Threat Killer v1.7.2 – Novirusthanks.org
December 26, 2010 by Rahulmg [Admin]
Filed under Removal Tips,Tools and Videos
Scriptable malware remover engine that can remove any malware running custom scripts.
Threat Killer is a fully-scriptable malware remover able to remove persistent files, kernel drivers installed by rootkits, registry keys and values, terminate processes (even if critical), delete an entire folder (also using recursive) and much more by executing custom scripts.
The scripts are executed in runtime and you should be able to remove a specific malware without the need to reboot the computer, however is possible that to remove nasty malware is needed to reboot the computer.
It is strongly recommended to use Threat Kill only under qualified supervision, certain misuses of this program can create problems on your system.
New Windows zero-day flaw bypasses UAC
November 26, 2010 by admin
Filed under Security News
A new zero-day exploit in Microsoft Windows was disclosed today. The exploit allows an application to elevate privilege to “system,” and in Vista and Windows 7 also bypass User Account Control (UAC). The flaw was posted briefly on a programming education site and has since been removed.
The exploit takes advantage of a bug in win32k.sys, which is part of the Windows kernel. The flaw is related to the way in which a certain registry key is interpreted and enables an attacker to impersonate the system account, which has nearly unlimited access to all components of the Windows system. The registry key in question is under the full control of non-privileged users.
The flaw appears to affect all versions of Windows back to at least Windows XP, including the latest Windows 2008 R2 and Windows 7 systems. On its own, this bug does not allow remote code execution (RCE), but does enable non-administrator accounts to execute code as if they were an administrator.
There is one mitigation I discovered while researching this exploit. Unfortunately it is somewhat complicated. To prevent the flaw from being exploited you can perform the following actions:
- As an Administrator open Regedit and browse to HKEY_USERS\[SID of each user account]\EUDC
- Right-click EUDC and choose permissions
- Choose the user whose account you are modifying and select Advanced
- Select Add and then type in the user’s name and click OK
- Click the Deny checkbox for Delete and Create Subkey
- Click all the OKs and Apply buttons to exit
The registry keys being changed by this mitigation should not impact a user’s ability to use the system, but changing permissions related to Windows code page settings may cause problems with multilingual installations. In my testing it appears problem-free, but I have only had an hour or two to test. Use at your discretion.
The good news? For this to be exploited, malicious code that uses the exploit needs to be introduced. This means your email, web, and anti-virus filters can prevent malicious payloads from being downloaded. Keep an eye on the Naked Security blog for more information as we learn more about this flaw.
Update: Sophos detects the proof of concept as Troj/EUDPoC-A. Stay tuned for further details as they become available.
I’ve also created this video showing how it works and what you can do.
by Chester Wisniewski @ nakedsecurity.sophos.com
What’s my computer doing? Free software to monitor H.D. and CPU processes
May 27, 2010 by admin
Filed under Protection Tools
The free software “What’s my computer doing?” tells you why. It shows all programs (with details!), that are accessing your hard disk or using the CPU. Furthermore you have the option to close these programs or even uninstall them.
System reuirements
Windows 7, Vista, 2003, XP, 2000, NT
[ Download What's my computer doing? software ]
Critical security updates from Microsoft and Adobe
May 12, 2010 by admin
Filed under Security News
It was “Patch Tuesday” yesterday, which means another parcel of security updates for computer users to unwrap, and this time the fixes aren’t just from Microsoft, but from Adobe too.
First on the menu is Microsoft, which has served up two security bulletins detailing vulnerabilities that could be exploited by hackers to execute malicious code (such as a worm) on your computer.
The first of these security holes exists in Outlook Express, Windows Mail, and Windows Live Mail. Microsoft’s Security Research & Defense blog goes into some detail about the vulnerability, explaining that although the security hole is given a “critical rating” on Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008, it is considered less serious for Windows 7 users as Windows Live Mail is not installed by default on that platform.
The other patch from Microsoft addresses a vulnerability in Visual Basic for Applications, a component used by Microsoft Office and other third-party products. Microsoft has given this security update its highest possible rating – “Critical” – for all supported versions of Microsoft Visual Basic for Applications SDK and third-party applications that use Microsoft Visual Basic for Applications. It is also rated “Important” for all supported editions of Microsoft Office XP, Microsoft Office 2003, and the 2007 Microsoft Office System.
Next up is Adobe, who have released patches to squash over 20 security vulnerabilities in its Shockwave and ColdFusion products.
The critical vulnerabilities identified in Adobe Shockwave Player 11.5.6.606 and earlier versions impact both Windows and Macintosh users, and could allow attackers to run malicious code on your computer.
Adobe recommends that users update their version of Adobe Shockwave Player to version 11.5.7.609.
