RSS Feeds

Tuesday, March 30, 2010

Do Anti-Virus Companies have hope?

I got this article emailed to me from Technet.

To start, let’s define antivirus protection. Simply put, it’s software that prevents malware from infecting computers. If that’s agreeable to you, I then have to ask why computers protected by antivirus apps are still getting infected.

To explore this further, I enlisted the help of Rick Moy, president of NSS Labs, a company with the following charter:

“NSS Labs performs expert, independent security-product evaluations to assist end-user organizations in selecting the right security products for their environment.”

I initially learned about NSS Labs while doing research for a piece about browsers and their ability to fend off malware.


http://blogs.techrepublic.com.com/security/?p=3360&tag=nl.e036

I think this article is great and hits the nail on the head. The number 1 reason infections occur is because of un-educated computer users. They see popups while trying to run a program and just want it to run so they OK everything and let malware run without knowing it.

Friday, March 26, 2010

AVG Bootable USB Rescure Media Images

I managed to boot via USB in VMWare Workstation. These are the images I have of the AVG Bootable rescue software.

Start Screen


Update Screen


Main Screen


From here its pretty self explanatory. Each item has a description. You move the arrows up and down to select which command youd like to run and left and right arrows to select your yes, no, agree, disagree items. It allows you to configure net access with DHCP, view previous scans, and update the virus database.

Scan Options for Volume and Directory


Scan Windows


Scan Results Page

Thursday, March 25, 2010

AVG USB Tutorial



To install this to a USB drive the USB drive needs to be formatted in the FAT file system.

Copy all files to the USB drive after its formatted and make sure they are in the root drive like the above screenshot shows and then run the makeboot.bat. It will do its thing. If you run makeboot.bat on the HD it will destroy the operating system MBR and will render your OS unbootable.

Next you have to make sure the PC can boot from CD or USB via the BIOS info. Generally the BIOS info can be accessed via F10 or F2 depending on PC manufacturer. Once that is taken care of save and restart the PC and hit the escape key to choose the boot drive and select the AVG USB. From there on out its pretty much a DOS/Command Line utility which can be navigated with the arrow keys and the enter key.

Wednesday, March 24, 2010

Windows Start Button Changer v2 Released

Download link here:

http://www.thewindowsclub.com/downloads/W7SBC.zip

Changes as follows:

UPDATE: 21.03.10. Windows 7 Start Button v 2.0 has been released. The update fixes some minor bugs and eliminates the use of the file “r.exe” which was required in v 1.0. It is now a stand-alone single .exe file.


For some Start Orb Collections visit these two posts:

http://pc-babble.blogspot.com/2010/03/windows-start-orb-collection.html

http://pc-babble.blogspot.com/2010/03/new-windows-start-orbs.html

New Windows Start Orbs





Ive collected some more Windows Start Orbs for use with the Start Orb Changer located here:

http://pc-babble.blogspot.com/2010/03/windows-start-button-changer-v2.html

and the rest of the collection here:

http://pc-babble.blogspot.com/2010/03/windows-start-orb-collection.html

The new collection can be downloaded here:

http://www.mediafire.com/file/g5ndw2yrvmt/StartOrbsCollection2.rar

New AVG Rescure CD

AVG has just released a FREE rescue CD. It can be used to fix issues with Windows 2000 and up, and is not Linux compatible. It can be downloaded and burned to CD or used on a USB drive. Its roughly 69.2Mbs for the USB version and 69.3Mbs for the CD ISO image.

Heres a list of features:

powerful toolset for rescue & repair of infected machines.

The AVG Rescue CD is a powerful must-have toolkit for the rescue and repair of infected machines. It provides essential utilities for system administrators and other IT professionals and includes the following features:

* Comprehensive administration toolkit
* System recovery from virus and spyware infections
* Suitable for recovering MS Windows and Linux operating systems (FAT32 and NTFS file systems)
* Ability to perform a clean boot from CD or USB stick
* Free support and service for paid license holders of any AVG product
* FAQ and Free Forum self-help support for AVG Free users


http://www.avg.com/us-en/avg-rescue-cd#tba2

Comodo Firewall Thoughts

Its layout is the same, but the latest version seems to have a refreshing new look. I was using ZoneAlarm Pro and it caused major lag within the operating system (Win7 x64 Pro) and with Firefox. After switching to Comodo I get a decent balance.

