Archive for: antivirus
Thanks to a new virus which makes users believe all of their data has been deleted, computer users everywhere are in mass panic and repair shops are busier than ever. This new virus is pure genius and is, as old-school hackers would put it, a “truly righteous” hack. It exploits a loophole in Java which gives the virus god-rights on the computer and installs without the user ever knowing. Unlike most viruses today which trick the user into thinking they have a virus and clicking ‘OK’ to clean it up (which actually installs it), it is embedded in webpages which use Java and installs silently. And since nearly everyone has Java turned on to surf the internet, it installs quietly and effortlessly. Suddenly, all the computer’s files, icons and folders are “gone.” Panic ensues as users frantically try to figure out how to recover their “lost” data. But what has really happened is that the virus has simply hidden every file on the computer! Genius, right? I can only imagine the developers are sitting back having a good laugh about it all.
So what do you do if you get hit by this lovely virus? A non-techy person could take it to a computer repair shop and spend anywhere from $85-$150 to get it fixed. Or for you geeks, you could fix it yourself using the following steps:
(Please note the following steps are for experienced users only – if you are not comfortable performing any of the below steps, take the computer to a professional!)
1) Immediately boot into Safe Mode (with networking) and do not leave this until you are done! (Mashing F8 at the boot screen will do this on most computers – read the boot screen if F8 doesn’t do the trick)
- If you have to reboot at any time, make sure you boot back into Safe Mode!
2) Download and run RKill: http://www.bleepingcomputer.com/download/anti-virus/rkill. This will terminate the virus from running and allow you to clean up the computer. Any of the download links should work – they just have various names to confuse viruses.
3) You need to be able to see the folders/files which are hidden. To do this, do the following:
- Click your start menu
- In the ‘run’ field, type “cmd” and hit enter
- Type: c:*.* /d /s –h
- **The virus may make files read-only as well. If so, include –r.
- **If the virus makes files system files, add –s.
- Do NOT add any unnecessary –r or –s commands. Only use these commands if needed.
4) Make sure you have the following programs installed and updated:
- Microsoft Security Essentials (http://www.microsoft.com/security_essentials/)
- Super AntiSpyware (http://www.superantispyware.com)
- Remove ANY other antivirus program you have as most don’t live up to their promises and often do more harm than good (ESPECIALLY Norton, McAfee and AVG).
5) Run a FULL scan on both Security Essentials and Super AntiSpyware.
6) Clean up your registry! (If not comfortable with this, pay for a professional cleanup!)
- Go to Start –>Run–>’regedit’ and hit enter, then ‘Ok’ or ‘Yes’
- Go to HKEY_CURRENT_USER–>Software–>Microsoft–>Windows–>CurrentVersion–>Run
i. Remove anything which looks suspicious and is not a file you recognize. For instance, an entry with a name like FKA546542EJJAL and stored in a temp file is probably a virus (EXAMPLE ONLY). This is also a good time to remove unnecessary programs from starting up at boot time.
- Go to HKEY_CURRENT_USER–>Software–>Microsoft–>WindowsNT–>CurrentVersion–>Winlogon
i. Again, remove anything suspicious. If you don’t see anything obvious, DO NOT DELETE ANYTHING.
- Go to HKEY_USERS–>’user name’ or ‘.DEFAULT’–> Software–>Microsoft–>Windows–>CurrentVersion–>Run
i. Remove suspicious files as mentioned above
ii. Do this for EVERY user
- Go to HKEY_LOCAL_MACHINE–>SOFTWARE–>Microsoft–>Windows–>CurrentVersion–>Run
i. Remove suspicious files (be EXTRA careful here as some of these files are necessary for system files to run at startup. Again, if not sure, take it in for a professional cleanup!)
- Go to HKEY_LOCAL_MACHINE–>SOFTWARE–>Microsoft–>WindowsNT–>CurrentVersion–>WinLogon
i. Double click on ‘Shell’ and make sure it ONLY says ‘explorer.exe’. If there is anything after it, delete it!
ii. Double click on Userinit and make sure it ONLY says ‘C:Windowssystem32userinit.exe,”. If there is anything after it, delete it!
