PC Tools launches new security solutions

PC Tools has expanded release of its 2011 performance and protection portfolio, including PC Tools Spyware Doctor, PC Tools Spyware Doctor with AntiVirus and PC Tools Internet Security, PC Tools Registry Mechanic and PC Tools Performance Toolkit.

According to the company, the 2011 portfolio aims to remove the many challenges consumers face when considering performance or protection options, and developing comprehensive portfolio that delivers simplicity, effectiveness and affordability to customers.

"We have been witnessing tremendous growth in India with the total number of internet users growing to 71 million last year. With this growth emerges a greater need to ensure online safety and to improve PC performance. Our aim with the 2011 portfolio is to accomplish exactly that, with simple, effective and affordable solutions," says Shafi Shanavas, Director, Product Management PC Tools.

"We've listened to our customers and solved their biggest challenges in developing tools that are simple, effective and affordable," said Tom Powledge, Vice President and General Manager , PC Tools. "It's really all about protection and performance minus the fuss and confusion. Simply put, our 2011 products get the job done."

The PC Tools 2011 protection portfolio enhances real-time scans and threat remediation while improving performance behind the scenes without impact to the user or slowing the PC down. The new flexibility options allow consumers to choose an automated experience or to customize advanced settings.

Protection advancements against spyware, viruses, malicious email and social networking threats offer a simplified experience that makes scans and fixes faster and easier. AV-Test.org found that the average scan times improved by up to 90%, while internal testing shows that average launch times have been reduced to less than 1 second

Source : The Times of India

Panda brings anti-virus to the iPhone and iPad

Panda Security has launched an anti-virus product designed to protect popular Apple products including the iPhone and iPad.

The Spanish security firm said in a blog post yesterday that Panda Antivirus for Mac can counter the increasing threats targeted at Apple products.

"As we know, this is something that is becoming more serious, so we have decided to go one step ahead and release our own Antivirus for Mac," said Panda Security technical director Luis Corrons.

"As a heavy iPhone and iPad user, I have a lots of documents on both devices, and it is great to find an easy way to scan them."

Panda Antivirus for Mac includes all the usual elements of an anti-virus suite, including protection against viruses, worms, spyware, adware, phishing and key-loggers, as well as ID theft prevention thanks to its detecting banking Trojans designed to steal personal information.

Panda is following a common trend among major anti-virus vendors in offering popular PC products for the Mac and related hardware.

Corrons argued in a blog post earlier in the year that Apple "still isn't cyber crooks' main objective as it doesn't have enough users, but it is starting to arouse interest ".

"Mac users should raise their voices and ask the company they are paying (Apple) to take security seriously," he added.

Source : www.v3.co.uk

AVG Technologies Introduces Free Antivirus Program For Small Businesses

Thanks to a recent announcement by one of the most popular antivirus software companies, small and medium-sized business owners will soon have a brand new way to protect themselves against harmful online threats.

AVG Technologies announced a plan to make its Internet Security 2011 Business edition available for small business owners around the country without charging them a penny. The technology is designed to handle threats from online predators, putting a premium on securing business data and other information.

"At AVG, we recognize that most small business owners are not IT experts, and need an antivirus and internet security solution for their business that provides maximum protection and is easy to administrate," said J.R. Smith, CEO of AVG Technologies. "That’s why we designed AVG Internet Security 2011 Business Edition and AVG Anti-Virus 2011 Business Edition to be the easiest to use and manage on the market."

Software companies from all over the country have been busy making technology news for small business. Microsoft recently introduced Security Essentials, which provided a free, downloadable program for entrepreneurs with limited resources.

Source : Gabler

Antispyware Soft Removal and Analysis

Antispyware Soft is similar in interface and behavior to Antivirus Soft, Antivirus Live and Antivirus soft scareware. This malicious, rogue security software aggressively displays fraudulent system security alerts about non-existent network infiltration attempts and malware.

The anti spyware soft rogue when installed:

  • Installs the Fake Windows Security Center where all the links lead to its payment page.
  • Hijacks Internet Explorer and automatically opens a specific set of porn websites every few minutes.
  • Blocks execution of most programs.
  • Blocks execution of Task Manager, Command Prompt and MS Configuration editor.
  • Blocks Windows firewall, Automatic Updates and Internet Options.
  • Disables Internet Explorer Phishing Filter.