One of the reasons ZAPro was causing lag was its resource usage. Comodo doesnt have nearly the issues and it seems lighter than the older version I had used about a year ago.



The plus side of Comodos Firewall is its free HIPs. Its HIPs test has scored 100% in Matousecs ProActive security test (The 84 tests version not 184):

http://www.matousec.com/projects/proactive-security-challenge/results.php

Its got a fairly nice and straight forward layout with plenty of options. It offers ARP Cache protection, protocol analysis, the ability to stealth ports, the ability to see EVERY single program that has inbound or outbound traffic and what ports are associated, it even has HIPS protection if you chose to turn on the Defense+ portion of the software.

Im not going to conduct my own leaktest on the firewall as Matousec has already done so. I would use the Comodo leak test, but clearly their software has been written to pass it. Ill just post some screenshots of the new layout.




Saturday, March 20, 2010

iCare Data Recovery Give Away - Limited Time

Recently EASUES was given away for a 3 day period and it has expired. Now iCare Data Recovery is being given away for a limited time incase you missed the first one.

iCare Data Recovery Software is dedicated in most frequently data loss like formatted hard drive, MBR (Mast Boot Record) corrupted, bad boot sector, drive inaccessible, partition unreadable, partition deleted, software operation failure like Partition Magic caused data loss, Ghost failure, virus attacked, etc.


Download Link:
http://wikisend.com/download/449172/icare-data-recovery-special.exe

License Code:
2K1XB2X964MPHOCJ8M1RYIJF0OVHFOFH

NOTE: This code only works with the special edition download above.

System Requirements:
Windows 2000 through Vista including server editions, NO Win7 yet.

iCare Tutorials:
http://www.icare-recovery.com/drs-features-tutorial.html

If the above download link goes down I have it uploaded to Mediafire with the key in a .txt file. Something that can unpack .rar files will be needed.

http://www.mediafire.com/file/wnmknzmmjzk/iCareDataRecoverySE.rar

Thursday, March 18, 2010

[EXPIRED]-EASEUS Data Recovery Wizard FREE for 1 Day

There is 1 day left of this 3 day give away where you can get EASEUS Data Recovery Wizard for free.

EASEUS Data Recovery Wizard is an advanced Data Recovery Software to Format Recovery, Partition Recovery, and Recover Deleted Files emptied from the Recycle Bin or restore data lost due to software crash, virus attack, etc. It offers users with quick scan, easy and safe data
recovery.

Features:
Recover deleted or lost files emptied from the Recycle Bin.
File recovery after accidental format, even if you have reinstalled Windows.
Get data back from RAW hard drives.
Get back files after a partitioning error.
Disk recovery after a hard disk crash.
Recover office documents, photos, images, videos, music, email, etc.
Support FAT12, FAT16, FAT32, NTFS/NTFS5 file systems.

http://majorgeeks.com/EASEUS_Data_Recovery_Wizard_-_3_Day_Giveaway_d6421.html

Wednesday, March 17, 2010

Iolo Firewall Personal Now Free

Iolo may sound familiar to you. Thats because they are the company that created System Mechanic Pro which is widely known.

Iolo's personal firewall is in its EOL (End Of Life) stage and is now free. What this means is that you will no longer get support from Iolo. Support ended in December of 2009, but the product will be available for free until December 1, 2010.



Heres Iolos EOL terms:

http://www.iolo.com/customercare/kbarticle.aspx?id=KBA-02168

You can only get this if you enter your personal information. It arrives via downloadable content to your email. Heres the link to get the registration started:

http://www.iolo.com/fw/1/purchaseinfo.aspx

Tuesday, March 16, 2010

2009 - Year of the Cyber Criminal







These pictures have been taken from the Internet Crime Complaint Center (IC3). Here you have access to the latest IC3 reports. These images have been taken from the 2009 report.

As you can see the crime report rate went up in 2009 compared to previous years. The most money was also lost to internet crime in 2009 compared to previous years.

