Tag Archives: Antimalware

Is Cyberdefender a Scam?

no-go-ico On March 24, 2010, lawyers representing the Cyberdefender Corporation issued a ‘take-down’ notice to Allen Harkleroad. The take-down notice claims that Allen published false and potentially defamatory articlesabout their product and sales practices.

The Contenders:

Cyberdefender is advertised as an easy solution for PCs that are running slow or are infected with spyware or adware. You may have seen the television advertisements for MyCleanPC.com and DoubleMySpeed.com. Visits to both of those websites will prompt you to install Cyberdefender software. It looks like Cyberdefender is the owner of both of those sites.

Allen Harkleroad is a well known consumer advocate, who has taken on some pretty big names in business, such as Dell, AMD, ATI, UPS and FedEx, to name a few.

The Contention:

Allen claims that Cyberdefender is a scam and has posted several articles in his websites, supporting those claims. Here’s one of them:

Beware of MyCleanPC.com and DoubleMySpeed.com Same Scam, Same Company

Here is a copy of the legal take-down notice from Cyberdefender’s lawyers:

CyberDefender Corp, MyCleanPC, DoubleMySpeed and Catanese and Wells

At one point, Allen says that he:

I installed the MyCleanPC software on a fully patched Windows XP machine that I rarely used just to see what happen. Other than installing software I use nothing else had been installed and no software had been uninstalled on the machine. It does have anti virus software on it. The CyberDefender software found over 3,000errors on a machine that runs perfectly fine, never had software uninstalled and rarely was on the Internet.

I’ve heard others claim that Cyberdefender isn’t worth the asking price. I decided to try it myself. I used Microsoft Virtual PC, with a copy of the IE6 test virtual machine. This allows me to run a clean, new, fully patched copy of Windows XP. It doesn’t have anything installed on it, not even an anti-virus program. The advantage to using a virtual machine is that I don’t have to worry about messing up a real computer.

Below, I have created a short slide show, which gives the results of my simple test.

Go here if you can’t see the embedded slideshow.

Conclusion:

Let the buyer beware. If I see over 300 errors reported on a clean PC, I have serious doubts and would never buy the software.   What do you think about DoubleMySpeed and MyCleanPC? Would you buy them?


Microsoft Security Essentials 1.0 – the best security solution??

Microsoft Security Essentials 1.0 is one of the best security packages available according to the renowned anti-virus software tester AV-comparatives. These tests are performed periodically by AV-comparatives on the numerous security solutions available.

The security software are tested basically by subjecting them to a plethora of viruses,worms,trojans etc observing how many are detected and also on the number of false positives. Also one of the most important tests is the proactive threat detection test which judges a softwares ability to detect new malware.

It was able to detect 59% of the viruses,trojans and worms thrown showing a respectable detection rate in the proactive detection test. This security package however truly made its mark in the false positives test showing only three false positives while many paid products showed over fifteen.

Its greatest advantage is that its free unlike most other security products which are paid, and their free versions are not that good. To use Microsoft Security Essentials 1.0, the only requirement is to have a genuine Windows operating system. The rest is free.

For more information : click here

To download Microsoft Security Essentials 1.0

Quickly Scan Any File with 40 Different Antivirus Engines

VirusTotal-icoThere are several online services that will allow you to check files for viruses or malware by uploading the files from your computer. One reason you might use one of these services is that you have downloaded a new program and you want to know if it’s safe to install on your computer. One of the services that I use most often is called Virus Total’.

Virus Total is a free, independent service that will analyze uploaded files with around 40 different antivirus engines. Here is the current list:

AhnLab (V3)
Antiy Labs (Antiy-AVL)
Aladdin (eSafe)
ALWIL (Avast! Antivirus)
Authentium (Command Antivirus)
AVG Technologies (AVG)
Avira (AntiVir)
Cat Computer Services (Quick Heal)
ClamAV (ClamAV)
Comodo (Comodo)
CA Inc. (Vet)
Doctor Web, Ltd. (DrWeb)
Emsi Software GmbH (a-squared)
Eset Software (ESET NOD32)
Fortinet (Fortinet)
FRISK Software (F-Prot)
F-Secure (F-Secure)
G DATA Software (GData)
Hacksoft (The Hacker)
Hauri (ViRobot)
Ikarus Software (Ikarus)
INCA Internet (nProtect)
K7 Computing (K7AntiVirus)
Kaspersky Lab (AVP)
McAfee (VirusScan)
Microsoft (Malware Protection)
Norman (Norman Antivirus)
Panda Security (Panda Platinum)
PC Tools (PCTools)
Prevx (Prevx1)
Rising Antivirus (Rising)
Secure Computing (SecureWeb)
BitDefender GmbH (BitDefender)
Sophos (SAV)
Sunbelt Software (Antivirus)
Symantec (Norton Antivirus)
VirusBlokAda (VBA32)
Trend Micro (TrendMicro)
VirusBuster (VirusBuster)