Details of the ColdFusion vulnerabilities, classed as “important”, are provided in Adobe Security Bulletin APSB10-11.
Enough of waffle. Download and install the patches if your computer is affected.
By Graham Cluley, Sophos
Free Zemana AntiLogger for EVERYONE By Softpedia.com (Today Only)
March 14, 2010 by admin
Filed under Protection Tools
“Zero-Day” (aka “0-day”) is fast becoming the most feared buzzword in the computing world, and detection delays while suspected malicious files are analyzed and “fingerprints” are generated mean that new threats which can attack and compromise your computer even if you have the latest up-to-date anti-malware software installed might be running around the Internet undetected for hours, or even days.
Zemana AntiLogger is designed to protect your computer against such attacks. No matter which anti-malware program you’re currently using, you need the added protection of Zemana AntiLogger!
AntiLogger is dramatically different from traditional products that rely heavily on “fingerprints” created by lab analysts and researchers to detect malware. It doesn’t need “signature updates”. It understands how malware attacks your computer, and its unique technology detects malicious programs when they try to run on your PC and shuts them down BEFORE they can steal your identity or your confidential information.
- Bank online and perform other financial transactions safely and securely.
- Defeat malware programs that seek to capture your sensitive data before it’s encrypted.
- Actively monitor and shut down keyloggers, SSL banker trojans, spyware, and other malware.
- Defend against programs that other antivirus protection apps let through.
- Does not slow down your PC Windows Vista/ XP/ 7 compatible.
Giveaway Offer In Collaboration With Softpedia.com
Type: Free Giveaway Offer ($34.00 To Buy)
File Size: 6.00 MB (About 30 seconds on broadband connection)
Requirements: Windows XP/Vista/Windows 7 (32-Bit)
Version: 1.9.2.185
The Offer still running
New ClamAV for Windows Powered By ( immunet and sourcefire )
March 7, 2010 by admin
Filed under Protection Tools
The new ClamAV for Windows is the result of a partnership between Immunet Corporation (http://www.immunet.com) and Sourcefire, Inc. (http://www.sourcefire.com). It is designed to provide the ClamAV community with a free Windows-specific Anti-Virus (AV) solution using an advanced Cloud-based protection mechanism. You can use ClamAV For Windows as a stand-alone, host-based AV solution, or in conjunction with your pre-installed AV solution to provide enhanced detection for the latest malware threats.
Say goodbye to the days of watching AV software drain your memory and processing speed. Immunet’s unique Cloud-based technologies allow the ClamAV application to leverage the power of the Cloud to drive the AV engine. When you use ClamAV for Windows, you save system resources for the tasks they really want to run, like games and business applications.
ClamAV for Windows utilizes advanced Cloud-based and community-based detection methods. Developed by Immunet, these detection methods leverage the computers of your friends, family and a worldwide global community to harness their collective knowledge for securing your PC. Every time someone in this collective community encounters a threat, everyone else in the community gains protection from that same threat in real time. You no longer have to rely on the isolated security of your current Anti-Virus vendor. You are able to protect your friends and family while being better protected yourself. This is exactly what we designed ClamAV for Windows to do. By providing a fast and light layer of virus detection, and linking everyone in a global community, we harness a security sum that is far greater than its individual parts, we call this Collective Immunity.
Immunet placed ClamAV into their Cloud infrastructure alongside their Ethos detection engine, and several other detection technologies. By combining all these technologies, and utilizing the power of community-based detection, we feel we have the most effective Anti-Virus technology on the market. And it only gets better with every user that installs and utilizes our technology.
Download New ClamAV :
Minimum System Requirements
- Windows XP SP2, Windows Vista SP1, Windows 7
- A working Internet connection
Optional Requirements
- A Facebook account
- A Twitter account
Boost PC Performance with Comodo System Cleaner
January 15, 2010 by admin
Filed under Protection Tools
Picture a messy room. This room may be littered with trash but also contains your valued possessions. The goal is obvious: get rid of the trash without throwing away any valuables. Now imagine an ultra-powerful vacuum that will destroy anything in its path, never to be seen again. You might think twice about where to point this vacuum! Other system cleaners have the same problem as this vacuum: good stuff gets obliterated,the same as bad stuff. In an attempt to perform some much-needed system maintenance, you could wipe out files necessary to your PC’s performance! Comodo System Cleaner has made this problem obsolete. If CSC sucks in a valued possession, you can easily reach in and take it back out again. No harm done, and your computer keeps performing solidly.
Important Features of System Cleaner
Deep cleaning of your PC’s registry
After a deep registry cleaning, Windows will be able to access the information it needs from the registry more quickly, boosting both performance and stability.
Deep cleaning of your PC’s disk drive
Eliminate the clutter inevitably built up over time in your disk drive to free up space and improve performance.