36.7% of reported money loss was between $100 and $999.99. The next biggest chunk of money lost wasbetween $1000 and $4999.99. That accounts for more than half of the money loss reported in 2009. The average age of complaintes came from 40-49 year olds with 22.7% and the next closest only .4% behind accounts for ages 50-59. Only 3% of monetary loss came from people 20 years old or less and only 19% came from people 20-29 years old.

I think the biggest reason for the gap in money loss and age is definitely a technology gap in the generations. The younger generations are getting taught about this sort of thing as early as middle school and at the same time the age group from 40-59 has to learn about this on their own.

http://www.ic3.gov/media/annualreports.aspx

Monday, March 15, 2010

5 Frewall Files: 5 Apps for Advanced Malware Removal

Credits go out to MaximumPC who put this article together.

http://www.maximumpc.com/article/features/freeware_files_five_apps_advanced_virusmalware_elimination

There are a few changes Id make to their post however and a few side notes.

Combofix will only work on x86 systems.

Avira is good, but Id use something along the lines of Hirens Boot CD where it offers more than virus removal in the off chance that it destroyed something other than system files. If your going to waste a disc you might as well use more space with more tools.

Returnil is also good, but if you cant be bothered to reboot then Id use Comodo Time Machine. You can read about that here:

http://pc-babble.blogspot.com/2010/02/comodo-time-machine-ctm.html

Overall MaximumPC compiled a good list and the tools of choice are at user discretion.

Avast Anti-Virus v5 Free

I recently switched from VIPRE 4.0 because of the built in firewall issues. Besides those issues it was great. A link to that review can be read here:

http://pc-babble.blogspot.com/2010/03/sunbelt-vipre-40-released.html

Now after switched to Avast AV Free I had to find a firewall. The Windows 7 firewall doesnt cut it for me. It doesnt offer enough popups letting me know whats trying to go out or whats coming in. Having been a user of ZoneAlarm Pro I decided to check that out as well. Low and behold they offer a free version of their firewall as well.

Heres a short clip on Avasts v5 Free detection tests. Its important to note that only the behavior and file system shields were on and all options were left at default settings.

Credit goes to AlexDBR from Wilders Security for this video.

video

Now with that video it missed 4 infections on default settings and only 2 of the modules installed. If you bump up the heuristic detection from Normal to High in the webshield settings you should be fine. This is where I like Avast v5 Pro over Free. The Pro version offers "Process Virtualization" of programs that you select. Dont let Avasts naming convention fool you. Its a sandbox environment that the AV allows you to run select programs in. Naturally you would want to include your web browsers. The Pro version also has a scripts shield which is good if you use an x86 system or Internet Explorer only. From their page the Scripts Shield: Detects malicious scripts hidden in internet web pages and prevents them from running and hijacking or potentially causing damage to your computer (Internet Explorer only, 32-bit only).

Now I cant comment personally on detection tests here since I rarely come across a virus on my own machine. I can link you to Malware Research Groups test with Avast.

http://malwareresearchgroup.com/?page_id=2

Out of 30 samples Avast Free v5.0.396 (Old version) detected 99.2% of the samples. As noted on their site this test was also done with default settings. Out of the 30 samples Avast detected 22 of them.

Now a few quick notes. Boot time scanning is not available in x64 systems online in x86. The Avast Process Virtualization works on x86 and x64 systems which is unique for Sandboxing programs. Script shield only works with Internet Explorer and x86 systems.

Screenshots (Note: These are from Avast v5 Pro):








Wednesday, March 10, 2010

New Banner

A good friend from another forum had some spare time and did this up for me.



Her blog can be found here:

http://harley.byethost22.com/blog/

Thanks Harley!

Tuesday, March 9, 2010

Windows Start Orb Collection

Here is a collection of my favorite Windows Start Orbs for use with the Windows Start Orb Changer.

