Wednesday, October 15, 2008

Norton AntiVirus 15.5.0.23


Title:Norton AntiVirus 15.5.0.23
Filename:NAV081550.exe
File size:62.10MB (65,119,392 bytes)
Requirements:Windows XP/2003/Vista/XP64
License:Commercial Trial
Date added:March 22, 2008
Author:Symantec
www.symantec.com
www.symantec.com/home_homeoffice/products/overview.jsp?pcid=is&pvid=nav2007
Homepage:www.symantec.com/hom...id=is&pvid=nav2007

Symantec - 62.10MB (Commercial Trial)
Stay protected with the world's most trusted antivirus software.

Whether it's while you are surfing or chatting, emailing or file swapping, Norton AntiVirus wards off a host of Internet threats. It automatically detects and removes viruses, rids your computer of unwanted spyware, and scans email and IM attachments for threats.

  • Detects and removes viruses and spyware
  • Blocks spyware and worms automatically
  • Prevents virus-infected emails from spreading
  • Finds and removes hidden threats
  • Includes protection updates and new product features as available throughout the renewable service period
  • On-going Protection keeps your computer protected from the latest Internet risks by automatically renewing your subscription at the regular subscription price (plus applicable tax), so you don't have to.
This version is a free 15 day trial.

3 steps to fight Malware


1 . Malwarebytes' Anti-Malware is a full-blown anti-malware program that has recently left the labs and can be considered the next step in the detection and removal of malware. Malwarebytes Team put together a host of new technologies that were specially designed to quickly detect, deter and destroy any malware that could reside in your computer.

Malwarebytes' Anti-Malware monitors every process and actually stops malicious processes before they even start. It uses an impressive technology that is in fact a completely novel way of heuristic scanning and it is the teams response to the increasingly complex malware threats. And, as they did with Malwarebytes' RogueRemover we also have added a threats center. You can simply check online which pests are removed the most and thus are the most prevalent.

Download: Malwarebytes Anti-Malware 1.27
Homepage: Malwarebytes


2. SUPERAntiSpyware is an anti-spyware program that is known for taking care of a majority of malware that most other scanners miss. Besides protecting the browser's home page, it can repair more than 20 other settings that malware change to reduce a system's security. These include restoring the security settings for the Internet Explorer Internet Zone, restoring the normal Windows Explorer Shell, and restoring access to the Windows Task Manager.

Download: SUPERAntiSpyware 4.21.1004




3. FREE Dr.Web CureIt! Utility
Version 4.44 - advanced protection

This is a FREE anti-virus and anti-spyware utility based on Dr.Web Anti-virus scanner, which will help you quickly scan and cure,

Dr.Web CureIt! detects and removes
* Rootkits * Mass-mailing worms * E-mail viruses * Peer-to-peer viruses * Internet worms * File viruses * Trojans * Stealth viruses* Polymorphic viruses * Bodiless viruses * Macro viruses * MS Office viruses * Script viruses * Spyware * Spybots * Password stealers * Keyloggers* Paid Dialers * Adware * Riskware* Hacktools * Backdoors * Joke programs * Malicious scripts * Other malware*

Site http://www.freedrweb.com/cureit/
Below is the direct link save it to your computer and then run it.
ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe

Free Tools for Fighting With Malware

Try this software's to detect any kind of malware in your system.

Anti-Virus:
Avira AntiVir PersonalEdition Classic
AVG Anti-Virus Free
Free avast! 4 Home Edition

OnLine Anti-Virus:
Trend Micro
Panda Software
F-Secure
ESET

Anti-Malware:

Malwarebytes' Anti-Malware
Dr.Web CureIt

OnLine Trojan Scan:
TrojanScan

Spyware/Adware Tools:
Spybot S & D
IE-SPYAD
MVPS HOSTS File
SpywareBlaster
HijackThis

Firewall:
Sunbelt Personal Firewall
ZoneAlarm firewall
Agnitum Outpost Free

Tutorials:
How did I get Infected?
Internet Explorer Privacy & Security Settings

Sunday, October 12, 2008

Dr. Web CureIt

We need to run a system scan with Dr. Web CureIt (Dr.Web CureIt tutorial)
  1. Please download DrWeb-CureIt & save it to your desktop.
    DO NOT perform a scan yet.

  2. Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode". Do not select "Safe Mode with Networking" or "Safe Mode with Command Prompt".

  3. Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.

  4. Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.