They keep those engines up to date with the latest virus signatures, and they also offer detailed results from each engine in their reports. Virus Total is available in nearly two dozen languages.

To use this service, you simply visit the web page, click on the file upload button, select the file and wait for it to upload. Once the file is uploaded, you will often have to wait a few minutes for the scan results to appear. If you think that sounds pretty easy to do, you are correct. However, Virus Total now offers an even easier method, the Virus Total Uploader.

After you install the Virus Total Uploader [Windows Only] on your PC, you can right click on a file, then Send tothe Virus Total site.

virus-total-uploader-context-sendto-menu

After a few seconds, your web browser will open up to show you the results of the antivirus tests from Virus Total.

That’s not the only trick that the Uploader has for you. When you launch it from your Start menu, you’ll see three other upload options in it’s interface:

virus-total-uploader-main-interface

  • upload a file by choosing it’s process name
  • select a file by browsing to it’s location
  • type in the URL of a file on the web

Go to the Virus Total Uploader page to get it.

Techie Buzz Verdict:

Having a good antivirus program installed on your PC is a must have. The ability to double check files using 40 different antivirus engines is not required, but it sure is nice to have. If you’d like to try this application, I recommend it.

techiebuzzrecommendedsoftware1

Techie Buzz Rating: 4/5 (Excellent)

How to Find Out Who Is Spying On You

spying-on-you[Windows Only] Today, I found out that my computer at work had a trojan infection. Most of my co-workers would never have noticed the bug, but a little luck and the right tools made my discovery possible. Since I discovered the infection early, I was able to quickly  remove the malware. Do you know if evil computers are connecting to your PC? If you really want to find out, I recommend that you try two utilities from NirSoft.

Download and Install:
CurrPorts and IPNetInfo are both portable applications that are offered as ZIP files. You can unpack these ZIP files anywhere on your hard drive or even onto a flash drive to use them. CurrPorts and IPNetInfo work best if you put the files from both programs into the same folder. After I downloaded and unpacked them,   I ended up with the following files in my CPorts folder.

currports-file-list

Run CurrPorts:
You can run CurrPorts by launching the cports.exe file. It will scan your computer and display a list of processes on your PC that are using the network and internet connections. The list contains the following columns of information on each connection.

Process Name *
Process ID
Protocol
Local Port
Local Port Name
Local Address
Remote Port
Remote Port Name
Remote Address *
Remote Host Name
State
Process Path *
Product Name
File Description
File Version
Company
Process Created On
User Name
Process Services
Process Attributes
Added On
Module Filename
Remote IP Country
Window Title

Search the information:
The most important columns to pay attention to are the columns described below.

Process Name is the name of the program or service on your PC that is making the connection.

Process Path tells you where the program or service is located on your hard drive. It’s important to know this location if you suspect that you have a spyware, virus or trojan infection.

Remote Address is a set of numbers that is often called the “IP Address”. This address is needed to identify the computers connected to you by the internet.

Many of the connections you’ll see won’t even have a remote address and you don’t have to pay as much attention to them. In order to unclutter the list and concentrate on the remote IP addresses, you can use the Options menu and uncheck the item labeled “Display Items without Remote Address“.

currports-display-options

Identify WHO IS connecting:
Now that you have some IP addresses displayed, you can find out more about them by using NifSoft’s IPNetInfo utility. When you right click on any remote address shown in CurrPorts, you can find out more about it by choosing the IPNetInfo option. IPNetInfo will pop up and give you the WHOIS information if it’s able to.

currports-with-ipnetinfo

Here’s an example of the WHOIS info for a Google page in Internet Explorer.

ipnetinfo-report

IPNetInfo.exe can be run all by itself by launching the ipnetinfo.exe file. When it’s running this way, you will have to paste in the IP Addresses manually to initiate WHOIS searches.