The Windows Start Orb Changer utility can be found here:

http://pc-babble.blogspot.com/2010/02/windows-start-button-changer-v1.html

Download:

http://www.mediafire.com/file/3nirgzo1td3/StartOrbs.rar

Previews of whats in the package:






Microsoft Warns Dont Press F1

With any luck, millions of Microsoft Windows computers should get a patch this Patch Tuesday for a VBScript vulnerability that could allow a remote attacker to take over the computer. So far, it seems that there are no exploits in the wild, as noted in Microsoft’s security advisory:

Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.


http://blogs.techrepublic.com.com/security/?p=3259&tag=nl.e036

Wallpapers

Ive compiled a few .zip archives of some Vista, Windows 7, and random wallpapers. Here they are:

Windows 7 Wallpapers: http://www.mediafire.com/file/uyuzn4zj1ky/Windows7Wallpapers.zip





Windows Vista Wallpapers: http://www.mediafire.com/file/ntt0wmvym5i/WinVistaWallpapers.zip





Random Wallpapers: http://www.mediafire.com/file/3oyulywrogt/RandomWallpapers.zip






Monday, March 8, 2010

Sunbelt VIPRE 4.0 Released

I was lucky enough to get in on the Twitter give away for 1 year free of Sunbelt VIPRE 4.0 Anti-virus Premium security suite which includes a firewall, anti-virus, HIPs, web filtering, email protection, process protection, and a few other tools such as file shredder, and browser tracks cleaner.

Here are some of the features of the new Anti-virus and the AV Premium Suite.

http://www.sunbeltsoftware.com/Home-Home-Office/VIPRE-Antivirus-Premium/

Stem requirements are as follows:

System Requirements

* Windows Server 2008 (32/64-bit)
* NEW: compatible with Windows 7 (32/64-bit), and also compatible with XP mode in W7. License applies per machine, no extra license needed for XP mode.
* Windows Vista+ (All flavors) 32 and 64-bit
* Windows Server 2003 (32/64-bit)
* Windows XP SP1, SP2, SP3 (Home, Pro, Media Center, Tablet) 32 and 64-bit
* Windows 2000 SP4 RollUp 1
* A minimum of 512MB RAM
* Supported Email Applications: Outlook 2000+, Outlook Express 5.0+, Windows Mail on Vista, and SMTP and POP3 (Thunderbird, IncrediMail, Eudora, etc. We support SSL only in Outlook and Outlook Express.)
* Installation of VIPRE is not supported on Windows 95, 98, NT, or ME, Macintosh or Linux


VIPRE 4.0 hasnt been tested yet with AV Comparatives so there is no telling where this AV rates among top competitors such as NOD32, KAV, and Avira Antivir. I can however link you to a forum of security specialists that have done some independent testing in virtual machines.

It has also passed VB100's testing which means no false positives and 100% detection in the test.



This test was done by AlexDBR of Wilders Security:

This test shows the web filtering security of VIPRE.

video

A direct link to this video can be found here:

http://www.youtube.com/user/unbreakable06#p/u/3/A5fucNCh2k0

Here are the screenshots:

















Firefox x64 Released

Firefox x64 has been released. Nothing more needs to be said. Heres the download link:

http://wiki.mozilla-x86-64.com/Firefox:Download

And the screenshots that everyone has to see:

http://wiki.mozilla-x86-64.com/ScreenShots

Tuesday, March 2, 2010

How to Use HiJackThis

Trying to fix a badly infected PC without HijackThis is sort of like going into surgery without a scalpel; it’s the only tool for the job when all other measures fail. New spyware strains and increasingly complex viruses emerge every day, and your PC’s immune system (i.e, antivirus software) isn’t always able to keep up. And if you’re performing emergency surgery on someone else’s PC, you may find that they didn’t have any AV software installed to begin with.

No matter how bad the infection, HijackThis gives you the means to dig deep into Windows to root out whatever it is that’s wreaking havoc. It’s not a cure-all, however, or even a cure-little. In fact, HijackThis doesn’t cure anything on its own. What HijackThis does do is give you a snapshot of the system’s registry and file settings, putting particular emphasis on the browser. It doesn’t discern between safe and malicious settings, so it’s possible to unintentionally inflict real harm if you don’t know what you’re doing. Follow along as we show you how to properly wield HijackThis.


http://www.maximumpc.com/article/howtos/how_root_out_stubborn_malware_hijackthis