  5. Once the short scan has finished, Click Options > Change settings

  6. Choose the "Scan tab" and UNcheck "Heuristic analysis"

  7. Back at the main window, click "Custom Scan", then Select drives (a red dot will show which drives have been chosen).

  8. Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.

  9. When done, a message will be displayed at the bottom advising if any viruses were found.

  10. Click "Yes to all" if it asks if you want to cure/move the file.

  11. When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
    (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)

  12. Next, in the Dr.Web CureIt menu on top, click file and choose save report list.

  13. Save the DrWeb.csv report to your desktop.

  14. Exit Dr.Web Cureit when done.

Clean up tools to prevent people from tracing your internet surfing

CleanUp!, the quickest and easiest way to delete temporary files from your system.

CleanUp! is a powerful and easy-to-use application that removes temporary files created while surfing the web, empties the

Recycle Bin, deletes files from your temporary folders and more.
http://www.stevengould.org/software/cleanup/

Download ATF Cleaner by Atribune:
http://www.atribune.org/ccount/click.php?id=1

Double-click ATF-Cleaner.exe to run the program.
Click 'Select All' found at the bottom of the list.
Click the 'Empty Selected' button.

If you use Firefox browser, do this also:
Click Firefox at the top and choose 'Select All' from the list.
Click the 'Empty Selected' button.
NOTE:
If you would like to keep your saved passwords,please click 'No' at the prompt.

If you use Opera browser,do this also:
Click Opera at the top and choose 'Select All' from the list.
Click the 'Empty Selected' button.
NOTE:
If you would like to keep your saved passwords,please click 'No' at the prompt.

Click 'Exit' on the Main menu to close the program.

CCleaner

Install and run CCleaner a freeware system optimization and privacy tool.It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history.
http://www.ccleaner.com/
Download CCleaner here
CCleaner Tutorial
http://forum.ccleaner.com/index.php?showtopic=1504

*NOTE* CCleaner deletes EVERYTHING out of temp/temporary folders and does not make backups.

Let's empty the temp files:

Run CCleaner.

CAUTION: Please do NOT use the Issues or Registry button. This is a built-in registry cleaner. If you don't know how to use it, you may cause irreparable damage to your system.

1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbarfree Basic version instead of the Standard Build.

2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

3. Then select the items you wish to clean up.

In the Windows Tab:
Clean all entries in the "Internet Explorer" section except Autocomplete Forum History.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section except for Start Menu Shortcuts and Desktop Shortcuts.
Clean any others that you choose.

In the Applications Tab:
Clean all including cookies in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

If it asks you to reboot at the end, click NO.

CCleaner should be run with the above settings for each User Account!

CCleaner (formerly Crap Cleaner) is a freeware system optimization and privacy tool. It removes unused and temporary files from your system - allowing Windows to run faster, more efficiently and giving you more hard disk space. The best part is that it's fast! (normally taking less than a second to run) and Free.

Cleans the following:
  • Internet Explorer Cache, History, Cookies, Index.dat.
  • Recycle Bin, Temporary files and Log files.
  • Recently opened URLs and files.
  • Third-party application temp files and recent file lists (MRUs).
    Including: Firefox, Opera, Media Player, eMule, Kazaa, Google Toolbar, Netscape, Office XP, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and more...
  • Advanced Registry scanner and cleaner to remove unused and old entries.
    Including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more... Backup for registry clean.
  • Windows Startup tool.

Google Chrome acts as a keylogger

About 2% of the time, however, the keystrokes are recorded, along with associated data such as the IP address of the user who entered those keystrokes.

"Users were faced with Google retaining all of their search logs and all of the URLs they were typing."

Reacting to criticism that its newChrome browser was essentially acting as a keylogger, potentially recording users' every keystroke, Google Inc. yesterday said it would render anonymous the data it collects from the browser within 24 hours.

Asus admits Eee Box mini PC shipped with virus

Asus has admitted that some of the its Eee Box desktop mini PCs have shipped with a virus.

But while the company has only admitted the infection was present in machines shipped to Japan, Register Hardware can confirm that other territories may be affected too.

According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and an removable drives connected to the system.

According to Symantec, the malware is likely to be the W32/Usbalex worm, which creates an autorun.inf file to trigger recycled.exe from D:.

Separately, we've been testing the Eee Box this week, and discovered our review unit came loaded with the W32/Taterf worm - aka W32.Gammima.AG, aka kavo.exe malware that sniffs out online gaming usernames and passwords.