Scareware like Antispyware Soft are commonly installed when users are redirected to fake online scanner pages or fake ‘video codec required’ pages distributed through out the Web by cyber criminals using blackhat SEO techniques, Spam and Malicious flash advertisements.

anti-spyware-soft scareware

Antispyware Soft Removal (How to remove Antispyware Soft)

MalwareBytes's Anti-Malware Free edition (mbam-setup.exe) was able to remove this infection.

  1. Boot in to Window Safe Mode with networking
  2. Download Malware Bytes's Anti-Malware Free edition (mbam-setup.exe) or from a clean computer download and copy to a removable drive like CD, DVD or USB flash drive.
  3. Double-click mbam-setup.exe to start the installation. Proceed with installation following the prompts. Make sure that the following option is checked when you finish the installation: Update Malwarebytes’ Anti-Malware.
  4. Once the update is completed, Launch Malwarebytes’ Anti-Malware and select Perform full scan in the Scanner tab. When the scan is completed, click “Show results“, confirm that all instances of the rogue security software are check-marked and then click “Remove Selected” to delete them. If prompted restart immediately to complete the removal process.
  5. Trun System Restore off and on.

If you find the Internet Explorer is still being re-directed to the scareware website, remove the proxy settings as follows:

Open Internet Explorer, Click Tools menu and then click Internet options or open Internet options via control panel. In the Internet Options window, select the Connections tab. In the Connections tab, click on LAN settings.

IE connections proxy Antispyware Soft Removal and AnalysisIE remove proxy Antispyware Soft Removal and Analysis

In the Local Area Network (LAN) Settings window, click Advanced and clear the proxy address and port 5555. Click Yes and OK your way out.

You should now be clean of this rogue.

The full version of Malwarebytes’ Anti-Malware performs brilliantly against scareware such as Antispyware Soft. The real-time component of the paid version includes dynamic blocking of malicious websites, servers and prevents execution of malware. It would caution you before most rogue security software could install itself. Please consider purchasing the Malwarebytes' Anti-Malware Full version for additional protection.

Antispyware Soft Analysis

A rogue security software such as Antispyware Soft belongs to a family of software products that call themselves as antivirus, antispyware or registry cleaners and often use deceptive or high pressure sales tactics and deliberate false positives to convince users into buying a license/subscription. They are often repackaged and renamed. They do not actually remove malware instead many of them add more malware of their own. They need to be removed immediately from your system.

The trojan downloader was about 271104 bytes in size. It was detected by 32/41 (78.05%) of antivirus engines available at VirusTotal.

  • Trojan.Win32.FakeSpypro
  • Trojan/Win32.FraudPack
  • W32/FakeAlert.GQ.gen!Eldorado
  • Win32:Rootkit-gen
  • Win32/XPInternetSecurity.D
  • Trojan.Win32.FraudPack.avgj
  • Win32/Adware.SpywareProtect2009
  • Troj/FakeAV-BGE
  • FraudTool.Win32.AVSoft (v)
  • SpywareGuard2008

Typical Antispyware Soft Scare Messages

Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan you computer. Your system might be at risk now.

Infiltration alert. Virus Attack. Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan-dropper or similar.

Users should not fall for the false alerts of system infection and buy the scareware to ‘clean’ the system. If you purchased one by entering your credit card number at a rogue software website, it would be prudent to:

  • Immediately contact the bank that issued the card and dispute the charges.
  • Request them to not allow any further transaction and cancel the card. You may also request them to issue a new card with a different number.

Antispyware Soft Associated Files and Folders

  • C:\Documents and Settings\malwarehelp.org\Local Settings\Application Data\ylyqcrynp\klbqtgitssd.exe

Some of the file names may be randomly generated. The term malwarehelp.org or malwarehelp in the above entries denotes the name of the Windows user account in the test machine.

