem here is that you might miss good articles written by bloggers or new websites who rank highly on a subject. If you have to visit those sites be prepared. Turn of Javascript and other scripting languages before you visit those sites.
• Keep your operating system updated. This is one of the most important rules. Update your system with the latest security patches
• Don’t use Internet Explorer. Switch to another browser for increased security
• Don’t log into Windows as an administrator

Can you think of anything else ? You could use a virtual PC or a tool like Sandboxie whenever you surf the Internet.

Related posts

• Windows Worms Door Cleaner (2)
• Trend Micro RUBotted (5)
• Norton Antibot Free 1 Year License (15)
• Kaspersky Rescue Disk (2)
• Introduction Series Part 4: Cookies (0)

According to their statistics which are updated when scanning computers 10.90% of all PCs scanned were infected. PCs with Antivirus installed had a infection rate of 8.62% while PCs without Antivirus were infected 14.56% of the times.

Infected or Not displays the rate of infected PCs using a Google Maps mashup. France for instance is the country in Europe with the highest amount of infected PCs (16.41%) while Sweden (4.17%) and Germany (5.33%) have the least amount of infections. The United States has an infection rate of 10.34 btw.

The scan works with Firefox after installing an add-on which can only be uninstalled from the default installation location which is at C:\Program Files\Panda Security\NanoScan. Execute the file nanounst.exe to uninstall it again.

Antivir reported a trojan during installation and execution which can be considered a false positive. In case you are wondering why I have Antivir installed, I did not test this from my main computer.

Related posts

• Why Hackers take advantage of global events (0)
• Clam Win Antivirus (3)
• What You Should Do After Buying A New Computer System (18)
• Virus Total Uploader (2)
• Test your Anti-virus program (10)

After clicking Start Play the image of a women on the left side and a captcha on the right is displayed. The program asks the user to enter the captcha to see another picture of the woman with less clothes on. After entering the captcha correctly and clicking on enter the Trojan loads another picture and captcha asking the user again to type the correct code to see Melissa strip even more.

You might have already guessed that the captcha is actually the captcha of another website, Yahoo for instance, and the Trojan uses the help of users to enter those captchas correctly on those websites. Captchas are used to tell human users from bots apart and make it more difficulty to create automatic process to signup or submit data.

The Trojan does not seem to cause harm on the users system. It simply uses him to create correct responses to captcha codes that are used to create accounts on websites like Yahoo Mail.

Trend Micro reports that the Trojan most likely arrives as a file downloaded by other malware on the system. It could also be send as an email attachement.

Related posts

• What You Should Do After Buying A New Computer System (18)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Say no to Drugs Virus (0)
• Recover Computer System After Malware Infection (7)
• Overview of Online Virus Scanners (5)

One way to cope with the situation would be use the freeware Pocket Killbox which deletes selected files before the next system start. Simply start Pocket Killbox and navigate to the file that was identified as a virus. Select delete on reboot and hit the red X icon on the upper right corner of Pocket Killbox. It will prompt for a reboot, select yes and the virus should be automatically deleted during startup.

Just perform a second scan to make sure the virus was really deleted b Pocket Killbox. Another way would be to use the great free program Unlocker which will kill every process that is keeping the file busy. This would mean that you can delete the file in Windows directly without rebooting your computer. It might however have problems with some special system files that have been infected.

Just try both methods and start with Unlocker. Reference to Pocket Killbox first seen on Technibble.

Related posts

• Clam Win Antivirus (3)
• What You Should Do After Buying A New Computer System (18)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Say no to Drugs Virus (0)
• Recover Computer System After Malware Infection (7)

This however is not the real danger of this Trojan. While the Trojan displays the message and plays a song it is deleting files in the background. It apparently targets many important files types such as exe, bat, xls, mp3 and mbx. This could mean that it deletes your mailbox, some important excel spreadsheets and executables that are needed to run the system at all.