Fortunately, the infection was spotted and removed by Microsoft's most recent malware removal tool update.

Coincidence? That seems likely, given the different virus and the fact that the disk image used to prepare the Japanese Eee Boxes will almost certainly be different from the one used to image English-language product.

But at this stage it remains unclear whether the infection we found was present from the start, or accidentally added by a previous reviewer.

Trend virus update freezes some PCs

Problems with antivirus updates from Trend Micro left some users with unusable computers late last week.

The signature update, pushed out on Friday morning, incorrectly identified key Windows system files as being infected with a Trojan. The security software quarantined these important files leaving users with unstable systems. Trend later fixed the problem by issuing updated signature definition files that avoided the false positive.

For affected users that was far from the end of their worries. They were still left with the hassle of repairing Windows and (perhaps) reinstalling their security software.

Consumers were hardest hit by the glitch, which affected users of Trend Micro Internet Security, Trend Micro Internet Security Pro and Trend Micro AntiVirus. In an advisory to customers forwarded to The Register, Trend Micro said that a small number of consumers were hit by the snag and explained that the faulty update "inaccurately identified certain files as malicious and quarantined them". It admitted that this might cause system instability.

In response to queries from El Reg, prompted by reader emails, Trend Micro issued a statement:

On 5th September 2008 at 02h00 GMT, a false alarm was triggered in Trend Micro Internet Security caused by a new pattern file that had been issued. Specifically the inclusion of pattern Troj_Generic.ADV issued within Official Pattern Release (OPR) version 5.525.50 quarantined several Microsoft Windows DLLs.

In mitigation we removed the detections in question and at 12h15 GMT on 5th September, OPR 5.527.50 was released that resolved this issue. Customers who downloaded OPR 5.525.50 needed only to update to the latest OPR. All other customers who updated thereafter received the latest OPR.

Oh Lordy it's happened again

Anti-virus updates misidentifying legitimate files as suspect are a well known Achilles' Heel of anti-virus scanner software. Issues crop up periodically at roughly the same frequency Premiership football managers and club chairmen fall out.

The results can be just as ugly.

It's hard to think of a security firm that hasn't had problems in this area, and Trend is no exception. The issue gets far more messy, as in the latest Trend Micro case, when system files are incorrectly flagged up as malware.

Reg reader Antonin, based in France, explained the problem in greater depth.

"Trend Micro release a new signature file which decided that explorer.exe and several other system files had a "Troj Gen Adv" and should be quarantine. After the cleanup, a reboot was advised and after the reboot, chaos started," Antonin explained.

"Logon was OK but there was no taskbar, Trend Micro and several other application would not load automatically, Excel and Word and any other application would start but after clicking [I received] several error messages, services menu was corrupted and windows was very unstable. Restore would not work and install/uninstall would not neither," he added.

Antonin was eventually advised by Trend Micro to repair Windows before uninstall and reinstalling Trend Micro.

The net security firm is continuing to investigate the issue. "To date Trend Micro UK have received thirty-five calls to our technical support teams in relation to this issue and TrendLabs is investigating the incident further to determine root cause and remediate," said Rik Ferguson, senior security advisor at Trend Micro.

Saturday, October 11, 2008

Peek-A-Boo: A method to remove virus out of your USB drive without getting infected!

Scenario: You have a USB drive in your hand and are scratching your head as to insert it into your PC or not ( the style of to-do-or-not-to-do) . Because you know it has viruses and you cant format it also because of the all important data. So this is where i step in or rather this post steps in. (It has legs, mind you)

OK. I will make all the work easy for you. Just follow the following steps.

First Download TREE SIZE PROFESSIONAL from the publisher site.

OR Download TREE SIZE PROFESSIONAL from CNET

The above mentioned software shows the space usage of your drives in graphical format.

As you know viruses get activated when you access the USB drive. But if TREE SIZE accesses the USB drive then virus is not activated.So i thought of playing a peek-a-boo and catching the virus unawares( not in your hand, of course) by exploring the space usage and then delete it.

So after you install right click the USB drive and see the listing. You will see a screen like this.

Click the image to enlarge:

Now you can identify the virus, provided you know before hand what files were there in your pendrive.

Now delete the virus by right-click-the-file-and-delete .