Antispyware Soft Associated Registry Values and Keys

  • HKEY_CURRENT_USER\Software\avsoft
  • HKEY_CURRENT_USER\Software\avsuite
  • HKEY_CURRENT_USER\Software\avsuite\knkd=1
  • HKEY_CURRENT_USER\Software\avsuite\aazalirt=1
  • HKEY_CURRENT_USER\Software\avsuite\skaaanret=1
  • HKEY_CURRENT_USER\Software\avsuite\jungertab=1
  • HKEY_CURRENT_USER\Software\avsuite\zibaglertz=1
  • HKEY_CURRENT_USER\Software\avsuite\iddqdops=1
  • HKEY_CURRENT_USER\Software\avsuite\ronitfst=1
  • HKEY_CURRENT_USER\Software\avsuite\tobmygers=1
  • HKEY_CURRENT_USER\Software\avsuite\jikglond=1
  • HKEY_CURRENT_USER\Software\avsuite\tobykke=1
  • HKEY_CURRENT_USER\Software\avsuite\klopnidret=1
  • HKEY_CURRENT_USER\Software\avsuite\jiklagka=1
  • HKEY_CURRENT_USER\Software\avsuite\salrtybek=1
  • HKEY_CURRENT_USER\Software\avsuite\seeukluba=1
  • HKEY_CURRENT_USER\Software\avsuite\jrjakdsd=1
  • HKEY_CURRENT_USER\Software\avsuite\krkdkdkee=1
  • HKEY_CURRENT_USER\Software\avsuite\dkewiizkjdks=1
  • HKEY_CURRENT_USER\Software\avsuite\dkekkrkska=1
  • HKEY_CURRENT_USER\Software\avsuite\rkaskssd=1
  • HKEY_CURRENT_USER\Software\avsuite\kuruhccdsdd=1
  • HKEY_CURRENT_USER\Software\avsuite\krujmmwlrra=1
  • HKEY_CURRENT_USER\Software\avsuite\kkwknrbsggeg=1
  • HKEY_CURRENT_USER\Software\avsuite\ktknamwerr=1
  • HKEY_CURRENT_USER\Software\avsuite\iqmcnoeqz=1
  • HKEY_CURRENT_USER\Software\avsuite\ienotas=1
  • HKEY_CURRENT_USER\Software\avsuite\krkmahejdk=1
  • HKEY_CURRENT_USER\Software\avsuite\otpeppggq=1
  • HKEY_CURRENT_USER\Software\avsuite\krtawefg=1
  • HKEY_CURRENT_USER\Software\avsuite\oranerkka=1
  • HKEY_CURRENT_USER\Software\avsuite\kitiiwhaas=1
  • HKEY_CURRENT_USER\Software\avsuite\otowjdseww=1
  • HKEY_CURRENT_USER\Software\avsuite\otnnbektre=1
  • HKEY_CURRENT_USER\Software\avsuite\oropbbsee=1
  • HKEY_CURRENT_USER\Software\avsuite\irprokwks=1
  • HKEY_CURRENT_USER\Software\avsuite\ooorjaas=1
  • HKEY_CURRENT_USER\Software\avsuite\id=8.0
  • HKEY_CURRENT_USER\Software\avsuite\ready=1
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\CheckExeSignatures=no
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\RunInvalidSignatures=1
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter\EnabledV8=0
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter\Enabled=0
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer=http=
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\LowRiskFileTypes=.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\SaveZoneInformation=1
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\njjhiffj=C:\Documents and Settings\malwarehelp.org\Local Settings\Application Data\ylyqcrynp\klbqtgitssd.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\JITDebug=1

The term malwarehelp.org or malwarehelp in the above entries denotes the name of the Windows user account in the test machine.

Antispyware Soft Associated Domains

This scareware was observed accessing the following domains during installation and operation:

  • avtiviruspower .com

Note: Visiting the domains mentioned above may harm your computer system.

If you are unable to get rid of this scareware, please visit one of the recommended forums for malware help post about your problem.

Antispyware Soft Scareware — Screenshots

Note:- The Antispyware Soft installation and removal was tested on a default installation of Windows XP SP3. The content provided in this article is not warranted or guaranteed by Malware Help. Org. The content provided is intended for entertainment and/or educational purposes. I am not liable for any negative consequences that may result from implementing any information covered in this article. The above information is correct at the time of my testing, it might change with time and or under different testing conditions.

Source :-www.malwarehelp.org

©2009 Antivirus Support | by TNB