It was first suspected that a copyright holder was responsible for the creation and spreading of the Trojan but I think this theory is highly unlikely. I’m not familiar with Japanese laws but I don’t think it would be ok to fight fire with fire in the land of the rising sun.

The Trojan seems to be clearly targeted at certain user groups which is a fair assumption if you consider the looks and feels of it.

Users should be aware that it is always dangerous to run unknown programs even with an up to date firewall and antivirus solution. It is always better to stop the urge to run a program and be on the safe side than to run it and face consequences like deleted files.

source: zeropaid

Related posts

• Youtorrent (2)
• What You Should Do After Buying A New Computer System (18)
• Torrent2exe makes Bittorrent a tad easier (4)
• Tired of fake torrents ? Block the sources (8)
• The Piratebay To Introduce Paid Subscriptions (14)

GRISOFT is announcing a new version of the AVG Anti-Virus Free Edition. This new 7.5 version with improved performance and full compatibility with the latest Windows Vista version is available. Users that are using AVG Free 7.1 will be provided with a specific dialog, within the next few weeks, with the opportunity to choose the right option fulfilling their needs. AVG Free 7.1 version will be discontinued on 15th of Jan 2007. 

In case that you are still looking for an antivirus solution other than AVG Free I recommend Antivir which is completely free for personal use. I have been using Antivir for some time now and have not encountered serious issues as of now. I would say that a successful solution depends more on the user behind the keys than on the antivirus program that he is using.

Related posts

• Antivirus Test (5)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Clam Win Antivirus (3)
• Astalavista Top 10 Freeware Tools (2)
• Anti Virus Software Removal Tools Overview (10)

They used one virus file which is about 50 megs unzipped and contains more than 10000 virii. The software that found the most got their recommendation which is not the best criteria if you ask me. There should be other factors like system resource use (never use Norton if you want a fast system), updates, type of virii found aso. But its a good test to see how your favorite AV handles this infested files.

Related posts

• AVG-Antivirus will continue to be free (2)
• Test your Anti-virus program (10)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Free Kaspersky Anti-Virus for 1 year (59)
• Clam Win Antivirus (3)

The interesting part is the analysis of the mail. He dissects every part of the message and of course takes a look at the email header as well. The analysis ends with an advice (which he puts at the beginning of his essay) which should be common sense nowadays.

1. You need effective technology to protect you from the many unscrupulous people out there on the Internet who want to damage your systems, scam you or generally subvert your computing resources for their own ends.

2. Security via technology alone is not sufficient to combat the cyber criminals who are out to get you, your business, and your computers. You need to be aware of what is going on around you and take control of the situation before you are compromised. Just as Ignorance of the law is no excuse, ignorance of your computing environment can also land you in deep trouble.

My personal suggestion for you is to switch to a secure email program if you are still using Microsoft outlook. Mozilla Thunderbird, Opera Email and many others are not attacked that often and have better options to improve security.

Related posts

• What You Should Do After Buying A New Computer System (18)
• Test Avira AntiVir PersonalEdition Premium for 6 months (10)
• Say no to Drugs Virus (0)
• Recover Computer System After Malware Infection (7)
• Overview of Online Virus Scanners (5)

The program is easy to download and install which is also a plus, just download, double click on the downloaded tool and you are ready to go. You have the option to include different languages, the source and add windows explorer and outlook integration. I´am not using Outlook so I removed this option and left everything else untouched for now.

The user interface is a basic one, you don´t have all the nifty graphics most other antivirus programs use. Clam is simply in that way, but its also fast due to this. I don´t care about looks if a program does what I expect it to do, but I know there are lots of people who like a resource eating monster like Symantec Internet Security more than a freeware program without the cool animated effects.

You have lots of configuration options, you can set filters, email alerts, schedule scans and use a proxy for the automatic internet updates if you like. Automatic updates are a great plus for Clam, my current antivirus software that I use (AVG) does not have automatic updates, you have to start the updates manually which is a great hassle. Especially when you don´t know if there has been a update at all.