Clean-up scheduling
Enter when you’d like System Cleaner to perform a deep clean so it’s convenient for you.
SafeDelete™ and Registry Protection
Use these features to backup all your files before cleaning. When cleaning is complete, you’ll be able to make sure your PC is in perfect condition before deleting for good.
Privacy cleaning
Clear out your digital trail (cookies, cache, browsing history, and more) with the privacy cleaner to keep your private information out of the hands of others.
Extensive Windows customization tool
Alter dozens of obscure and hard-to-find Windows settings easily within Comodo System Cleaner’s interface.
Download the Portable Version:
- Windows 7 / XP / Vista 32 bit (4.96 MB)
- Windows 7 / XP / Vista 64 bit (4.77 MB)
Panda’s Cloud Antivirus leaves beta behind
November 10, 2009 by admin
Filed under Security News
First introduced in beta in April, Panda Cloud Antivirus graduates to a stable, public release and signifies a major security vendor taking aim at the freeware competition–instead of the other way around. Cloud Antivirus was notable on its beta release for being one of the few security options available to users that contained most of its protections in the cloud. This allowed it to protect users while consuming significantly fewer resources than many competing programs.
Panda Cloud Antivirus 1.0 is notable as a free security solution for two reasons: Panda is a reputable security vendor, and the program achieves its goal of freeing up system resources. In a press release, Panda Security CEO Juan Santana described Cloud Antivirus as a game-changer. It’s not clear quite yet that that’s the case, but at the very least the program looks to fill a niche created by resource-conscious netbooks.
As light on resources as advertised, Cloud Antivirus offers strong reputation-based protection for those who want their security program out of sight and out of mind. A third-party efficacy evaluation wasn’t available at the time of writing, but in empirical testing the program only used 9 MB of RAM while idle, and only 56 MB of RAM when scanning. Many other security programs will run scans at 150 MB of RAM or more.
Despite keeping most of its database in the cloud, Panda Security’s Senior Research Advisor, Pedro Bustamante, noted during an interview in October that Cloud Antivirus isn’t disabled just because the host computer is disconnected from the Internet. “Panda has an offline mode that uses a small cached copy of Collective Intelligence on your local drive, it’s only the most recent threats on a real time wild list.” Collective Intelligence is the name that Panda gave its cloud system when it was introduced in 2007.
When you open Cloud Antivirus, the main window lets you know whether you’re safe or not with a big red or green icon. Cloud Antivirus works as other antivirus solutions do, offering a Quick Scan and a Custom scan for specific folder, files, and drives, but its ancillary features are exceptionally light. The Quick Scan took 13 minutes on my Windows 7 Lenovo T400 laptop.
Dragging an active Cloud Antivirus window, in Windows 7 at least, will turn it translucent.
(Credit: Screenshot by Seth Rosenblatt/CNET)
You can opt out of contributing anonymous data to the cloud, but that also opts you out of automatic threat management. There’s a network connection proxy option should you need it, and a reporting feature that will show you what kind of threats have been detected and removed from your computer. You can filter the report by All, Last 24 hours, Last Week, or Last Month, and there’s a Recycle Bin pane from which you can recover a false positive, should you need it. Unfortunately, the Recycle Bin is hidden behind an obnoxious “flipping” screen that cheesily rotates when you need to access it.
If you’re familiar with the minimalist Microsoft Security Essentials, Cloud Antivirus is even simpler. I did notice some odd interface rendering around the minimize and close buttons in Windows XP, but not in Windows 7. There are other more serious concerns about the program. Most notably, it lacks a scheduler, and it removes user input from update functions. Scans are also limited: you can tell the program what to scan, but not what to look for, so forget about toggling heuristics or rootkits. Then again, the point of this kind of security is that it’s all wrapped into one.
Keeping in mind its limited feature set, and that we don’t have efficacy numbers at the time of reviewing, Panda Cloud Antivirus makes good security choice for those willing to take the plunge.
by Seth Rosenblatt from Cnet
Hitman Pro 3 – The First Behavioral Scan and Multi-vendor Cloud Confirmation Anti-malware
November 6, 2009 by admin
Filed under Removal Tips,Tools and Videos
Hitman Pro 3 is a fast all-in-one tool to locate, identify and remove viruses, spyware, trojans, rootkits and other malware. Hitman Pro 3 will quickly show if your PC is infected with malicious software.
Research shows that many computers are infected, even if they have an up-to-date security suite installed, and that a combination of different anti malware programs would be required to prevent infection.
Hitman Pro 3 uses innovative cloud computing techniques to detect and remove potential malware threats with minimal impact on system performance.
Final Version of Microsoft Security Essentials is Now Available For Download (compatible with windows 7)
October 1, 2009 by admin
Filed under Security News
Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.