7) Lastly, do a quick file cleanup
- Go to C:WindowsSystem32
i. Sort by Date Modified – click twice so you see the most recent date on top
ii. Going from the date you got infected (hopefully you are doing this the same day or the next day) remove any files which look suspicious (yet again, if you don’t know what you are doing, take it to a professional!)
- Go to C:Windows and do as above but look at folders as well as files
- Delete cookies and temp files (any self-respecting geek knows how to do this already)
So by now you have:
1) Made your files viewable and usable again
2) Removed the virus and any associated viruses or malware through using the recommended software
3) Removed registry entries to prevent anything bad from loading on startup and thus re-infecting your machine
4) Removed any negative system entries which may also be contributing to the problem.
You might have even discovered you had other spyware, malware or viruses you didn’t know about throughout all this. But if you did everything correctly, you should be clean. If not, now is definitely a good time to take the computer in for a professional cleanup as your machine likely has bigger problems than you were aware of. Good luck!
**Please note that running these commands will make EVERY file on the system viewable and editable, including previously hidden system files you shouldn’t mess with. Use extreme caution when working with files after doing this. If you aren’t comfortable with this, consider paying for a professional cleanup.
Avast has launched Avast Antivirus 6.0. The new version has a lot of improvements and features. New features include:
- AutoSandbox – execute suspicious files in an environment isolated from your system
- Website reputation system (WebRep) – community-based gauge that informs you of what other avast! users think of the website you’re visiting
- Three scan modes available in the new version- three regular ones (Quick, Full and on demand) as well as the possibility to check removable drives
The avast! antivirus is available for download free of cost for all. This is one AV tool which comes with tons of features and still offered as free.
Download avast! antivirus 6.0
GFI VIPRE Antivirus is one of the best solutions available in the market regarding operating systems security. With a lot of versatility, GFI VIPRE offers tons of options and configurations to deploy on client or server machines, plus is very simple to install.
Operating systems security against malware and virus is a key factor in every organization, even though most small or mid-size companies avoid this matter. GFI VIPRE Antivirus provides the simplicity and scalability any company should be looking for in security solutions.
Some of the most important features included in GFI VIPRE Antivirus are:
Simple installation and environment configuration: The platform does not require complex configurations. For a complete detailed step-by-step check this link.- Centralized management: Central console to administer all your clients and the possibility to delegate read-only permissions to operators.
- Easy deployment: Fast and several options to discover machines, plus automatic deployment included. If clients are not available, MSI manual installation can be used.
- Scalability: You can configure different sites and different policies that will be handled by GFI VIPRE Antivirus, making possible to protect all necessary computers with different options among them.
- High compatibility: Windows 2000 SP4 or newer operating systems are supported as client machines (Windows 7 included of course).
- Flexible reporting: Vast options to configure reporting within your environment.
- Very low resources necessary: GFI VIPRE Antivirus represents one of the antiviruses that require a very small portion of your machine resources, making it completely silent and transparent to users.
Here’s a comparison from the most used antivirus and the CPU usage when a scan is running:
As a quick reference, here’s an overview about the process of implementing GFI VIPRE Antivirus (detailed step-by-step here):
- Review requirements for server and client machines.
- Define the type of machines and the behavior you would like to be present in the antivirus software, depending on the machine category.
This will be represented in the policy we can configure for each category we decide (for example: mobile computers will have a more restrictive policy than the workstations).
- Install GFI VIPRE Antivirus.
- Create and configure system policies to apply agent machines.
- Add agents and validate VIPRE installation. The platform provides the possibility for automated installation and of course manual.
- Run a manual scan in agents to validate current health status of your clients. Automatic scans in agents can be configured but we can also trigger manual scans whenever we need.
- Generate reports using Report Viewer.