Monday, October 6, 2008

Orkut worm feeds on scraps

From social networking to social engineering

Malware authors have written a worm for Orkut, Google-owned networking site that's big in Brazil.

The Scrapkut worm uses active code injection to spread between victims and their friends on Orkut. The malicious code appears on a victim’s scrapbook, containing a link to a supposed YouTube video.

People who click on the link are redirected to an external site hosting malware that's disguised as a Flash upgrade. Users duped into installing the software get malicious Javascript code injected into their next active Orkut web session. This malicious scrapbook entry is then sent to all the victims' friends, recommencing the infection cycle.

An analysis by Symantec can be found here.

Judging by the counter on a web page associated with the malware (not the most reliable of indicators) about 13,000 users are already infected by the Scrapkut worm, which isn't - for now - doing anything particularly nasty other than spreading.

By contrast an earlier worm that spread across the Orkut network last December infected an estimated 655,000 people. Google plugged the cross-site scripting (XSS) error that made the attack possible hours later, thwarting tfurther propagation of that fast-spreading worm.

YouTube fake tool dumbs down malware distribution

Nothing on the internet is real, man

Miscreants have created a tool that dumbs down the process of using fake YouTube websites to spread malware.

The YFakeCreator tool allows budding VXers to set up a fake site and configure options such as the properties of a supposed video. Typically users are required to download a fake codec to view content, which is not actually on offer. The codec contains the malware payload which can be anything from adware to a Trojan.

The tool also includes the ability to set-up a fake error message in a bid to disguise any attack.

Would-be virus writers would still need to mount a spam campaign in order to dupe prospective marks into visiting sites created by YFakeCreator, but the tool does reduce the overall work needed to mount an attack.

The tool was spotted by net security firm Panda Security which has published a full write-up, including screenshots of the tool, here. Panda discovered the tool on underground hacking forums.

YFakeCreator is far from an isolated example of tools that remove the need to understand coding from the task of malware distribution. For example, Panda found a tool that can turn any executable file into a worm on underground forums back in June.

Some anti spyware tips

Microsoft AntiSpyware is now Windows Defender

[working-freeware from Microsoft]
http://www.microsoft.com/athome/security...
Windows Defender is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.

a-squared trojan remover (Free Working Version for life and Proactive Premium Version)
http://www.emsisoft.com/en/software/free...
a-squared (a-squared) is a complementary product to antivirus software and desktop firewalls on MS Windows computers. Antivirus software specializes in detecting classic viruses. Many available products have weaknesses in detecting other malicious software (Malware) like Trojans, Dialers, Worms and Spyware (Adware). a-squared fills the gap that malware writers exploit. Automatic updates: In a-squared Free the updater must be run manually. The auto-update feature of a-squared Personal checks hourly for new available updates and installs them automatically. a-squared Free is freeware!

a-squared Anti-Dialer [working-freeware]
http://www.emsisoft.com/en/software/anti...
No chance for the Dialer rip off! Protect your PC with a-squared Anti-Dialer from manipulated dial up connections, which can cause a phone bill of several hundred dollars quickly. a-squared Anti-Dialer provides a complete defense against Dialers. Scan all files on your harddisks for Dialer behavior using the Dialer scanner. The integrated background guard protects the PC from new infections. As soon as a potential Dialer creates or manipulates a dial up connection, the a-squared Anti-Dialer will alert it.

Trend Micro RootkitBuster (popular) [working-freeware]
http://www.softpedia.com/get/Antivirus/T...
Trend Micro RootkitBuster is a rootkit scanner that offers ability to scan for drivers, registry entries, processes, hidden files and hooked system service. Trend Micro RootkitBuster also includes the cleaning capability for hidden files and registry entries. License: Freeware / OS: Windows All

AVG Anti-Rootkit Free [working-freeware]
http://free.grisoft.com/doc/download-fre...
AVG Anti-Rootkit Free is a powerful tool with state-of-the-art technology for the detection and removal of rootkits.

F-Secure Blacklight (Rootkit Scanner, Vista) [working-freeware]
http://www.f-secure.com/security_center/
F-Secure Blacklight is available free. Provides detection and removal of common rootkits. Commandline version available. Also supports Windows Vista (32-bit only). A standalone BlackLight Utility can be downloaded from our Security Center.