Stop the Spies:
Once you’ve identified all the owners of those remote IP addresses, you should have a better idea about who they are. You can usually find out more about them by using the company name in an internet search. If you are still suspicious that the IP addresses you are seeing are from the bad guys, you can check in several places to find out if they are on a watch list. I recommend that you search for malicious addresses at hpHosts. Just paste the remote IP address into the search box.

If you’ve identified a connection you don’t want, you can right click on entries in CurrPorts and either “Close” the connection or “Kill” the process on your PC. If you have a process running on your machine that continues to connect to IPs that are suspect, you should probably save an HTML report as shown below, then run an Anti-Virus and Anti-Spyware scan. I recommend using MalwareBytes or one of the other good free spyware removers. If that doesn’t do the trick, get some help from one of the Anti-Spyware forums. I always visit Temerc.com‘s forums when I need help.

If you wish to ask me about some of your remote connections, you can select one or more items in CurrPorts, click on “View” > “HTML Report – Selected Items”. When the report pops into your web browser, you can copy and paste the information into the comments below this article. You can also save the report from your browser using the File > Save menu.

V

Have a good day and surf safely!

New Free Virus Removal Tool from McAfee – Fake Alert Stinger

flying_wasp [Windows Only] McAfee is well known for it’s antivirus software, and you usually have to pay for their protection. They offer the free Stinger tool to help people clean out PCs that have been crippled by virus and trojan attacks.

fake-alert-scanner

There is no installation required. Just download it and run it. It works on all Windows PCs as far as I know.

I normally download a fresh copy of Stinger onto a USB flash drive or CD before I go off to help my friends with bug problems.

In addition to the standard Stinger, there’s a new version of Stinger out now called FakeAlert Stinger. It’s designed to specifically target multiple varieties of the FakeAlert trojans, such as, Kryptik, AVP Security, Fakespypro, Winwebsec, Antivirus Soft and XPSpy.

FakeAlert applications are a form of ScareWare that pop up fake warnings which attempt to trick you into running their scans and buying their premium products. It’s a huge money-making scam that’s been very effective against new PC users.

Download McAfee Stinger and FakeAlert Stinger

Notes: There are many other antivirus and anti-malware tools that can help you clean up an infected PC. Last year, Keith wrote about an application which will Remove Fake Antivirus from Your System. If all else fails and the PC is really trashed, I’ve got an article describing how to Run AntiVirus on a PC That Will Not Boot.

Techie Buzz Verdict:

techiebuzzrecommendedsoftware1 There are two versions of McAfee Stinger. Both are very good, and there’s no reason not to use both of them when you need to clean up an infected PC. I have used Stinger for years and I’ve never had an issue with it. I only wish it was Open Source, so that more people could contribute to it’s effectiveness.

Techie Buzz Rating: 4/5 (Excellent)

Download a-Squared Anti-Malware Free on November 11th

A-squared Anti-malware is a very popular application to keep viruses, malware and spyware away from your PC. The software also provides users with real-time protection against signature and behavior based malware.

a-squared_anti_malware_free

A-squared Anti-Malware is priced at $40 for a single PC license, but you can download it for free on November 11th, thanks to a organized by the creators of the software.

Emsisoft will be giving away free copies of a-squared Anti-malware on 11th November at 11:11 Central time. The giveaway will be valid for 24 hours during which users can download a copy and get a free license for one year. To download your free copy, visit the a-squared giveaway page.

[via JK Web Talks]

Download IObit Security 360 Pro for Free

Looks like Santa Claus has arrived earlier this year. We have seen many popular software companies giveaway paid softwares for free. IObit the creators of the popular malware and spyware removal tool, are also offering a free license of IObit Security 360 Pro for Free.

iobit_security_360_pro_free iobit_pro_free_license

IObit Security 360 PRO is an advanced malware & spyware removal utility that detects, removes the deepest infections, and protects your PC from various of potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers.

IObit Security 360 Pro usually sells for $29.95. However, users will be able to download a full version of the software with a free license till November 11th, 2009. No free technical support will be provided for the software.

Download IObit Security Pro 360 Free [Link disabled due to allegations by Malwarebytes against IOBit]