- Configure any additional sites and permissions for different type of users. We can have simple operators to the platform using the GFI VIPRE console.
You can download the free trials for GFI VIPRE Antivirus in this link.
WobZip is a very useful web app which we can use to simply upload a compressed file, considering all common formats (including ISO), and the web app will do all the work: Uncompress and scan for virus.
Did you ever receive a compressed file in a computer which didn’t have, for example, WinRAR? If that was a .rar file you know that you did not have any other option but download the tool to access those files. WobZip avoids using any software, just access the site, upload and download the uncompressed files.
Here are some of the features:
- Completely free.
- Antivirus scan included. BitDefender engine.
- 100MB file size supported.
- Formats: 7z, ZIP, GZIP, BZIP2, TAR, RAR, CAB, ISO, ARJ, LZHCHM, Z, CPIO, RPM, DEB and NSIS
- You can uncompress a file from your computer or directly from a URL.
Even though this is an amazing and free tool, still is a little buggy.
OESIS OK presented an interesting report about antivirus software and their current market share. Within this report some important, and some surprising, facts were revealed. Take a look.
This is the report regarding most used security applications:
OESIS OK presents as a company for “Antivirus interoperability certification software testing”, that means they are continuously evaluating the antivirus market share and the possibilities behind it. Here are some of the quick facts about this report:
- 42% of antivirus and security tools installed are freeware. They say “It would appear that end users have as much faith in the ability of free antivirus applications to keep them secure as they do paid antivirus”.
- Avast Free is the most popular application with 11.45%.
- The list of free antivirus and applications completes with: Avira Antivir Personal (9.19%); AVG Free (8.6%) and fourth Microsoft Security Essentials with (7.48%).
- Regarding paid applications: Avast with 5.54%; Kaspersky with 4.48%; Norton with 4.24% and finally ESET NOD32 with 3.84%
A PDF version of the complete report can be found here.
This is also the graph of the distribution of the market share regarding vendors:
You know those trial versions we usually download and install… did you ever wonder what are these guys thinking?
Well, Doghousediaries have the answer:
Microsoft has been working for a long time now in giving a good and reliable antivirus platform for all users. And when I say “for all users” I mean a free one. Seems that the dream is about to become true today: Microsoft Security Essentials will be release to the public as the free antivirus solution from Microsoft.
Microsoft Security Essentials will be replacing Windows Live OneCare as the security suite for viruses and malware. The suite can be installed in Windows XP, Vista and 7; and seems that already has a good review about the protection you can achieve, by giving you a shield for 97,8% of the existing malware in the web.
On the other side, some of the other reviews this antivirus platform has received so far say that the engine inside it is a little bit slow and intrusive with other applications.
And of course, leaders from other security solutions already are trying to tear this solution down, like McAfee: “will compete against other free solutions by offering limited security functionality”; or Symantec saying it is a “thin defense” and not giving you any type of antispam or identity safeguards.
Let people decide then.
As we announced earlier, WordPress released their new version: 2.8, that has big performance improvements. Even though this feature isn’t brand new, it is a nice option that you can give it a try: WordPress Antivirus Plug-In.
The plug-in has a new version, 0.4, that appeared a few days back and it already includes compatibility with the latest WordPress version.
So what exactly a blog antivirus can do? You may ask. Well, this plug-in can help you out on monitoring possible platform vulnerabilities, virus injections, malicious links inserted, etc. Includes also features like email notifications and whitelisting.
The installation process it’s the same as every WordPress plug-in:
1.Download AntiVirus plugin
2.Unzip the archive
3.Upload the folder antivirus into ./wp-content/plugins/
4.Go to tab Plugins
5.Activate AntiVirus
6.Edit settings
7.Ready
WordPress users and webmasters always find the need to keep a good eye on the deployed platform in case any vulnerability appears and, if that happens, just pray for a quick hotfix. It’s nice to have a quick option that can help you be more proactive about the health of your deployments.