AVG Anti-Virus Free Edition [working-freeware]
Download, Information at this website :
http://www.download.com/AVG-Anti-Virus-F...
http://www.grisoft.com/
AVG Free Edition is the well-known antivirus protection tool. AVG Free is available free of charge to home users for the life of the product. Rapid virus database updates are available for the lifetime of the product, thereby providing the high level of detection capability that millions of users around the world trust to protect their computers. AVG Free is easy to use and will not slow your system down (low system resource requirements). Highlights include automatic update functionality, the AVG Resident Shield, which provides real-time protection as files are opened and programs are run, free Virus Database Updates for the lifetime of the product, and AVG Virus Vault for safe handling of infected files.

ClamWin Free Antivirus [Open Source - working freeware]
http://www.clamwin.com/
ClamWin is a Free Antivirus for Microsoft Windows. ClamWin Free Antivirus comes with an easy installer. You may download and use it absolutely free of charge. It features: High detection rates for viruses and spyware; Scanning Scheduler; Automatic downloads of regularly updated Virus Database. Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer; Addin to Microsoft Outlook to remove virus-infected attachments automatically. The latest version of Clamwin Free Antivirus is 0.88.2.3 . Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.


LAST - CHECK THIS .... botnets install backdoor downloaders.
Online Tool Developed to Check for Botnet Activity 
BotnetChecker.Com
Go To: http://botnetchecker.com/
PRWeb via Yahoo! News Wed, 12 Dec 2007 5:00 AM PST
http://news.yahoo.com/s/prweb/20071212/b...
It is estimated that 1 in 4 computers on the internet today are part of a botnet. After observing bot activity from thousands of compromised computers, local administrator develops easy way to check for botnet activity

Fake Windows XP Activation Trojan Wants Your CVV2 Code

Fake Windows XP Activation Trojan Wants Your CVV2 Code

In a self-contradicting social engineering attempt, a malware author is offering to sale a (updated version of Kardphisher) DIY fake Windows XP activation builder, which despite the fact that it claims "We will ask for your billing details, but your credit card will NOT be charged", is requesting and remotely uploading all the credit card details required for a successfully credit card theft.

Perhaps among the main reasons why such simplistic social engineering attempts never scaled in a "malicious economies of scale" approach, is because sophisticated crimeware kits capable of obtaining the very same data automatically, started leaking for everyone to start taking advantage of - including yesterday's cybercriminals using such DIY fake message builders.

Moreover, according to recently reseased survey results, end users cannot distinguish between fake popups and real ones, and on their way to continue doing what they were doing, click OK on that pesky warning message telling them that they're about to get infected with malware. Taking into consideration the fact that the popup windows the researchers used look like cheap creative compared to the average fake security software's layout high quality GUIs, it is perhaps worth restating your research questions with something in the lines of - What motivates end users to install an antivirus application going under the name of Super Antivirus 2009 or Mega Virus Cleaner 2008? The fact that the fake status bar is telling them that they're infected with 47 spyware cookies, or the fact that they ended up at the fake site while browsing their trusted web services?

The increase of rogue security software domains is happening due to the high payout affiliation based model, the standardized creative allowing the participants to come up with their own fake names if they want to, and due to the fact that the fake security threats scareware approach seems to be perfectly taking advantage of the overall suspicion on the effectiveness of their legitimate security software.

Friday, October 3, 2008

AIO Antivirus 2008


AIO Antivirus 2008


The collection of various antiviruses | 268 MB


AIO Antivirus 2008 by BenditooO :
Solo Antivirus 2008
Includes:
avast! 4.7 Pro
AVG 7.5 buld 516
Bit Defender Total Security (Spanish)
Panda Antivirus 2008
ZoneAlarm Anti-virus 7.0.462.000
ZoneAlarm Security Suite 7.0.462.000
Kaspersky Internet Security 7.0.0.125
Kaspersky Anti-Virus 7.0.0.125


============================================================================

http://rapidshare.com/files/143926973/AIO_Antivirus_2008_v2_byakki.part1.rar
http://rapidshare.com/files/143927598/AIO_Antivirus_2008_v2_byakki.part2.rar
http://rapidshare.com/files/143927921/AIO_Antivirus_2008_v2_byakki.part3.rar
http://rapidshare.com/files/143955105/AIO_Antivirus_2008_v2_byakki.part4.rar
http://rapidshare.com/files/143955412/AIO_Antivirus_2008_v2_byakki.part5.rar
http://rapidshare.com/files/143939783/AIO_Antivirus_2008_v2_byakki.part6.rar


password :
akki-rocks
============================================================================