What I don´t like about Clam is that its only having a plugin for outlook which is the most used email software of course but should not be used by anyone serious about making his pc more secure.

I can recommend Clam Win especially to users of Microsoft Outlook and users who tend to forgot to check for internet updates of their antivirus software. Resources accessed are minimal which is also a good thing for an anti-virus product.

Related posts

• AVG-Antivirus will continue to be free (2)
• Norton Antibot Free 1 Year License (15)
• Can’t delete virus ? Try Killbox (3)
• AVG 8 Update Marked User32.dll As Virus Infected (25)
• Antivirus Test (5)

I will explain the basics of securing your computer, will tell you what you need to secure it and give you alternatives if there are any. But first of all, all programs that I name will be freeware or open source. We want a secure computer but don´t want to pay hundreds of $$ for it. There will also be some geeks who will comment that program XY is way better and pro than the program I named and that only people with no security understanding whatsoever will use. Don´t listen to them, there are many factors that play a role in selecting a suitable software. I tried to find the best mix between security and user friendliness.

I will recommend the following type of programs for your personal computer: Anti-Virus, Anti-Spyware, Rootkit Checker, Autorun Checker and Process Checker.

Wait, no Firewall ? Yes no firewall, I will give you a short answer why there will be no firewall. This seems unusual but just wait a little more and you will know.

Before we start, let me give you a short advice. Running all these tools in the background does not make your system secure. Its more secure yes, but not totally. Therefor you should still use common sense when you do something on the internet, e.g. don´t click on mail attachments that are unknown to you aso.

Lets Start:

Anti-Virus:

There are unfortunately thousands of free anti-virus products out there, what we need is the following. It should be up to date, have internet updates and use few resources.

I suggest Antivir Personal Edition, its free, always up to date, uses only few resources and has a very good virus recognition rate. Alternatives would be Avast Antivirus and AVG Free Edition

Anti-Spyware:

Ad-Aware SE Personal, small and good, enough said. As an alternative Microsoft’s own Spyware Tool.

Rootkit-Checker:

Everyone knows about Rootkits since the Sony debacle but only a few know how to check their pc for a rootkit. Rootkit Revealer from Sysinternals does the job. Run this tool from time to time, its not necessary to run it all the time.

Autorun Checker:

There are numerous places that can hold programs that autorun at startup, its a hassle to check them manually. Run a autorun checker from time to time to check on all places and programs and disable the ones you won´t need. Your system will probably boot faster if you disable some.

I suggest Autoruns 8.4 from Sysinternals.

Process Checker:

Process Explorer from sysinternals tells you which handles or dll process have opened or loaded, small great tool.

No Firewall ?

The reasoning behind this is pretty simple. A software firewall gives the user a false sense of security. If you look up bugtraq for example you see lots and lots of firewall vulnerabilities. Every software that runs on your system raises the danger of exploits and backdoors. Many trojans and worms already know ways to bypass firewall systems and use save routes (that means use programs that are safe to use for the firewall) to execute their malicious code.

Another problem that occurs is that if a malicious tool is installed with admin rights it could alter firewall functions. You find a simple code on netfirms.com that does press the YES button of Zonealarm automatically. There are of course other more serious possibilities.

The conclusion would be, that firewalls are not secure and malicious code can find ways around the firewall and even manipulate it. Therefor i suggest you don´t use a firewall but do something different.

I suggest you download this small tool called Shutdown Windows Servers and run it on your system. This should be sufficient to avoid most of the nasty worms and trojans that float around lately without the use of a firewall. .Common sense of course applies

Related posts

• AVG-Antivirus will continue to be free (2)
• Astalavista Top 10 Freeware Tools (2)
• Zombie City Tactics (0)
• Why Hackers take advantage of global events (0)
• Who is connected to your pc right now ? (6)